OPNsense Forum

Archive => 18.7 Legacy Series => Topic started by: ovv on January 23, 2019, 07:11:30 pm

Title: IPv6 Far Getway
Post by: ovv on January 23, 2019, 07:11:30 pm

Hello,

I'm looking into setting up IPv6 on an virtualized opnsene @OVH. For IPv4 I need to enable "Far Gateway" as the gateway is outside the subnet and that works fine. For IPv6 the gateway is also outside the subnet (See https://docs.ovh.com/gb/en/dedicated/network-ipv6 (https://docs.ovh.com/gb/en/dedicated/network-ipv6) ) but I keep getting:

Quote

The gateway address "xxxx:xxxx:xxxx:xxFF:FF:FF:FF:FF" does not lie within one of the chosen interface's IPv6 subnets.

I'm probably missing a simple thing, I'm fairly new with IPv6 and can't figure out what

Thanks for the help

Title: Re: IPv6 Far Getway
Post by: franco on January 23, 2019, 07:14:46 pm

Hi,

Far gateway doesn't work in IPv6. You need to set your WAN to "include" the gateway in the subnet. Looks like /56.


Cheers,
Franco

Title: Re: IPv6 Far Getway
Post by: ovv on January 23, 2019, 09:44:23 pm

Couldn't get it to work even with setting it to /56.
It looks like OVH is doing some weird things with IPv6, not sure if this setup can work

Title: Re: IPv6 Far Getway
Post by: ovv on January 23, 2019, 10:46:44 pm

Ok got it. I forgot to allow IPv6 on the firewall.

Is there any plan to allow far gateway for IPv6 in the future ?

Title: Re: IPv6 Far Getway
Post by: franco on January 23, 2019, 11:23:10 pm

From multiple experiments with the BSD IPv6 implementation it looked like the stack refuses to use a gateway that does not lie within its own configured IPv6 subnet. This might be due to the assumption that there is no NAT so everything shall be reachable/attached directly.

In most cases it is better to use a link-local gateway to side-step these issues. But that is for the ISP to decide...

Glad you got it working, though. :)


Cheers,
Franco