Text only | Text with Images

OPNsense Forum

English Forums => General Discussion => Topic started by: Gromhelm on July 29, 2023, 07:32:55 PM

Title: [Solved] IPv6 - radvd:prefix length should be 64
Post by: Gromhelm on July 29, 2023, 07:32:55 PM
I have continuing problems with IPv6 setup in OPNsense. It works for 1-2 days after a restart, but then stops working.

Today I found the following logs under:
/ui/diagnostics/log/core/routing

> Warning   radvd   prefix length should be 64 for igb3
> Warning   radvd   prefix length should be 64 for igb1
> radvd   sendmsg: Network is down
> Warning   radvd   prefix length should be 64 for igb3
> Warning   radvd   prefix length should be 64 for igb1
> radvd   sendmsg: Network is down
> ...

Since I use "Track WAN" for IPv6 on both, and WAN is setup with /64, this does not make sense to me.

Under /status_interfaces.php, I see the following values:
igb1:
IPv4 address   192.168.100.1/24
IPv4 gateway   auto-detected: 192.168.100.1
IPv6 link-local   fe80::2e0:67ff:fe2a:72e4/64
IPv6 address   2003:e7:1f0c:8e00:2e1:37ff:fe2a:72e4/56

igb1 (lan) is configured with:
IPv6 Configuration Type - Track Interface
IPv6 Interface - WAN

wan:
DHCP           DHCPv6 up 
PPPoE                up
MTU                    1492
IPv6 link-local   fe80::2e0:67ff:fe2a:72e3/64
IPv6 address   2003:e7:1fff:d24:2e1:37ff:fe2a:72e3/64
IPv6 prefix   2003:e7:1f0c:8e00::/56
IPv6 gateway   auto-detected: fe80::224e:71ff:fe11:2cfe

My IPv6 configuration for WAN follows the DHCPv6 instructions in the docs (https://docs.opnsense.org/manual/ipv6.html):
IPv6 Configuration Type - DHCPv6
Request only an IPv6 prefix - yes
Prefix delegation size - 64
Send IPv6 prefix hint - yes
Use IPv4 connectivity - yes
Use VLAN priority - Disabled

How can I go further to debug this? Why does my LAN (igb1) has a /56 IPv6 address, when WAN has a /64 IPv6 address?

The same is reported here on Reddit (https://www.reddit.com/r/OPNsenseFirewall/comments/w0mk04/opnsense_ipv6_doesnt_always_delegate_to_56/), for the exact same ISP (Telekom).
Title: Re: IPv6 - radvd:prefix length should be 64
Post by: bartjsmit on July 30, 2023, 09:01:12 AM
Try with setting your WAN to request a /56 and pick a static /64 for LAN out of your /56 range - any of the 255 subnets in there.
Title: Re: IPv6 - radvd:prefix length should be 64
Post by: Gromhelm on July 30, 2023, 10:15:06 AM
Yes! That was it - I had to set the Prefix to /56, as Telekom apparently hands out 56 Prefixes:
https://www.heise.de/news/Details-zu-IPv6-ueber-Telekom-DSL-1762367.html

I used the standard ID 0 for my LAN subnet and it works! Note that I had to completely restart my OPNsense.

Thank you very much, @bartjsmit
Title: Re: [Solved] IPv6 - radvd:prefix length should be 64
Post by: franco on July 30, 2023, 11:28:07 AM
radvd is correct as it requires a /64 for SLAAC to operate. You don't set /56 anywhere or be aware that if you do it will be treated as /64 which is what happens and I think 23.7 is more strict in enforcing this (unless a /128 is set).


Cheers,
Franco
Title: Re: [Solved] IPv6 - radvd:prefix length should be 64
Post by: Gromhelm on July 30, 2023, 01:55:15 PM
Thanks for the clarification. There were a lot of changes and bug fixes to IPv6 recently and it is difficult to find the correct answers, as everybody seems to have different issues.
Text only | Text with Images