Messages

I've seen mine lose their IPv6 address and delegated prefix, but usually can't get it back without turning everything off, and then waiting a while before turning it back on.


Sent from my iPad using Tapatalk

Is it possible to use network prefix translation for IPv6 when multi-wan failover is configured, and both ISPs are delivering IPv6 addresses (and delegated prefixes) via DHCP? The config page for NPTv6 appears to want a static WAN prefix, which may change depending on the wan failover gateway.

I am also having problems with Zoom dropping my outbound audio. I'm starting to suspect some UDP session or NAT mapping problems are causing both issues. Did NAT mapping change in a big way in this newest release?

On 20.7 (and perhaps prior release) I am unable to reliably use AT&T WiFi calling on iOS. I've attempted to set up static NAT rules for ports 500/4500, but outbound audio drops after a few seconds regardless of settings used. I'm also on AT&T uverse/fiber behind their residential gateway, but OPNsense has the public IP address.

Does anyone have AT&T WiFi calling working behind OPNsense, especially if they're also on AT&T u-verse or fiber? Can someone explain how one gets this working?

Yes, this worked on 20.1 without any workarounds.

I was looking for a non-prod example, but the domain

Code Select Expand

build.shipstation.com is in a 10.0.0.0/16 subnet, and the latest unbound on OPNsense returns an empty answer. Other entries in the domain, such as

Code Select Expand

ss.shipstation.com work fine via unbound.

I know mixing public and private entries on a zone is not a great practice, and hosting private entries on a public zone isn't either, but this mess has been in place for too many years to start changing...

Is there any way, via the interface, to disable rebinding protection, maybe for specific domains?

Let me explain better... for example, if I have two hostnames:

public.example.com A 1.1.1.1
private.example.com A 10.0.0.42

Unbound returns the proper response for public.example.com, but returns an _empty_ response for private.example.com.

Prior to 20.7, I was running Unbound, and it would properly resolve and return _public_ DNS entries that pointed to _private_ IP address ranges (in a 10.0.0.0/8 subnet). After upgrading to 20.7, public IPs resolve fine, but any dns entry containing an address in a private address space returns no result. It does _not_ return nxdomain, just an empty response.

Yes, I've tried that. That appears to work. However, when I go to set the other interfaces to track the wan interface, OPNsense complains that the prefix is already in use. I can't assign the prefixes to other interfaces.

AT&T U-Verse has an odd habit of only handing out /64 IPv6 prefix delegations, but I can request 8 of them. I am trying to follow the advice of this article, but cannot get additional interfaces working. I get an error in the UI that the PD prefix is already in use. Is there any way to manually bypass this check?

https://forums.att.com/conversations/att-fiber-equipment/ipv6-prefix-delegation-to-3rd-party-router-not-working-2020-edition/5e98da19fd08354359ccd447?commentId=5e9b3ea5758fed7722fd4361&replyId=5eb1a6b372a09d7a3fc8f1fb

I read some trials and tribulations getting the prior version on a RPI 3, but has there been any effort to get this on a Pi 4? Is that desirable for this release?