1
General Discussion / IPv6 WAN works LAN doesent work | Packets get stuck in OPNSense in Proxmox
« on: September 24, 2023, 01:36:57 pm »
Hello everbody, i tried setting up IPv6 for my LAN IPv4 works just fine but i can't seem to get IPv6 to Function.
I am using Proxmox as a Hypervisor and i have a OPNSense VM inside here are all the Settings:
Proxmox Config:
auto lo
iface lo inet loopback
iface eno1 inet manual
iface eno2 inet manual
auto eno3
iface eno3 inet manual
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up echo 1 > /proc/sys/net/ipv4/conf/eno3/proxy_arp
iface eno4 inet manual
auto vmbr0
iface vmbr0 inet static
address 109.230.XXX.38/28
gateway 109.230.XXX.33
bridge-ports eno3
bridge-stp off
bridge-fd 0
iface vmbr0 inet6 static
address 2a05:bec0:XXX::3/48
gateway 2a05:bec0:XXX::1
auto vmbr1
iface vmbr1 inet static
address 10.10.0.0/24
bridge-ports eno2
bridge-stp off
bridge-fd 0
iface vmbr1 inet6 static
address 2a05:bec0:XXX:8::2/64
-----
OPNsense Interface Settings:
WAN:
Static IPv6: 2a05:bec0:XXX::2/48
GW: 2a05:bec0:53::1
LAN:
Static IPv6: 2a05:bec0:XXX:8::1/64
GW: Auto-detect
------
PING:
Proxmox Host to WAN Interface : Yes
Proxmox Host to LAN Interface : Yes
Proxmox Host to ISPv6 GW : Yes
Proxmox Host to 2606:4700:4700::1111 : Yes
OPNsense VM to WAN Interface: Yes
OPNsense VM to LAN Interface: Yes
OPNsense VM to Proxmox Host vmbr0: Yes
OPNsense VM to Proxmox Host vmbr1: Yes
OPNsense VM to ISPv6 GW : Yes
OPNsense VM to 2606:4700:4700::1111 : Yes
OPNsense LAN to OPNsense WAN Interface: Yes
OPNsense LAN to Proxmox Host vmbr0 : Yes
OPNsense LAN to Proxmox Host vmbr1 : Yes
OPNsense LAN to ISPv6 GW : No
OPNsense LAN to 2606:4700:4700::1111 : No
Debian VM (connected to LAN Interface)
( IP: 2a05:bec0:XXX:8::25/64 | GW: 2a05:bec0:XXX:8::1 )
VM to LAN Interface : Yes
VM to WAN Interface: Yes
VM to Proxmox Host vmbr0: Yes
VM to Proxmox Host vmbr1: No
VM to google.com: No
VM to ISPv6 GW : No
VM to 2606:4700:4700::1111 : No
( When pinging to 2606:4700:4700::1111 it gets displayed in the OPNsense firewall also when doing traceroute the last place is the OPNSense firewall )
----
ISP Info of my IPv6 Network:
2a05:bec0:XXX::/48
GW: 2a05:bec0:XXX::1/48
----
Firewall Rules:
Lan & Wan allow from any side everything for IPv6
----
I am using Proxmox as a Hypervisor and i have a OPNSense VM inside here are all the Settings:
Proxmox Config:
auto lo
iface lo inet loopback
iface eno1 inet manual
iface eno2 inet manual
auto eno3
iface eno3 inet manual
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up echo 1 > /proc/sys/net/ipv4/conf/eno3/proxy_arp
iface eno4 inet manual
auto vmbr0
iface vmbr0 inet static
address 109.230.XXX.38/28
gateway 109.230.XXX.33
bridge-ports eno3
bridge-stp off
bridge-fd 0
iface vmbr0 inet6 static
address 2a05:bec0:XXX::3/48
gateway 2a05:bec0:XXX::1
auto vmbr1
iface vmbr1 inet static
address 10.10.0.0/24
bridge-ports eno2
bridge-stp off
bridge-fd 0
iface vmbr1 inet6 static
address 2a05:bec0:XXX:8::2/64
-----
OPNsense Interface Settings:
WAN:
Static IPv6: 2a05:bec0:XXX::2/48
GW: 2a05:bec0:53::1
LAN:
Static IPv6: 2a05:bec0:XXX:8::1/64
GW: Auto-detect
------
PING:
Proxmox Host to WAN Interface : Yes
Proxmox Host to LAN Interface : Yes
Proxmox Host to ISPv6 GW : Yes
Proxmox Host to 2606:4700:4700::1111 : Yes
OPNsense VM to WAN Interface: Yes
OPNsense VM to LAN Interface: Yes
OPNsense VM to Proxmox Host vmbr0: Yes
OPNsense VM to Proxmox Host vmbr1: Yes
OPNsense VM to ISPv6 GW : Yes
OPNsense VM to 2606:4700:4700::1111 : Yes
OPNsense LAN to OPNsense WAN Interface: Yes
OPNsense LAN to Proxmox Host vmbr0 : Yes
OPNsense LAN to Proxmox Host vmbr1 : Yes
OPNsense LAN to ISPv6 GW : No
OPNsense LAN to 2606:4700:4700::1111 : No
Debian VM (connected to LAN Interface)
( IP: 2a05:bec0:XXX:8::25/64 | GW: 2a05:bec0:XXX:8::1 )
VM to LAN Interface : Yes
VM to WAN Interface: Yes
VM to Proxmox Host vmbr0: Yes
VM to Proxmox Host vmbr1: No
VM to google.com: No
VM to ISPv6 GW : No
VM to 2606:4700:4700::1111 : No
( When pinging to 2606:4700:4700::1111 it gets displayed in the OPNsense firewall also when doing traceroute the last place is the OPNSense firewall )
----
ISP Info of my IPv6 Network:
2a05:bec0:XXX::/48
GW: 2a05:bec0:XXX::1/48
----
Firewall Rules:
Lan & Wan allow from any side everything for IPv6
----