ISP requires "SLAAC + DHCPv6", supported?



  • Hi,
    My ISP has just started a IPv6 pilot, and I'd like to try it out. The requirements state:

    Your router must support SLAAC+DHCPv6. That is, your router will have it's external IPv6 address via SLAAC, and then the router receives a prefix via DHCPv6.

    I've tried to set this up in pfSense, by setting my WAN interface to SLAAC, and then I get an address. However, I can't seem to configure prefixes on this configuration. Is it possible?


  • Netgate

    That sounds kind of hokey.  You might want to ask them if your prefix is static or dynamic.  If they answer dynamic, they are clueless.  They should be assigning you a static /48 or, if they're stingy/conservative, a /56.  But even if it's a single /64 you can use it - on one LAN segment - until they pull their heads out if it's assigned to you and automatically routed to your WAN interface.  Just ignore their DHCPv6 advice and configure it statically.

    IF they want to have you get your WAN interface address via SLAAC, that's ok I suppose.



  • Who is your ISP?



  • @Derelict:

    That sounds kind of hokey.  You might want to ask them if your prefix is static or dynamic.  If they answer dynamic, they are clueless.  They should be assigning you a static /48 or, if they're stingy/conservative, a /56.  But even if it's a single /64 you can use it - on one LAN segment - until they pull their heads out if it's assigned to you and automatically routed to your WAN interface.  Just ignore their DHCPv6 advice and configure it statically.

    IF they want to have you get your WAN interface address via SLAAC, that's ok I suppose.

    From some correspondence with their tech support, it's a /64. But as far as I can tell I'm not even able to get a prefix using the SLAAC setting in pfSense? If I'd choose DHCP6 instead, there are a bunch of settings for prefix size, but not for SLAAC. Right now for instance, I'm given <64 bits of ISP net>:20c:29ff:fef9:b914. That's not something I can use, right? There's "no space left" to delegate?

    @kejianshi:

    Who is your ISP?

    Small Swedish one



  • @carlpett:

    From some correspondence with their tech support, it's a /64. But as far as I can tell I'm not even able to get a prefix using the SLAAC setting in pfSense? If I'd choose DHCP6 instead, there are a bunch of settings for prefix size, but not for SLAAC. Right now for instance, I'm given <64 bits of ISP net>:20c:29ff:fef9:b914. That's not something I can use, right? There's "no space left" to delegate?

    Hmmm. Most ISP's work with prefix delegation, using your DHCP6 (PD) request towards them.

    Your prefix "location frontdoor number" is a /64, because you said: <64 bits of ISP net>. Then the last 64 bits are yours, which you can manipulate as you like.

    However, pfSense needs at least a /63 (ISP) prefix to make a /64 WAN and a different /64 LAN, based upon the first 64 bits.
    I.e. 2002:babe:face:6660::/64 and LAN: 2002:babe:face:6661::/64.

    So, I doubt if SLAAC(WAN) with SLAAC(LAN) or STATIC(LAN), and then next with SLAAC for LAN-clients, will work.
    Maybe with a DHCPv6server/RA for the LAN-side (where you specify the useable range for the last 64 bits).

    Or ask ISP for offering a prefix smaller than /64 (i.e. /62).


  • Netgate

    You shouldn't need to get a prefix from a dynamic source.  They should just route it to you and you should be able to configure it on your LAN statically.

    What happens if you set the WAN interface IPv6 config to DHCP6 but tell the DHCP client to only get a prefix, not an address?  Note that it is still asking for a prefix length that has to be provided by your ISP…

    ![Screen Shot 2014-09-28 at 1.49.29 PM.png](/public/imported_attachments/1/Screen Shot 2014-09-28 at 1.49.29 PM.png)
    ![Screen Shot 2014-09-28 at 1.49.29 PM.png_thumb](/public/imported_attachments/1/Screen Shot 2014-09-28 at 1.49.29 PM.png_thumb)


  • Netgate

    Nevermind.  I just tested it.  It looks like you can configure SLAAC or DHCPv6 on WAN but not both.

    I'm feeling a little out of my lane so I'm going to move right.


  • Netgate

    I guess I'm confused by the "Only request a IPv6 prefix, don't request a IPv6 address" checkbox.

    That setting is only available if DHCPv6 is selected as an interface type and there's no alternate way to set an IPv6 interface address.