PFSense behind Fiberrouter with IPv6
-
Hi there,
my pfsense is hooked behind my Fiberrouter and gets a IP4 and IP6 adress from it.
Fiberrouter:
WAN:
IP Address 100.64.128.2
Netmask 255.255.0.0
Gateway 100.64.0.1
DNS Server 1 127.0.0.1
DNS Server 2 185.22.44.50
DNS Server 3 185.22.45.50
IPv6 Address 2a00:XXXX:XXXX:200::1/64
IPv6 Address ::100.64.128.2/128LAN:
IP Address 192.168.1.254
Netmask 255.255.255.0
IPv6 Address 2a00:XXXX:XXXX:201:XXX:94ff:XXXX:1421/64
IPv6 Address fe80::XXX:94ff:XXXX:1421/64Setup of PFSense:
WAN
DHCP & DHCP6
Nothing else checkedLAN
static IP4
Track Interface
IPv6 Interface: Wan
IPv6 Prefix ID: 0vlan_999=WAN
vlan_10=LAN$ ifconfig re0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 options=209b <rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic>ether 00:e0:c5:33:4f:3d inet6 fe80::2e0:c5ff:fe33:4f3d%re0 prefixlen 64 scopeid 0x1 nd6 options=3 <performnud,accept_rtadv>media: Ethernet autoselect (1000baseT <full-duplex>) status: active enc0: flags=0<> metric 0 mtu 1536 pfsync0: flags=0<> metric 0 mtu 1460 syncpeer: 224.0.0.240 maxupd: 128 syncok: 1 lo0: flags=8049 <up,loopback,running,multicast>metric 0 mtu 16384 options=3 <rxcsum,txcsum>inet 127.0.0.1 netmask 0xff000000 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4 nd6 options=3 <performnud,accept_rtadv>pflog0: flags=100 <promisc>metric 0 mtu 33144 re0_vlan999: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 options=3 <rxcsum,txcsum>ether 00:e0:c5:33:4f:3d inet 192.168.1.245 netmask 0xffffff00 broadcast 192.168.1.255 inet6 fe80::2e0:XXXX:fe33:4f3d%re0_vlan999 prefixlen 64 scopeid 0x6 inet6 2a00:XXXX:XXXX:201:2e0:XXXX:fe33:4f3d prefixlen 64 autoconf nd6 options=3 <performnud,accept_rtadv>media: Ethernet autoselect (1000baseT <full-duplex>) status: active vlan: 999 vlanpcp: 0 parent interface: re0 re0_vlan10: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 options=3 <rxcsum,txcsum>ether 00:e0:c5:33:4f:3d inet 10.0.0.9 netmask 0xffffff00 broadcast 10.0.0.255 inet6 fe80::1:1%re0_vlan10 prefixlen 64 scopeid 0x7 nd6 options=1 <performnud>media: Ethernet autoselect (1000baseT <full-duplex>) status: active vlan: 10 vlanpcp: 0 parent interface: re0</full-duplex></performnud></rxcsum,txcsum></up,broadcast,running,simplex,multicast></full-duplex></performnud,accept_rtadv></rxcsum,txcsum></up,broadcast,running,simplex,multicast></promisc></performnud,accept_rtadv></rxcsum,txcsum></up,loopback,running,multicast></full-duplex></performnud,accept_rtadv></rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic></up,broadcast,running,simplex,multicast>On my windows 8.1 Client i get the following IPConfig
Ethernet-Adapter Ethernet: DHCP aktiviert. . . . . . . . . . : Ja Autokonfiguration aktiviert . . . : Ja IPv6-Adresse. . . . . . . . . . . : 2a00:XXXX:XXXX:201:XXXX:907e:XXXX:b134(Bevorzugt) IPv6-Adresse. . . . . . . . . . . : fd00::68bb:907e:XXXX:b134(Bevorzugt) Tempor„re IPv6-Adresse. . . . . . : 2a00:XXXX:XXXX:201:XXXX:3f82:XXXX:9905(Bevorzugt) Tempor„re IPv6-Adresse. . . . . . : fd00::4c88:3f82:2fc9:9905(Bevorzugt) Verbindungslokale IPv6-Adresse . : fe80::68bb:907e:3f38:b134%3(Bevorzugt) IPv4-Adresse . . . . . . . . . . : 10.0.0.201(Bevorzugt) Subnetzmaske . . . . . . . . . . : 255.255.255.0 Lease erhalten. . . . . . . . . . : Montag, 9\. Juni 2014 18:10:26 Lease l„uft ab. . . . . . . . . . : Montag, 9\. Juni 2014 20:10:25 Standardgateway . . . . . . . . . : fe80::XXX:94ff:XXXX:1421%3 fe80::1:1%3 10.0.0.9 DHCP-Server . . . . . . . . . . . : 10.0.0.9 DHCPv6-IAID . . . . . . . . . . . : 65860795 DHCPv6-Client-DUID. . . . . . . . : 00-01-00-01-1A-F2-9F-46-EC-F4-BB-2B-1D-1D DNS-Server . . . . . . . . . . . : 10.0.0.9 NetBIOS ber TCP/IP . . . . . . . : Aktiviertso the client gets fe80::1:1 as Gateway, which I can ping from my client.
But a ping or a tracert to an IPV6 Adress does not work. test-ipv6.com also fails.Due to my lack of IPV6 knowlegde i am not even sure if this might work at all.
Any help appreciated.
THX
Chaos
-
More or less exactly the same problem i have. Any solutions for you?
I see this is posted a few days ago.. And would be nice to figure this out :)
C
PS. If i connect my Windows computer directly to the fibre modem, i get ipv6 address and can use it without problems, so i know that it works.
-
If i set the WAN interface to DHCP6 and delegation size to 48 (according to my ISP), and LAN interface to "Track Interface:WAN", my WAN gets a address like this:
IPv6 Link Local fe80::202:1eff:fef2:8981%xl0 IPv6 address 2001:4610:a:b::xxx Subnet mask IPv6 128 Gateway IPv6 fe80::2a0:a50f:fc7a:8b00And my LAN gets:
IPv6 Link Local fe80::1:1%bge0 IPv6 address 2001:4641:7766:0:21a:a0ff:xxxx:xxxx Subnet mask IPv6 64And internal clients also gets a IPV6 address..
However, im unable to ping anything related to IPV6.
ping6 ipv6.google.com PING6(56=40+8+8 bytes) 2001:4641:7766::34cf:6c49:85df:9bb8 --> 2a00:1450:400f:803::1001 ^C --- ipv6.l.google.com ping6 statistics --- 3 packets transmitted, 0 packets received, 100.0% packet lossIve added a WAN firewall rule to allow IPV6 UDP Source Port:547 Destination Port: 546. I also added WAN rule to allow IPV6 ICMP.
What am i doing wrong? :)
C