[SOLVED] IPv6 'routing' issue (WAN <-> LAN)
-
For sure: Set block bogon network to False = uncheck
Your iface DT to WAN is OK & transparant, because you have your IPv4, right ?
Therefore IPv6 must be possible too. Just find out how(protocol pfSense-WAN) to get it from ISP.I would test to use config: dhcp6 & use IPv4 connectivity & prefix & delegation size =/48, if SLAAC doesn't yield.
Just experiment with the combinations. ;)
DNS servers go in: System: General Setup
-
@hda:
For sure: Set block bogon network to False = uncheck
DNS servers go in: System: General Setup
Ok i've disabled the bogon block, but i still can't ping6 from the pfsense node, ping6 from the LAN
side the gateway or external addresses time out and ping6 from WAN to the gateway doesn't work at all.
(Not even from the link-local address)@hda:
Your iface to WAN is OK & transparant. Because you have your IPv4, right ?
Therefore IPv6 must be possible too. Just find out how(protocol pfSense-WAN) to get it from ISP.Yes, IPv4 is working fine. On the draytek IPv6 must be set to PPP, i don't know in which way the
whole process differs to SLAAC if it does at all. But the link-local addresses look ok, it 'should' work.
Maybe after all the fiddling around with settings over the last 2 days i need a clean default setup
to start from the beginning (also the draytek box) and then it will all magically work out… -
If you changed the configs/interfaces/"fiddling", then a reboot of the pfSense will do.
You do not have to worry about the DT anymore, it is not relevant w.r.t. pfSense IPv6 config.
The pass-through/bridging works, just as with IPv4, it works for IPv6 too.You have to experiment with IPv6 pfSense-WAN config's, (including rebooting pfSense), to find out how the ISP wants to communicate for IPv6.
Even the MTU value matters for IPv6. (I work with 1492 on WAN & LAN).
-
I had very little time over the last 2 days but today i finally got it right, IPv6 is working.
The trick was to set the WAN interface config to 'None' for IPv6, i saw that after a reset to
default and no IPv6 configuration at all the WAN side got it's SLAAC address and
the correct ISP gateway address. After setting a static IPv6 on the LAN interface ping6
finally could reach external IPv6 addresses.Thank you for all your help and time on this!
-
Good for you :)
…
The trick was to set the WAN interface config to 'None' for IPv6, i saw that after a reset to
default and no IPv6 configuration at all the WAN side got it's SLAAC address
...Did you set pfSense-WAN to None for IPv6 and got a SLAAC working ???
-
@hda:
Good for you :)
…
The trick was to set the WAN interface config to 'None' for IPv6, i saw that after a reset to
default and no IPv6 configuration at all the WAN side got it's SLAAC address
...Did you set pfSense-WAN to None for IPv6 and got a SLAAC working ???
EDIT: I didn't mean SLAAC address but link local address. SLAAC was disabled.
Yes, when i set up the Draytek box last year my ISP explained their process
to me and it worked with the setting 'PPP' which is basically the same as
pfsense's 'None'.
So the ISP is only giving out the IPv6 gateway address,
no prefix and this happens through the PPPoE connection.
Took me a week of back and forth with Draytek support and a few calls
to ISP when eventually i got an email from my ISP's admin that he downloaded
the manual of my Draytek box and he told me to set it to 'PPP' which tells it to
get the gateway address via PPPoE and to set a static IPv6 on the LAN side.
That worked. But i didn't expect this to work exactly the same way with pfsense
as well… -
OK, sounds plausible. Would you be willing to show us the final settings of the DTv130 for this case ?
-
@hda:
OK, sounds plausible. Would you be willing to show us the final settings of the DTv130 for this case ?
I've added a few screenshots, they're a bit messy, i didn't clean up the config yet.
