How to find DCHPv6 entries when using an IPv6 /64
-
How do I see what addresses are being handed out and to what hosts?
If I go to Status->DHCPv6 Leases, there is nothing listed in either of the two tables. Dashboard shows both the WAN and LAN interface IPv6 addresses. I was expecting the DHCPv6 list to be similar to the v4 version and show some information on what has been handed out so I can see all of the devices using v6 on my local network and add static entries.
I'm getting a /64 from my ISP (Comcast) since I didn't know to set the hint to /60 at first and now waiting the 7 days or so for the lease to expire. The device is handing out IPv6 address to everything fine and everything seems to be able to communicate with the world. Somehow a DHCPv6 server is running but not configured anywhere.
Version: 2.2.6-RELEASE (i386)
DHCP server (v4) is running fine on LAN.
DHCPv6 Relay is not enabled
DHCPv6 Server can't be enabled, says I need a static addressWAN IPv6 Configuration Type: DHCP6
LAN IPv6 Configuration Type: Track Interface
Track IPv6 Interface: WAN
Track IPv6 Prefix ID: 0 (only option from 0-0)I'm not sure how the device is handing out v6 addresses just fine like a DHCPv6 server is running but I don't see any setting or information in the logs to show that it is actually doing that.
Does any of this change when I finally get a /60 prefix from my ISP? Will I be able to somehow add a DHCPv6 entry for various /64 nets and be able to finally add some static mappings like I can do with the v4 server?
-
The chances are that your devices are obtaining addresses using SLAAC. In this system, the router (pfSense) advertises the prefix, then each device allocates itself an address within that prefix. The decentralised operation of SLAAC precludes static allocation.
You can force devices to use DHCPv6, but some devices (notably including Android devices) do not support DHCPv6.
-
Under 2.2.x, you cannot modify the DHCPv6 and RA settings if you use Track Interface. The RA sent out is an "Assisted" RA, which prefers SLAAC for IPv6 addressing. DHCPv6 is configured and running for devices that can't use (or aren't set up to use) SLAAC. DHCPv6 is set up with a range of ::1000 to ::2000, IIRC. Depending on your prefix size, it may also allocate a couple of prefixes that can be delegated.
2.3 will supposedly allow you to modify RA and DHCPv6 settings if you use Track Interface. I've not yet tried the Alpha so I don't know if it's in place yet or not.
Devices using SLAAC determine their address on their own, and don't communicate with pfSense other than receiving the router advertisement. pfSense becomes aware of the address through NDP (network discovery protocol - see Diagnostics > NDP Table). However, DHCPv6 addresses will also show up in the NDP table - essentially any device that communicates directly with your pfSense box should appear in that table. NDP replaces ARP from IPv4. The DHCPv6 table will show any leases that have been given out, but since SLAAC is preferred in the current Track Interface setup, most devices will use that to determine their address.
-
Thanks David_W and virgiliomi for the explanations. I can indeed see the hosts in the NDP Table and now have a /60 prefix. Not sure what I can ultimately do with that but it works. I suppose if I really want static addresses I need to fallback to using my HE /48.
-
With the /60, you could set up a second network (i.e. for guests to your home) and allocate a /64 for that network… I'd say you could use a third /64 for any servers, if you wanted to keep them separate from your LAN, but I know Comcast looks down upon running servers (unless you happen to have their 2Gb fiber service). You could also delegate a block to a downstream router... so if you happened to be in a situation where you have a roommate, you could delegate a /64 or /63 to them to keep their stuff separate from yours.
