Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPv6 tunnel using SLAAC?

    Scheduled Pinned Locked Moved OpenVPN
    3 Posts 2 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      got0
      last edited by

      I have an OpenVPN roadwarrior setup up and running which allows me to access LAN, etc. and the Internet via pfsense (no split). I have configured both, an IPv4 tunnel and an IPv6 tunnel. The IPv4 traffic uses pfsense’s IPv4 NAT to reach the Internet, while the IPv6 tunnel has a dedicated, routed /64 subnet assigned.

      However, the IPv6 assigned to the clients by OpenVPN are linear starting with ::1000. Is it possible to disable this kind of DHCPv6 and use SLAAC instead?

      OpenVPN_IPv6tunnel_noSLAAC.png_thumb
      OpenVPN_IPv6tunnel_noSLAAC.png

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        Not that I'm aware of. OpenVPN has to manage the addresses it hands out in most cases except, depending on the config, for a bridged tap instance. I know in the case of a bridged tap setup IPv4 can be pulled from the LAN, but I have not tried SLAAC to see if that would come through as well. May all depend on the client in that case.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • G
          got0
          last edited by

          Thanks for the answer. Meanwhile I found the following on in the OpenVPN manual which describes the address assignment pretty well:

          “Specify an IPv6 address pool for dynamic assignment to clients. The pool starts at ipv6addr and increments by +1 for every new client (linear mode).”

          I believe that the linear mode is the only option for address assignment using a tun interface, and only tun is supported by my iOS devices. I’m going to request a feature like "Simulate IPv6 Privacy Extension" from OpenVPN, but I don’t see an straight forward solution for that.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.