Messages

I'm interested in sending DHCP leases (IPv6 & v4) to MQTT. I know how to send them but I need to know how I can get notification pf DHCP leases. Any thouhgts?

I'm using noip.com and I ran into the same issue and I changed the cmd line in /usr/local/etc/ddclient.conf

```
daemon=300
syslog=yes                  # log update msgs to syslog
pid=/var/run/ddclient.pid   # record PID in file.
ssl=yes
#ssl=no

# re0 is the Inet interface
use=cmd, cmd="/usr/local/opnsense/scripts/ddclient/checkip -i re0 -t 0 -s noip-ipv4",
protocol=noip, \
login=nom@example.com, \
password=NunAYurBusiness \
example.ddns.net
```

Once I switched it from -t 1 to -t 0 it started working.

I'm a bit confused as to how to proceed. IPv6 is going to require that I start thinking differently. I have an SSH server on my LAN (with IPv6) and I'd like to be able to access it from the Internet. I know not to think of this in NAT terms but how do I open up the firewall to access that server? The IPv6 address isn't really static and I don't want to open up the entire network to SSH. I could assign and different port on the server for SSH. Can anyone point me in the correct direction?

... then if i set the prefix to 56 and add track 6 on the internal vlan interface...using 0x0..and...nothing.  ...

@hescominsoon, did you try 0x1 instead of 0x0? I had to change mine on each interface. 0x0 didn't work for me. I incremented for each LAN I added under IPv6.

Thanks :-)

Most ISPs that use DHCP6 only provide a /128 on the WAN, that is if they even provide a GUA address at all, some will not even provide that, instead relying on a link-local address between your WAN and the ISP BNG. Routing will still work as Opnsense uses the default route via the WAN interface, even if it is link-local, to route packets out to the ISP BNG. Therefore do not assume you will always see a GUA address on the WAN.

BNG - What is that? Sorry this level of IPv6 is new to me.

GUA - Global Unique Address.

I am fortunate, I now have a GUA and I do see Opnsense using the link-local as the default route. Not sure what issue hescominsoon is running into.

You cannot set up an interface with /60 in IPv6. All interfaces are /64. Always. You might get a /60 (I get a /56) via prefix delegation but you can only use individual /64s out of that range on your interfaces.

Ah, sorry, poorly worded on my part.

On the WAN interface I set  "Prefix delegation size" to /60. But WAN will get a /128, the LANs (which are tracking the WAN) will get /64.

And now the really strange part, routing is working! I have at least 2 of my servers able to reach IPv6 and the IPv6 test site (ipv6-test.com). I need to work on a third. I have to turn off IPv6 on a third server as it was having issues with IPv6. :-)

I setup my WAN with a /60, prefix hint and dhcpv6. Someone suggested consumer IPv6 only gets /60 not /64 like the commercial accounts. I've setup my LAN interface to track the WAN interface and set the IPv6 Prefix ID to 1 for the first interface (and 2 for the second LAN). Now I have IPv6 addresses on both interfaces. But I'm a bit confused as the networks don't match the WAN interface or the dhcp6dump interface. I have 2001:... on the WAN and in the dump. But I have 2601:... on the LANs. Hmm, they do belong to Comcast (my ISP) so that checks. But when I attempt tp ping6 google.com from the LAN hosts, it stops at the router's LAN interface (I used traceroute6 to figure that out). Now I'm stuck, but at a new place.

Probably because you have configured DHCPv6 for LAN

Is OPNsense sitting behind an ISP router? Possible that the ISP router is pinching the prefix

I don't think so, I had IPv6 working with pfsense. My cable modem's routing and WiFi are disabled. I switched to get support for a Realtek NBaseT card that pfsense won't support.

Now it is possible that I have Opnsense setup incorrectly. The current version is a bit different than the GUI dicussed on most of the search responses.

....
I've seen several message that suggest changing settings under Service > Router Advertisements but I don't have the menu option.
...

You need to tick "Allow manual adjustment of DHCPv6 and Router Advertisements" in the LAN interface option to see Router Advertisements.
...

I do not have that option  on the Interface > LAN page

Was going to start a similar sounding thread but will post here. I should do otherwise, please let me know.

I was going to title mine:
Trying to get IPv6 working, can't find Services > Router Advertisement

I have my LAN (/64) and WAN (/56) set to dhcpv6, set Send IPv6 prefix hint & not set Use IPv4 connectivity (Xfinity). The WAN gets a /128 IPv6 address but that's it. Nothing on the LAN or the OPT1 interface (not important).

I've seen several message that suggest changing settings under Service > Router Advertisements but I don't have the menu option.

Versions   OPNsense 22.1.1_3-amd64
FreeBSD 13.0-STABLE
OpenSSL 1.1.1m 14 Dec 2021

CPU type   Intel(R) Xeon(R) CPU E3-1270 v3 @ 3.50GHz (4 cores, 8 threads)

My IPv4 is still working so I'm not in a rush but I'll help out if I can.

Thanks

Thanks Franco, RedVortex, that solves the problem. I now have re0 and 2.5G media setting.

Solution: install the os-realtek-re plugin

Can your issue be related to this release note ?

o The Realtek vendor driver is no longer bundled with the updated FreeBSD kernel.  If unsure whether FreeBSD 13 supports your Realtek NIC please install the os-realtek-re plugin prior to upgrading to retain operability of your NICs.

Oops, looks like I deserve a public whipping with a cat6-o-802.3 tails  :-[

Thanks, I'll install the os-realtek-re. I had installed the if_re package about a week ago and it was working. Didn't think to read the release notes for drivers updates.

Last night I saw that there was an update (from 22.1 to 22.1 ?) to various software and decided to run the update. Well that didn't go well. Seems my if_re.ko was removed from the /boot/loader.conf (I've put it in /boot/loader.conf.d/if_re.config). This lead to all sorts of problems as re0 was my WAN.  :'( Any I can't quite restore from a backup as I can't get re0 to be recognized. Can anyone suggest how I go about diagnosing this problem. I'm new to OpenBSD and so far I know I can see the card:

Code Select Expand

none2@pci0:3:0:0:       class=0x020000 rev=0x00 hdr=0x00 vendor=0x10ec device=0x8125 subvendor=0x10ec subdevice=0x0123
    vendor     = 'Realtek Semiconductor Co., Ltd.'
    device     = 'RTL8125 2.5GbE Controller'
    class      = network
    subclass   = ethernet


Not an emergency as I've fallen back to a 1G interface so I can reach the internet just can't get re0 up.