IPv6 pfSense not working
-
Hello,
my pfSense-OS is installed on an ESXi-server. The gateway of all my computer is the pfSense, so all computers connect the internet via pfsense.
But Websites like http://ipv6.whatismyip.akamai.com/ are not working and I need this website to update my IP.I have checked the box on Advanced –> Networking --> Allow IP.
My pfsense gets the adress via DHCPv6, it shows the IP on the main page of pfsense. But it's not working.What can I do ?
Sorry, my english is very bad..
EDIT:
DHCP-Log:Aug 18 17:58:50 dhcp6c[48400]: T1 (15) or T2 (22) is too small Aug 18 17:58:50 dhcp6c[48400]: adjusted to 18 and 30 Aug 18 17:59:08 dhcp6c[48400]: failed to add an address on le0: Invalid argument Aug 18 17:59:08 dhcp6c[48400]: failed to update an address 2a**:****:2681:****:20c:****:****:**** -
what test do you do(ping, traceroute,mtr , tcpdump ….)?
if you don't tell more information pfsense team can't help you and nobody try to help you.
a simple 'it is not working' , is not enoughpra
-
ipconfig:
Verbindungsspezifisches DNS-Suffix:
Verbindungslokale IPv6-Adresse . : fe80::::****:6cf1%12
IPv4-Adresse . . . . . . . . . . : 192.168.1.254
Subnetzmaske . . . . . . . . . . : 255.255.255.0
Standardgateway . . . . . . . . . : 192.168.1.1ping ipv6.google.com
gives me this error:
"Ping-Anforderung konnte Host "ipv6.google.com" nicht finden. Überprüfen Sie den
Namen, und versuchen Sie es erneut."
Ping-Request couldn't find host "ipv6.google.com. Check the name, and try again.tracert ipv6.google.com
"Der Zielname ipv6.google.com konnte nicht aufgelöst werden."
The destinationname ipv6.google.com could not be resolved.ping from pfSense to ipv6.google.com works by the way.
It seems to be a problem with the client settings. -
ping from pfSense to ipv6.google.com works by the way.
This is problematic.
ping ipv6.google.comwill not give any results - no ping reply comes back. Because ipv6.google.com will not reply to IPv4 pings.
This:
ping6 ipv6.google.comwill produce this:
PING6(56=40+8+8 bytes) 2001:470:xxxx:xxxx::2 --> 2a00:1450:400c:c05::65 16 bytes from 2a00:1450:400c:c05::65, icmp_seq=0 hlim=54 time=60.706 ms 16 bytes from 2a00:1450:400c:c05::65, icmp_seq=1 hlim=54 time=57.140 ms 16 bytes from 2a00:1450:400c:c05::65, icmp_seq=2 hlim=54 time=55.188 ms 16 bytes from 2a00:1450:400c:c05::65, icmp_seq=3 hlim=54 time=52.768 ms ^Cwhich means: it works.
pfSense has an IPv6 connection to the net ?
-
what IPv6 address is your client getting? I only saw a fe80 address - link local, that is not going to work.
-
ping ipv6.google.comwill not give any results - no ping reply comes back. Because ipv6.google.com will not reply to IPv4 pings.
This:
ping6 ipv6.google.comwill produce this:
PING6(56=40+8+8 bytes) 2001:470:xxxx:xxxx::2 --> 2a00:1450:400c:c05::65 16 bytes from 2a00:1450:400c:c05::65, icmp_seq=0 hlim=54 time=60.706 ms 16 bytes from 2a00:1450:400c:c05::65, icmp_seq=1 hlim=54 time=57.140 ms 16 bytes from 2a00:1450:400c:c05::65, icmp_seq=2 hlim=54 time=55.188 ms 16 bytes from 2a00:1450:400c:c05::65, icmp_seq=3 hlim=54 time=52.768 ms ^Cwhich means: it works.
Under Windows - I'm assuming Windows since the OP provided ipconfig info - ping does both IPv4 and v6. To force v6, you use ping -6. But if it resolves an IPv6 address via DNS, it will still work, even if not forced.
-
Have you enabled IPv6 on the physical ESXi host running pfsense??
Remember to reboot the host.
-
you do not have to enable ipv6 on esxi host vmkern to have devices talk ipv6.
-
@virgiliomi:
ping ipv6.google.comwill not give any results - no ping reply comes back. Because ipv6.google.com will not reply to IPv4 pings.
This:
ping6 ipv6.google.comwill produce this:
PING6(56=40+8+8 bytes) 2001:470:xxxx:xxxx::2 --> 2a00:1450:400c:c05::65 16 bytes from 2a00:1450:400c:c05::65, icmp_seq=0 hlim=54 time=60.706 ms 16 bytes from 2a00:1450:400c:c05::65, icmp_seq=1 hlim=54 time=57.140 ms 16 bytes from 2a00:1450:400c:c05::65, icmp_seq=2 hlim=54 time=55.188 ms 16 bytes from 2a00:1450:400c:c05::65, icmp_seq=3 hlim=54 time=52.768 ms ^Cwhich means: it works.
Under Windows - I'm assuming Windows since the OP provided ipconfig info - ping does both IPv4 and v6. To force v6, you use ping -6. But if it resolves an IPv6 address via DNS, it will still work, even if not forced.
ping -6 does not work with ipv6.google.com
It just works on the pfsense. What kind of settings do I have to enable to get "real" IPv6-Adresses on my clients.
DHCPv6? DHCPv6 Router Advertising settings? DHCPv6 Relay? -
…
What kind of settings do I have to enable to get "real" IPv6-Adresses on my clients.If you have ISP on WAN or do you have a MoDem inbetween ?, try Track Interface on your LAN (and RA(Unmanaged)/SLAAC for clients).
-
I have a Modem in between.
This guy has exact the same problem..
https://forum.pfsense.org/index.php?topic=82220.0
I don't think that there is a solution..
-
OK, you need a MoDem transparent (pass-tru/bridged to PPPoE) -OR- a MoDem-Router that can act as a DHCP6-Server (like the Fritz!Box 7360).
