IPv6 tunnel using SLAAC?
I have an OpenVPN roadwarrior setup up and running which allows me to access LAN, etc. and the Internet via pfsense (no split). I have configured both, an IPv4 tunnel and an IPv6 tunnel. The IPv4 traffic uses pfsense’s IPv4 NAT to reach the Internet, while the IPv6 tunnel has a dedicated, routed /64 subnet assigned.
However, the IPv6 assigned to the clients by OpenVPN are linear starting with ::1000. Is it possible to disable this kind of DHCPv6 and use SLAAC instead?
Not that I'm aware of. OpenVPN has to manage the addresses it hands out in most cases except, depending on the config, for a bridged tap instance. I know in the case of a bridged tap setup IPv4 can be pulled from the LAN, but I have not tried SLAAC to see if that would come through as well. May all depend on the client in that case.
Thanks for the answer. Meanwhile I found the following on in the OpenVPN manual which describes the address assignment pretty well:
“Specify an IPv6 address pool for dynamic assignment to clients. The pool starts at ipv6addr and increments by +1 for every new client (linear mode).”
I believe that the linear mode is the only option for address assignment using a tun interface, and only tun is supported by my iOS devices. I’m going to request a feature like "Simulate IPv6 Privacy Extension" from OpenVPN, but I don’t see an straight forward solution for that.