Complete noob and ia-pd configuration.
-
So, near as I can understand it, my one ISP hands out a /56 prefix, then its up to the router (pfsense box in my case) to delegate the addresses to other devices inside the LAN.
I've had to custom create a dhcp6c_wan.conf which mostly works, except it keeps looping.
This is my config
interface em0_vlan3 { send ia-pd 0; request domain-name-servers; request domain-name; script "/var/etc/dhcp6c_wan_script.sh"; # we'd like some nameservers please }; id-assoc pd 0 { prefix-interface em0_vlan5 { sla-id 0; sla-len 0; }; };When I run /usr/local/sbin/dhcp6c -dDf -c /var/etc/dhcp6c_wan.conf -p /var/run/dhcp6c.pid em0_vlan3
It seems to get a prefix, but it keeps looping
Oct/30/2015 16:17:39: reset a timer on em0_vlan3, state=INIT, timeo=0, retrans=386 Oct/30/2015 16:17:39: executes /var/etc/dhcp6c_wan_script.sh Oct/30/2015 16:17:39: script "/var/etc/dhcp6c_wan_script.sh" terminated Oct/30/2015 16:17:39: removing an event on em0_vlan3, state=REQUEST Oct/30/2015 16:17:39: removing server (ID: 00:03:00:01:0c:a4:02:23:f4:01) Oct/30/2015 16:17:39: got an expected reply, sleeping. Oct/30/2015 16:17:40: a new XID (4448c7) is generated Oct/30/2015 16:17:40: set client ID (len 14) Oct/30/2015 16:17:40: set elapsed time (len 2) Oct/30/2015 16:17:40: set option request (len 4) Oct/30/2015 16:17:40: set IA_PD Oct/30/2015 16:17:40: send solicit to ff02::1:2%em0_vlan3 Oct/30/2015 16:17:40: reset a timer on em0_vlan3, state=SOLICIT, timeo=0, retrans=1049 Oct/30/2015 16:17:40: receive advertise from fe80::ea4:2ff:fe23:f401%em0_vlan3 on em0_vlan3 Oct/30/2015 16:17:40: get DHCP option server ID, len 10 Oct/30/2015 16:17:40: DUID: 00:03:00:01:0c:a4:02:23:f4:01 Oct/30/2015 16:17:40: get DHCP option client ID, len 14 Oct/30/2015 16:17:40: DUID: 00:01:00:01:1b:d5:91:94:74:d0:2b:9d:84:9c Oct/30/2015 16:17:40: get DHCP option IA_PD, len 41 Oct/30/2015 16:17:40: IA_PD: ID=0, T1=86400, T2=144000 Oct/30/2015 16:17:40: get DHCP option IA_PD prefix, len 25 Oct/30/2015 16:17:40: IA_PD prefix: 2001:56a:f3b1:2e00::/56 pltime=172800 vltime=345600 Oct/30/2015 16:17:40: get DHCP option DNS, len 32 Oct/30/2015 16:17:40: server ID: 00:03:00:01:0c:a4:02:23:f4:01, pref=-1 Oct/30/2015 16:17:40: reset timer for em0_vlan3 to 0.994837 Oct/30/2015 16:17:41: picked a server (ID: 00:03:00:01:0c:a4:02:23:f4:01) Oct/30/2015 16:17:41: a new XID (562947) is generated Oct/30/2015 16:17:41: set client ID (len 14) Oct/30/2015 16:17:41: set server ID (len 10) Oct/30/2015 16:17:41: set elapsed time (len 2) Oct/30/2015 16:17:41: set option request (len 4) Oct/30/2015 16:17:41: set IA_PD prefix Oct/30/2015 16:17:41: set IA_PD Oct/30/2015 16:17:41: send request to ff02::1:2%em0_vlan3 Oct/30/2015 16:17:41: reset a timer on em0_vlan3, state=REQUEST, timeo=0, retrans=964 Oct/30/2015 16:17:41: receive reply from fe80::ea4:2ff:fe23:f401%em0_vlan3 on em0_vlan3 Oct/30/2015 16:17:41: get DHCP option server ID, len 10 Oct/30/2015 16:17:41: DUID: 00:03:00:01:0c:a4:02:23:f4:01 Oct/30/2015 16:17:41: get DHCP option client ID, len 14 Oct/30/2015 16:17:41: DUID: 00:01:00:01:1b:d5:91:94:74:d0:2b:9d:84:9c Oct/30/2015 16:17:41: get DHCP option IA_PD, len 48 Oct/30/2015 16:17:41: IA_PD: ID=0, T1=86400, T2=144000 Oct/30/2015 16:17:41: get DHCP option status code, len 32 Oct/30/2015 16:17:41: status code: no prefixes Oct/30/2015 16:17:41: get DHCP option