Native iPv6 configuration
-
Hi,
My ISP (Internode) provides the following:
-
A dynamic /64 via a dual-stack PPPoE session.
-
A static /56 via DHCP6-PD.
Here's what I'm attempting to use.
I get a dynamic /64 from my ISP. I have v6 connectivity from the router (e.g. I can ping v6 addresses). The packets are being sent through my dynamic /64 address.
Getting my WAN NIC to track my LAN NIC results in a link-local address only. I am successfully able to statically assign an address, but I am not sure of the connectivity this provides my clients. When I use SLAAC/DHCP6 to serve addresses to my LAN, the clients are given a gateway of fe80::1:1, I am not sure why. I cannot find a way to provide a gateway address in the SLAAC settings. When I try to manually set the gateway on a client (to the statically assigned address out of my /56 that I gave the router) I do not get v6 connectivity.
Any ideas?
-
-
@Kye:
Here's what I'm attempting to use.
Native also means: nothing to do with IPv4…
Just use the /56 for configuring your IPv6 connection to world.
-
@hda:
@Kye:
Here's what I'm attempting to use.
Native also means: nothing to do with IPv4…
Just use the /56 for configuring your IPv6 connection to world.
I have already tried this. pfsense will not route v6 traffic from the LAN clients to the Internet, SLAAC/DHCPv6 also assigns a link-local router address to clients, which i don't think should happen.
-
@Kye:
Getting my WAN NIC to track my LAN NIC results in a link-local address only.
Is that a typo? It should be the other way around: The LAN needs to track the WAN.
@Kye:
I am successfully able to statically assign an address, but I am not sure of the connectivity this provides my clients. When I use SLAAC/DHCP6 to serve addresses to my LAN, the clients are given a gateway of fe80::1:1, I am not sure why. I cannot find a way to provide a gateway address in the SLAAC settings.
That is expected; gateway addresses in IPv6 are always link-local addresses. For some reason, pfSense insists on using that particular address, but it doesn't really matter (unless you need multiple routers on a subnet).
@Kye:
When I try to manually set the gateway on a client (to the statically assigned address out of my /56 that I gave the router) I do not get v6 connectivity.
Like I said, in IPv6, gateways always use link-local addresses. Also, make sure that your LAN-side prefix is a /64 (one of the 256 possible ones in the delegated /56), not the full /56, as otherwise SLAAC won't work. ("Track interface" will automatically set this up correctly, as long as your ISP actually gives you the prefix size you indicated.)
-
@Kye:
I have already tried this. pfsense will not route v6 traffic from the LAN clients to the Internet, SLAAC/DHCPv6 also assigns a link-local router address to clients, which i don't think should happen.
As already recommended, to be tested:
WAN config: DHCP6, DHCPv6 prefix = /64 and prefix hint = true, with LAN config: Track Interface, Prefix ID = 0
-
@hda:
As already recommended, to be tested:
WAN config: DHCP6, DHCPv6 prefix = /64 and prefix hint = true, with LAN config: Track Interface, Prefix ID = 0
Assuming the ISP always delegates a /56, setting the prefix size to anything other than that will confuse pfSense and cause radvd to not work. Since there really isn't any downside to it, I would strongly suggest leaving the prefix delegation size at /56; as I mentioned before, "track interface" will automatically do the right thing and pick a /64 out of that /56 for each tracking interface.
-
@hda:
Just use the /56 for configuring your IPv6 connection to world.
You can't just use an address from the delegated /56 for your WAN interface; the routing on the ISP side will be set up to route any traffic to the delegated /56 via an address in the (separate) prefix range assigned to the WAN.