OPNsense Forum

Archive => 21.7 Legacy Series => Topic started by: nerd on November 03, 2021, 09:11:56 pm

Title: IPv6
Post by: nerd on November 03, 2021, 09:11:56 pm

The following DHCPv6 solicit from my old fritzbox router gives me what I want when connecting with the fritzbox: my ISP returning my fixed IPv6 prefix which I can then use.

Code: [Select]

DHCPv6
    Message type: Solicit (1)
    Transaction ID: 0x1566a5
    Elapsed time
    Client Identifier
    Identity Association for Prefix Delegation
        Option: Identity Association for Prefix Delegation (25)
        Length: 41
        IAID: 117794bc
        T1: 0
        T2: 0
        IA Prefix
            Option: IA Prefix (26)
            Length: 25
            Preferred lifetime: 0
            Valid lifetime: 0
            Prefix length: 0
            Prefix address: ::
    Reconfigure Accept
        Option: Reconfigure Accept (20)
        Length: 0
    Option Request
        Option: Option Request (6)
        Length: 18
        Requested Option code: DNS recursive name server (23)
        Requested Option code: NTP Server (56)
        Requested Option code: Simple Network Time Protocol Server (31)
        Requested Option code: Identity Association for Prefix Delegation (25)
        Requested Option code: Prefix Exclude (67)
        Requested Option code: Vendor-specific Information (17)
        Requested Option code: SOL_MAX_RT (82)
        Requested Option code: INF_MAX_RT (83)
        Requested Option code: PCP Server (86)
    Vendor Class

Now I am trying to do the same with OPNsense but failing horribly.
Anyone can point me to the correct syntaxt to request those options?

Title: Re: IPv6
Post by: lrosenman on November 03, 2021, 10:47:50 pm

This is what I'm using for ATT Fiber here in the States:

Quote

interface em4 {
   # Request a single IPv6 address for WAN interface (RG responds with 2600:1702:xxxx:yyy0::48)
   send ia-na 0;
   # Request 8x /64 prefix delegations:
   send ia-pd 0;
   send ia-pd 1;
   send ia-pd 2;
   send ia-pd 3;
   send ia-pd 4;
   send ia-pd 5;
   send ia-pd 6;
   send ia-pd 7;
   request domain-name-servers;
   request domain-name;
   script "/var/etc/dhcp6c_opt5_script.sh";
   #script "/conf/set_wan_static_v6.sh";
};
# These blocks are required, and I should probably
# assign the prefixes to the LAN interfaces here.
# Since my /60 has not changed since I implemented
# this, I treat them as static and assign them as such.
id-assoc na 0 { };
id-assoc pd 0 {
   prefix-interface em0 {
      sla-id 0;
      sla-len 0;
   };
 };
id-assoc pd 1 {
   prefix-interface em0_vlan8 {
      sla-id 0;
      sla-len 0;
#      prefix 2600:1700:210:b18e::/64 600 200;
   };
};
id-assoc pd 2 {
   prefix-interface em0_vlan2 {
      sla-id 0;
      sla-len 0;
#      prefix 2600:1700:210:b18d::/64 600 200;
   };
};
id-assoc pd 3 {
   prefix-interface em0_vlan10 {
     sla-id 0;
     sla-len 0;
   };
};
id-assoc pd 4 { };
id-assoc pd 5 { };
id-assoc pd 6 { };
id-assoc pd 7 { };
root@home-fw:~ #

you might also look at:

Quote

man dhcp6c.conf

as well.

Title: Re: IPv6
Post by: nerd on November 04, 2021, 01:18:33 pm

uch, I did not realize I needed to go CLI for this.
Thank you for your example and the hint towards man dhcp6c.conf. I did not know of that.

Title: Re: IPv6
Post by: lrosenman on November 04, 2021, 03:40:58 pm

some of it can be done via the GUI, but if you want absolute control, the override file is the way to go.  ATT Fiber (my provider) is weird, hence my overrides.