Text only | Text with Images

OPNsense Forum

English Forums => General Discussion => Topic started by: fakebizprez on November 30, 2024, 03:24:06 PM

Title: radvd | prefix length should be 64 for ix0
Post by: fakebizprez on November 30, 2024, 03:24:06 PM
Code Select

+---------------------------+----------+---------+--------------------------------+
| Time                      | Severity | Process | Message                        |
+---------------------------+----------+---------+--------------------------------+
| 2024-11-30T08:13:55-06:00| Warning  | radvd   | prefix length should be 64 for ix0 |
| 2024-11-30T08:10:31-06:00| Warning  | radvd   | prefix length should be 64 for ix0 |
| 2024-11-30T08:09:52-06:00| Warning  | radvd   | prefix length should be 64 for ix0 |
| 2024-11-30T08:05:14-06:00| Warning  | radvd   | prefix length should be 64 for ix0 |
| 2024-11-30T08:03:08-06:00| Warning  | radvd   | prefix length should be 64 for ix0 |
+---------------------------+----------+---------+--------------------------------+


Live Logs...this came out of nowhere, I haven't messed with a config or touched a machine in a few days.
WAN is set to DHCP, LAN is set to Track WAN interface. Always has been like that.  ISP issue?
Title: Re: radvd | prefix length should be 64 for ix0
Post by: Patrick M. Hausen on November 30, 2024, 04:32:20 PM
Is ix0 WAN or LAN? What prefix length is configured?
Title: Re: radvd | prefix length should be 64 for ix0
Post by: fakebizprez on December 01, 2024, 09:57:51 AM
My apologies, Patrick. ix0 is for LAN, ix1 is for WAN, and there is another interface for the Wireguard plugin.

I believe I know what caused this. Somehow in the DHCP4 settings, my subnet route changed to end at .240 instead of .254.

Despite me remedying that in the GUI and going into the terminal to reconfigure the interface and subnet, my prefix length is still /60. My WAN IPv6 is 128 and, for what it's worth, they have completely different IPv6 addresses (not sure if that's out of the ordinary).
Title: Re: radvd | prefix length should be 64 for ix0
Post by: Patrick M. Hausen on December 01, 2024, 10:07:06 AM
You have prefix length /60 configured on LAN? That's not correct. All interfaces must be /64 or /128.
Title: Re: radvd | prefix length should be 64 for ix0
Post by: meyergru on December 01, 2024, 10:11:27 AM
Your IPv4 prefix length has nothing to do with IPv6.

It is perfectly fine that the WAN (IA-NA) and other prefixes (IA-PD) prefixes differ. Usually, IA-NA is one /128 IPv6 and IA-PD is /56 - or at least something bigger than /64.

One /64 subnet out of the IA-PD prefix is what you need for SLAAC / RADVD to work for any (V)LAN, therefore the warning. IDK how you got a /60 there. If you just configure your (V)LAN to "track interface" and choose a prefix ID (which will control which of the available prefixes your LAN will get), you should get one specific /64 IA-PD prefix and 64 bits available for EUI-64 via SLAAC.

Maybe you have a static prefix and configured something else than "track interface"? If you configure it manually, you will have to use /64.
Title: Re: radvd | prefix length should be 64 for ix0
Post by: fakebizprez on December 02, 2024, 06:25:09 PM
Good Morning, Gentlemen, and thank you for the detailed response @Meyergru

I wanted to speak with some of my fellow AT&T Fiber Users before responding, and it appears that AT&T does not issue  a/64 prefix to their Residential users.

Quote
LAN subnet should be /64 indeed.
If your ISP give you a Prefix delegation of /60 then you can create 16 /64 with it for you to create LAN and VLANs.
When you set your LAN IPv6 and choose Track Interface, at the bottom of the config page you will choose WAN as the tracked interface and OPNsense will ask you to set the "Assign prefix ID" this is the id that will define the /64 within the /60 you were delegated the control of.

For example you ISP give you a Prefix Delegation of 2001:db8:1111:2220::/60
In the LAN configuration the prefix id will define that last 0 in hex, from 0 to F: 16 possibilities.

Your ISP will route that /60 to your WAN IPv6 address that they give you through their DHCPv6 probably.
Code Select
 
LAN :   2001:db8:1111:2220::/64
IoT :   2001:db8:1111:2221::/64
Guests: 2001:db8:1111:2222::/64
OPT1:   2001:db8:1111:2223::/64
OPT2:   2001:db8:1111:2224::/64 

Any thoughts on this is before I proceed?

Title: Re: radvd | prefix length should be 64 for ix0
Post by: meyergru on December 02, 2024, 06:45:41 PM
No problem, it will work like that. Any subnet will have /64 then and each has a different prefix. You only have 16 prefixes with /60 instead of 256 with /56, but that should do.
 
Title: Re: radvd | prefix length should be 64 for ix0
Post by: Patrick M. Hausen on December 02, 2024, 06:46:04 PM
The give you a /60 so you can run up to 16 interfaces. Each individual interface must have a /64 from that /60.
Title: Re: radvd | prefix length should be 64 for ix0
Post by: fakebizprez on December 03, 2024, 02:26:50 AM
Going to Interfaces --> WAN, then making the changes that are on the attached screenshot gave me these results:


Code Select

LAN
XXX:XXXX:XXXX:XXXX:a236:9fff:fea4:191c/64
WAN
XXX::XXX:XXX::XXX:191d%ix1/64


Shouldn't the WAN be a /60 now?
Title: Re: radvd | prefix length should be 64 for ix0
Post by: Patrick M. Hausen on December 03, 2024, 09:18:51 AM
No. No interface ever has anything but a /64 in IPv6. If you create OPT1, OPT2, ... and set them to "track" they will get different /64s from your /60.

"/60" is just a way to write "you get 16 /64 from your ISP."
Title: Re: radvd | prefix length should be 64 for ix0
Post by: franco on December 03, 2024, 11:13:50 AM
Since radvd complains I wonder what is in /var/etc/radvd.conf ?

Further code context: https://github.com/opnsense/core/commit/54f2ed4fa703c


Cheers,
Franco
Text only | Text with Images