OPNsense Forum
Archive => 20.7 Legacy Series => Topic started by: hidef on February 16, 2021, 01:06:56 am
-
Hello, I have a 4 NIC router running 20.7 OPNsense and I am trying, without luck, to create an IPv6 only network on one of the interfaces (OPT2) to connect my Xboxes so I can game on both at the same time.
I have Comcast Xfinity and here is my IP arrangement (sorry I don't really know anything about IPv6 and the more I read the worse it's getting).
OVERVIEW OF INTERFACES
WAN INTERFACE
-IPv6 IP 2001:xxxx/128
-Delegated prefix of 2601:xxx/60
-Gateway fe80
OPT2
-IPv6 IP 2601:(matches del prefix)
-fe80 local link add
COMPUTER/XBOX
Computer pulls a 2601:: address
Xbox does NOTHING, will not pull an IPv6 address
INTERFACES SETUP
WAN
IPv6 Config Type = DCHPv6
DHCPv6 client config
prefix deleg size =60
no boxes checked
OPT2
IPv4 config - none
IPv6 config - TRACK INTERFACE
IPv6 Interface - WAN
DNS - google IPv6 servers upstream on WAN_DHCP6
Firewall rules - (I cannot get these figured out, I've tried so many)
PASS IPv6 * OPT2 net * * * * *
PASS IPv6 * fe80::/10 * * * * *
It appeared to be blocking some local multicasting and originally had NO rules setup other than the "Allow access to DHCPv6 server auto gens"
NOTES:
I can ping off WAN & OPT2 to internet. Computer / Xbox does NOTHING - it's DOA.
Sorry I don't know more technically about how to shape this scenario, but I have not found any info after hours and hours of reading & searching. I assume there are probably multiple problems that I can't figure out how to resolve or even make steps toward completing.
Thank you,
HiDef
-
*********UPDATE*********
I have gotten internet access now, but DNS issues abound. Resolves many address, fails to resolve about 50%. Not sure why... Will watch firewall logs.
For future reference if anyone stumbles onto thread:
Firewall settings[OPT*]: (the only one besides auto generated - I assume this gets my connection to internet)
PASS IPv6 * OPT2 net * * * * *
INTERFACES
[OPT*]
TRACK IPV6 INTERFACE
Must select **Manual Configuration**
Setup SERVICES
DHCPv6
Enable DHCPv6 Server
Add a "Range" ex - ::1:2:3:4 - ::1:2:3:9
SERVICES
ROUTER ADVERTISEMENTS
Select Managed
Priority = High
-
Change the Router Ads to Assisted. If you use managed then you'll definitely find that Android devices will not get a v6 address as they don't do dhcp6, it may be the same for XBox. You shouldn't need to use manual configuration, left to auto it will use assisted. If that's not working then you need to check the config files var/etc/radvd.conf and /var/dhcpd/etc/dhcpd6.conf, post them and we'll try and work out what's not playing nicely.
Not all sites support IPv6, that's why generally it auto falls back to IPv4 if it cannot find the AAAA record of the site. Easiest way to test that is from your PC using nslookup.
-
Thank you. I will look into the "auto" mode. It definitely was NOT working until I used the manual config (even with a Win10 PC), so not sure what happened there. It was even passing an IP (global) to my computer but for some reason had no internet connectivity.
As it turns out, Xbox is NOT capable of IPv6 only. You must use a dual-stack. It has been interesting having a temporary IPv6 network to play on. It's pretty much useless! I can surf to a handful of websites and some of the IPv6 testing points and that's about it. It makes me wonder about the long-term adoption of this standard and I must say it's pretty damn complicated! (at least to me - compared to IPv4)
I'm going to switch to dual stack to get XBox Live working and I will report back. Something is not quite right with my IPv6, a la the not functioning until put in manual mode. I suspect some sort of DNS issue or Radvd.
Thank you for your help. I will update.
UPDATE: Making progress - I have one xbox on my IPv6/IPv4 subnet & it *CAN* play with the other xbox with no errors. This looks promising and would work as a solution even as it stands. I'm going to attempt to get both Xboxes IPv6 address and put them on same subnet and see if there are any networking issues. Interesting note: the IPv6 xbox shows strict NAT... still no issues with any matchmaking or gaming (perhaps sort of a legacy piece of info hopefully!) I made zero attempts to setup uPnP or Port forwarding/NAT on my IPv6 network... still games fine so far.
-
marjohn,
Do these settings look right to you? I have disabled the DHCPDv6 Server and unchecked "Manual" config.
RADVD
# Automatically generated, do not edit
# Generated config for dhcp6 delegation from wan on opt2
interface igb2 {
AdvSendAdvert on;
AdvLinkMTU 1500;
AdvManagedFlag on;
AdvOtherConfigFlag on;
prefix 2601:xxxxxxxxxxx::/64 {
AdvOnLink on;
AdvAutonomous on;
};
RDNSS 2601:xxxxxxxxx { };
DNSSL hidef.lan { };
};
dhcpdv6
option dhcp6.domain-search "hidef.lan";
default-lease-time 7200;
max-lease-time 86400;
log-facility local7;
one-lease-per-client true;
deny duplicates;
ping-check true;
update-conflict-detection false;
authoritative;
subnet6 2601:xxxxxx::/64 {
range6 2601xxxxxx::1000 2601:3xxxxxxx::2000;
option dhcp6.name-servers 2601:xxxxxxxx;
prefix6 2601:3xxxxxxxx:: 2601:xxxxx::/63;
}
ddns-update-style none;
-
Yes those look OK.