Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPv6 Setup - BTNet Leased Line

    Scheduled Pinned Locked Moved IPv6
    6 Posts 3 Posters 2.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      smaxwell2
      last edited by

      Hi All  :D

      I am probably missing something really simple here. Just trying to get my head around IPv6.

      I have a BTNet Leased Line with a Managed Cisco Router and BT provide me both Static IPv4 Addresses (working fine) and Static IPv6 Addresses

      They have advised the following:

      IPv4 Directly Connected Section

      IPV6 Network Address                      : 2A00:2381:1599:: 
      IPV6 Network Mask         : /64 
      IPV6 BTnet NTE Router LAN Address : 2A00:2381:1599::1

      IPv6 Non-Directly Connected Section

      IPV6 Network Address : 2A00:2381:1599:: 
      IPV6 Network Mask : /56 
      IPV6 Next Hop Address : 2A00:2381:1599::5

      Now obviously the idea of IPv6 is to do away with NAT  :) But what I can't get around is my IPv6 settings in pfSense

      myPfsense's WAN port is connected to the BTNet Cisco.

      Probably something really simple, but I don't understand how I can assign the same subnet on the LAN / WAN interfaces

      From my understanding of the above from BT they have assigned me a /64 Subnet for my WAN port of my pfSense, and then a /56 (which is the same?) for my LAN ?

      pfSense WAN Port : 2A00:2381:1599::5  (/64)
      pfSense LAN Port  : 2A00:2381:1599::11:241  (/56)

      Hopefully someone can point me in the right direction here.  Been sat here for 2 days now ::)

      Thanks in advance !

      Cheers, Scott

      1 Reply Last reply Reply Quote 0
      • MikeV7896M
        MikeV7896
        last edited by

        What they've done is taken the first /64 from your /56 for the WAN port. To hopefully make this easier to see, I'm going to do some expansion of the IPv6 addresses.

        Your assigned /56 is: 2A00:2381:1599:0000::/56
            Your WAN gateway is: 2A00:2381:1599:0000:0:0:0:1/64
        Your WAN address can be: 2A00:2381:1599:0000::::/64  (except 0:0:0:1, since that's BT's router)

        Your LAN networks can be: 2A00:2381:1599:0001::/64
                              to: 2A00:2381:1599:FFFF::/64

        How does it feel to have over 65,000 /64 IPv6 subnets, each with more addresses available than the entire IPv4 internet? :)

        Your issue is that your LAN should be /64, not /56. You should only be using /64 for your end-user/device networks. You could delegate larger blocks (i.e. /60) to any other routers that might be on your network, and they would then break that /60 block in to 16 /64 networks.

        The S in IOT stands for Security

        1 Reply Last reply Reply Quote 0
        • S
          smaxwell2
          last edited by

          Hi virgiliomi,

          You sir are a legend ! The thing I was missing that a /64 was a smaller subnet than /56.

          I have now setup as you suggested and working perfectly !

          Even enabled a CARP Virtual IP on both WAN and LAN side for HA  ;D Took me a while, just had to change the RA interface to this CARP IP after doing this !

          Thank you so much for your spot on response :)

          I owe you a beer !

          Thanks, Scott

          1 Reply Last reply Reply Quote 0
          • T
            Toady
            last edited by

            I feel the need to correct this just a little;

            /56 is 256 x /64 networks

            2A00:2381:1599:0000::/56 =
            2A00:2381:1599:0000:0000:0000:0000:0000 -
            2A00:2381:1599:00ff:ffff:ffff:ffff:ffff

            Or as you are more likely to use them;
            2A00:2381:1599::/64 to 2A00:2381:1599:FF::/64

            Its still PLENTY of subnets.

            1 Reply Last reply Reply Quote 0
            • MikeV7896M
              MikeV7896
              last edited by

              Oops… my bad! I gave away too many bits!

              The S in IOT stands for Security

              1 Reply Last reply Reply Quote 0
              • T
                Toady
                last edited by

                Easy to do - we always expect /48 and /64 assignments :)

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.