is there any way to have opnsense give out RAs for my ULA when WAN is down then return to giving GUA and ULA when WAN is back up? my goal is to have a functional local ipv6 network even if my internet is down
You can configure the LAN interface to track the WAN and add a ULA virtual IP (/64 IP alias). radvd will advertise both: The tracked GUA and the static ULA.
Cheers
Maurice
Quote from: Maurice on February 05, 2025, 02:01:50 AMYou can configure the LAN interface to track the WAN and add a ULA virtual IP (/64 IP alias). radvd will advertise both: The tracked GUA and the static ULA.
Cheers
Maurice
last i tested it that seems to only advertise a ULA when it also gets a GUA from WAN but i changed some settings since then and haven't had time to test again. are you sure that works even without a PD from your ISP like if your internet is down?
Haven't tested it in a long time either. I think this has been fixed at some point, but I'm not entirely sure. Try it. If it doesn't work, I'd consider it to be a bug.
It works when Router Advertisements are set to unmanaged.
Quote from: meyergru on February 06, 2025, 01:27:04 PMIt works when Router Advertisements are set to unmanaged.
I'm fairly sure hat DHCPv6 can not advertise more than one address range.
Unmanaged actually means that no DHCPv6 is in place. I know for a fact that SLAAC can advertise more than one range.
Maybe (IDK) the fact that DHCPv6 cannot advertise more than one range is the reason why RA settings other than "Unmanaged" that allow or call for DHCPv6 besides SLAAC also disable router advertisements of the VIP range alongside.
Matter-of-fact, the ULA is only visible in /var/etc/radvd.conf if "Unmanaged" is chosen for that interface.
Quote from: meyergru on February 06, 2025, 04:46:07 PMMatter-of-fact, the ULA is only visible in /var/etc/radvd.conf if "Unmanaged" is chosen for that interface.
Sure about that? I added a ULA alias to my guest network as an experiment. It's (still) configured as "Assisted", and both the ULA and the GUA prefixes are there in radvd.conf. Note that if you add an alias (VIP), radvd won't be immediately updated - I had to go to the RA service settings in the UI and "Save" (without changing anything) to get it to happen.
I haven't tried a scenario where the GUA came from tracking a WAN interface that then went out of service (yet).
Not entirely, but I had "Stateless" and it disappeared. I cannot easily make the GUA disappear, but at least the ULA will remain, so your local IPv6 connectivity should work anyway. Even if all devices still thought that their old GUA still was available, it should work fine, because those should work locally as well.
So, I think it is less about if the GUA disappears but if the ULA is always there, or am I wrong?