Switch to static instead of track interface
-
Hello,
My ISP (Xs4all) assigns a nice IPv6 /48 prefix, let's say it is 2001:982:xxxx for now. I got things working initially by:
WAN (PPPoE over a specific VLAN)
- Check "Request a IPv6 prefix/information through IPv4" (my ISP requires this to be done over PPPoE)
- Check "Only request an IPv6 prefix, do not request an IPv6 address"
- Prefix delegation size: 48
- Check "Send IPv6 prefix hint".
LAN
- IPV6, track WAN interface
So, I get a v6 address on the LAN interface (2001:982:xxxx:aaaa:bbbb:cccc:dddd:eeee), and everything works.
That said, I want to have a few servers being globally reachable, so I'd prefer to assign a static IP to my LAN interface and use DHCPv6 for the clients.
Here begins trouble: if I assign the exact same v6 address statically (001:982:xxxx:aaaa:bbbb:cccc:dddd:eeee/64) that I got through track interface, initially things work ok. But after a reboot, ping6 just stops working on the pfsense box itself. I've tried different subnets for the LAN interface, still doesn't work. I wonder if in this scenario the WAN interface also needs an IP address, but I don't think my ISP will assign one if it requests a prefix.
It's almost like "track interface" does some additional magic that is kept if I just change to a static address, but lost whenever I reboot.
Any ideas?
-
Mmm never mind, found out why in this topic :) https://forum.pfsense.org/index.php?topic=90699.0
-
update to 2.2.2 ?
RA management undefined ?You only need for xs4all:
WAN IPv6 > DHCP6 client configuration > Advanced >
Send Options = ia-pd 0; Identity Association Statement / prefix delegation = checkedYou (PPPoE) should get a fe80: on the WAN.
Know/create your (/48 + subnet) for a LAN as say 2001:980:X:Y::1/64Goto Services: DHCPv6 server > RA > Router Only (if not SLAAC allowed) else Unmanaged == SLAAC
Create a static entrance on your workstation with the last 64 bits a number of your choice. -
@hda:
update to 2.2.2 ?
RA management undefined ?You only need for xs4all:
WAN IPv6 > DHCP6 client configuration > Advanced >
Send Options = ia-pd 0; Identity Association Statement = checkedYou (PPPoE) should get a fe80: on the WAN.
Know/create your (/48 + subnet) for a LAN as say 2001:980:X:Y::1/64Goto Services: DHCPv6 server > RA > Router Only (if not SLAAC allowed) else Unmanaged == SLAAC
Create a static entrance on your workstation with the last 64 bits a number of your choice.Thanks. The problem was basically that prefix delegation is only requested if you use "track interface" on the LAN. Apparently xs4all does require you to explicitly ask for the prefix every time the link comes up. Anyway, I fixed it by setting DHCP6 client advanced options, pretty much as you described. It's all working now!
Do you happen to know if the /48 xs4all gives you is static? I didn't read anywhere that it is, but knowing xs4all it seems unlikely they would change it on you easily.
-
…
Do you happen to know if the /48 xs4all gives you is static?
...Basically yes, but I call it quasi-static, cause they reserve the rights to change just as they could do with IPv4 ;)
Right, it works with prefix delegation request by dhcp6c.