DNS, len 32 Oct/30/2015 16:17:41: nameserver[0] 2001:568:ff09:10c::53 Oct/30/2015 16:17:41: nameserver[1] 2001:568:ff09:10d::53 Oct/30/2015 16:17:41: make an IA: PD-0 Oct/30/2015 16:17:41: status code for PD-0: no prefixes Oct/30/2015 16:17:41: IA PD-0 is invalidated Oct/30/2015 16:17:41: remove an IA: PD-0 Oct/30/2015 16:17:41: reset a timer on em0_vlan3, state=INIT, timeo=0, retrans=421 Oct/30/2015 16:17:41: executes /var/etc/dhcp6c_wan_script.sh Oct/30/2015 16:17:41: script "/var/etc/dhcp6c_wan_script.sh" terminated Oct/30/2015 16:17:41: removing an event on em0_vlan3, state=REQUEST Oct/30/2015 16:17:41: removing server (ID: 00:03:00:01:0c:a4:02:23:f4:01) Oct/30/2015 16:17:41: got an expected reply, sleeping. Oct/30/2015 16:17:41: a new XID (7688d) is generated Oct/30/2015 16:17:41: set client ID (len 14) Oct/30/2015 16:17:41: set elapsed time (len 2) Oct/30/2015 16:17:41: set option request (len 4) Oct/30/2015 16:17:41: set IA_PD Oct/30/2015 16:17:41: send solicit to ff02::1:2%em0_vlan3 Oct/30/2015 16:17:41: reset a timer on em0_vlan3, state=SOLICIT, timeo=0, retrans=1036 Oct/30/2015 16:17:41: receive advertise from fe80::ea4:2ff:fe23:f401%em0_vlan3 on em0_vlan3 Oct/30/2015 16:17:41: get DHCP option server ID, len 10 Oct/30/2015 16:17:41: DUID: 00:03:00:01:0c:a4:02:23:f4:01 Oct/30/2015 16:17:41: get DHCP option client ID, len 14 Oct/30/2015 16:17:41: DUID: 00:01:00:01:1b:d5:91:94:74:d0:2b:9d:84:9c Oct/30/2015 16:17:41: get DHCP option IA_PD, len 41 Oct/30/2015 16:17:41: IA_PD: ID=0, T1=86400, T2=144000 Oct/30/2015 16:17:41: get DHCP option IA_PD prefix, len 25 Oct/30/2015 16:17:41: IA_PD prefix: 2001:56a:f3b1:2e00::/56 pltime=172800 vltime=345600 Oct/30/2015 16:17:41: get DHCP option DNS, len 32 Oct/30/2015 16:17:41: server ID: 00:03:00:01:0c:a4:02:23:f4:01, pref=-1 Oct/30/2015 16:17:41: reset timer for em0_vlan3 to 0.995560 ^CSo it grabs the prefix of 2001:56a:f3b1:2e00::/56 but then just keeps looping. I tried manually assigning an address of 2001:56a:f3b1:2e00::1 to the appropriate WAN interface, but was unable to ping6/traceroute6 from the PFSense box itself.
Any tips/advice would be greatly appreciated.
-
So,
I modified my config slightly
interface em0_vlan3 { send ia-pd 1; request domain-name-servers; request domain-name; script "/var/etc/dhcp6c_wan_script.sh"; # we'd like some nameservers please }; id-assoc pd 1 { prefix-interface em0_vlan5 { # sla-id 1; # sla-len 56; }; };now this happens
Oct/30/2015 21:07:26: reset a timer on em0_vlan3, state=INIT, timeo=0, retrans=383 Oct/30/2015 21:07:27: a new XID (9026a) is generated Oct/30/2015 21:07:27: set client ID (len 14) Oct/30/2015 21:07:27: set elapsed time (len 2) Oct/30/2015 21:07:27: set option request (len 4) Oct/30/2015 21:07:27: set IA_PD Oct/30/2015 21:07:27: send solicit to ff02::1:2%em0_vlan3 Oct/30/2015 21:07:27: reset a timer on em0_vlan3, state=SOLICIT, timeo=0, retrans=1088 Oct/30/2015 21:07:27: receive advertise from fe80::ea4:2ff:fe23:f401%em0_vlan3 on em0_vlan3 Oct/30/2015 21:07:27: get DHCP option server ID, len 10 Oct/30/2015 21:07:27: DUID: 00:03:00:01:0c:a4:02:23:f4:01 Oct/30/2015 21:07:27: get DHCP option client ID, len 14 Oct/30/2015 21:07:27: DUID: 00:01:00:01:1b:d5:91:94:74:d0:2b:9d:84:9c Oct/30/2015 21:07:27: get DHCP option IA_PD, len 41 Oct/30/2015 21:07:27: IA_PD: ID=1, T1=86400, T2=144000 Oct/30/2015 21:07:27: get DHCP