"
I use 64:ff9b::/96 instead of a ULA. It's meant for NAT64 so there will be no conflict on the Internet. Most operating systems treat it as a GUA and prefer it over IPv4, unlike a ULA.
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#1
24.1, 24.4 Legacy Series / Re: Dynamic IPv6 prefixes / dynamic DNS / VPN: Handling via NPTv6?
September 12, 2024, 08:49:07 AM #2
General Discussion / Firewall Rule to Match /64 Routed Subnet With Dynamic Prefix
August 13, 2023, 03:11:05 AM
OPNsense gets a /60 dynamic prefix from the ISP and delegates a /61 to a downstream L3 switch. Appropriate routes are created for the /61. The switch uses one /64 subnet per VLAN from the /61. How do I create a LAN interface firewall rule that matches an entire /64 source subnet with a dynamic prefix?
I want to create separate rules for each source subnet below.
::0:0:0:0:0/64
to
::7:0:0:0:0/64
The rule should ignore the last 64 bits, and merge the first 64 bits with the /60 dynamic prefix to match the specified subnet.
I want to create separate rules for each source subnet below.
::0:0:0:0:0/64
to
::7:0:0:0:0/64
The rule should ignore the last 64 bits, and merge the first 64 bits with the /60 dynamic prefix to match the specified subnet.
Pages1
