DHCPV6 and RA

IPv6
Log in to reply
  • M

    I would like to share some of my experiences using the pfsense in an ipv6 environment.

    The goal was to use the DHCPv6 to replace my ISC-DHCP-Server running on Ubuntu with pfsense. The final result would be to have my internal DNS servers updated dynamically.

    Using the old config, everything is working fine although Ubuntu clients needs to have their configuration adapted to make it worked correctly but nothing related to pfsense.

    Using pfsense, I observed different mechanism not working as expected:

    • the PTR records are not created (but the AAAA are)
    • if the clients is coming with a request for a specific ip address, pfsense accept it gracefully even if not inside the range specified. I had to remove the leased address on the client to make it work correctly
    • the DNS server to be updated can only be an ipv4 address forcing to run a dual stack ipv4/ipv6 on the DNS.

    Are these "observations " bugs or features? I let you comment on it ;-)

    0
  • C

    You're just going from one ISC dhcpd to another, it'll have the same behavior where the config's matching (assuming the same version, but diffs between versions should be minimal). Compare /var/dhcpd/etc/dhcpdv6.conf with what you had configured on Ubuntu (but you can't edit that file, just for review). See something that's not right/missing there?

    @m3xiz:

    • if the clients is coming with a request for a specific ip address, pfsense accept it gracefully even if not inside the range specified. I had to remove the leased address on the client to make it work correctly

    Can't say I've tried that, but that would be the behavior of dhcpd if that's the case. I know with v4, dhcpd will reject leases outside the defined scope, and would assume it'd do the same for v6. Did it actually add a lease to the leases file with that?

    @m3xiz:

    • the DNS server to be updated can only be an ipv4 address forcing to run a dual stack ipv4/ipv6 on the DNS.

    At the time, and I thought still though I haven't checked really recently, dhcpd couldn't do dynamic DNS updates via IPv6. You were doing that before?

    0
  • M

    My understanding is that the isc dhcp is not yet ready. I have being able to make update to the dns with IPv6 however dual stacks are causing a problem due to different ID using Ubuntu 14.04. I did stop as according to the isc I need to run a more recent version of the dhcp server to solve this issue which will come next month with Ubuntu 16.04.
    I doubt very much pfsense is running such recent version of isc.

    0
  • G

    here the version in 2.3 beta

    isc-dhcp43-client-4.3.3P1_1    The ISC Dynamic Host Configuration Protocol client
    isc-dhcp43-relay-4.3.3P1_1    The ISC Dynamic Host Configuration Protocol relay
    isc-dhcp43-server-4.3.3P1_1    ISC Dynamic Host Configuration Protocol server

    0
  • M

    I am gonna give it a try….in a lab ;)

    I let you know the results...

    0
  • M

    So far I was able to make the update in a bind DNS dunning on another server.

    The issues I found are that with the release of IP. It is working fine as far as I have only IV6 configured. If I am playing with double stack there isn't any update in my bind servers.

    Still playing to find if I can detect where is the issue (client, pfsense, bind server….)

    0

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2021 Rubicon Communications, LLC | Privacy Policy