option IA_PD prefix, len 25 Oct/30/2015 21:07:27: IA_PD prefix: 2001:56a:f3a8:a700::/56 pltime=172800 vltime=345600 Oct/30/2015 21:07:27: get DHCP option DNS, len 32 Oct/30/2015 21:07:27: server ID: 00:03:00:01:0c:a4:02:23:f4:01, pref=-1 Oct/30/2015 21:07:27: reset timer for em0_vlan3 to 0.982435 Oct/30/2015 21:07:28: picked a server (ID: 00:03:00:01:0c:a4:02:23:f4:01) Oct/30/2015 21:07:28: a new XID (68310) is generated Oct/30/2015 21:07:28: set client ID (len 14) Oct/30/2015 21:07:28: set server ID (len 10) Oct/30/2015 21:07:28: set elapsed time (len 2) Oct/30/2015 21:07:28: set option request (len 4) Oct/30/2015 21:07:28: set IA_PD prefix Oct/30/2015 21:07:28: set IA_PD Oct/30/2015 21:07:28: send request to ff02::1:2%em0_vlan3 Oct/30/2015 21:07:28: reset a timer on em0_vlan3, state=REQUEST, timeo=0, retrans=977 Oct/30/2015 21:07:28: receive reply from fe80::ea4:2ff:fe23:f401%em0_vlan3 on em0_vlan3 Oct/30/2015 21:07:28: get DHCP option server ID, len 10 Oct/30/2015 21:07:28: DUID: 00:03:00:01:0c:a4:02:23:f4:01 Oct/30/2015 21:07:28: get DHCP option client ID, len 14 Oct/30/2015 21:07:28: DUID: 00:01:00:01:1b:d5:91:94:74:d0:2b:9d:84:9c Oct/30/2015 21:07:28: get DHCP option IA_PD, len 41 Oct/30/2015 21:07:28: IA_PD: ID=1, T1=86400, T2=144000 Oct/30/2015 21:07:28: get DHCP option IA_PD prefix, len 25 Oct/30/2015 21:07:28: IA_PD prefix: 2001:56a:f3a8:a700::/56 pltime=172800 vltime=345600 Oct/30/2015 21:07:28: get DHCP option DNS, len 32 Oct/30/2015 21:07:28: nameserver[0] 2001:568:ff09:10c::53 Oct/30/2015 21:07:28: nameserver[1] 2001:568:ff09:10d::53 Oct/30/2015 21:07:28: make an IA: PD-1 Oct/30/2015 21:07:28: create a prefix 2001:56a:f3a8:a700::/56 pltime=140733193560832, vltime=140733193733632 Oct/30/2015 21:07:28: invalid prefix length 56 + 16 + 64 Oct/30/2015 21:07:28: executes /var/etc/dhcp6c_wan_script.sh Oct/30/2015 21:07:28: script "/var/etc/dhcp6c_wan_script.sh" terminated Oct/30/2015 21:07:28: removing an event on em0_vlan3, state=REQUEST Oct/30/2015 21:07:28: removing server (ID: 00:03:00:01:0c:a4:02:23:f4:01) Oct/30/2015 21:07:28: got an expected reply, sleeping.so em0_vlan5 now gets assigned
inet6 2001:56a:f3a8:a700:20c:29ff:fe20:fd1c prefixlen 56however, if I try to ping
ping6 google.ca PING6(56=40+8+8 bytes) 2001:56a:f3a8:a700:20c:29ff:fe20:fd1c --> 2607:f8b0:400a:805::100f ping6: sendmsg: Operation not permitted ping6: wrote google.ca 16 chars, ret=-1but the routing table looks good
[2.2.4-RELEASE][root@pfsense.wtf.local]/root: route -6 get google.ca route to: sea15s01-in-x03.1e100.net destination: default mask: default gateway: node-1w7jra22wzwwdjzfq1cmmcqo0.ipv6.telus.net fib: 0 interface: em0_vlan3 flags: <up,gateway,done,static>recvpipe sendpipe ssthresh rtt,msec mtu weight expire 0 0 0 0 1500 1 0</up,gateway,done,static>=\
-
So with this config file
interface em0_vlan3 { # information-only; send ia-pd 1; request domain-name-servers; request domain-name; script "/var/etc/dhcp6c_wan_script.sh"; # we'd like some nameservers please }; id-assoc pd 1 { prefix-interface em0_vlan5 { sla-id 1; sla-len 0; }; };It works. I get functional IPV6 on my router, however pfsense doesn't seem to want to let me advertise this to clients on my lan.
Also, there seems to be no choices/combination of options to do PD on a normal WAN interface. in the 2.2.5 changelog, it said IA-PD changes were made for PPPoE users.