IPV6 /56 allocation setup
-
Hi,
we have IPV6 /56 allocation from our provider.
core router (wan /127 (2 IPs one connected to isp gateway and the other on our wan core router
on our lan of the core router we have a /128 (4 ips on of which is on our pfsense firewallexample
Core Router wan IP: 2A00:xxxx:300C:2000::A79
Core Router wan gw IP: 2A00:xxxx:300C:2000::A78Core Router lan IP 2A00:2381:xxxx:5:21D:AAFF:FEB9:E562
PFsense IPv6 Wan IP: 2A00:xxxx:xxxx:5:21D:AAFF:FEB9:E561
from pfsense I can ping ipv6.google.com no problem.
on the lan side of the pfsense firewall I wanted to use
2A00:xxxx:xxxx:5:21D:AAFF:FEB9:F000 (prefix 120) however this is not pingable from the local pc unless I set this to /64
-
You should create the same type of scheme used to route the space from your ISP to you.
Pick a /64 from which to assign /127s. Assign a /127 to both your core router and pfsense.
Tell your core router to route one or more /64s out of the /56 to pfsense.
Assign those /64s to the proper interfaces.
Don't assign anything other than /64s to any interfaces. Subnets get /64s.
-
ah, found out the issue.
we have a /56 (256 IPv6 /64 blocks
so I have changed IP6v subnet on lan of pfsense from
2A00:xxxx:xxxx:5:21D:AAFF:FEB9:F000
to
2A00:xxxx:xxxx:4:21D:AAFF:FEB9:F000
I can now ping 2A00:xxxx:xxxx:4:21D:AAFF:FEB9:F000 from the internet
