Messages

Thank you for the prompt and clear clarification!

So, in other words, as long as IPv4 addresses are available, ULA is completely useless unless it is explicitly / exclusively specified as the destination address, without an IPv4 alternative. Once IPv4 is also a possible destination, ULA is not used.

I apologize for the repeated inquiry, but I still feel that I haven't fully understood it to 100%.

Example client has:

Dynamic Global Unicast Address (GUA) assigned by the Internet service provider (for client's communication with the IPv6 Internet).
Unique Local Address (ULA) for exclusive internal communication of the client, such as from Location A to the server at Location B (the server also has a ULA).
RFC1918 IPv4.
Now, if a DNS name points to an internal server (ULA + RFC1918 IPv4), and the clients have all three addresses as described above, which address is typically used for communication: IPv6 ULA or RFC1918 IPv4?

Okay, thanks for the clarification and help.

Thanks for the information. Does that mean OPNsense cannot be used as a central DHCP server in order to be able to supply DHCP relays via routed unicast?

Hello everyone,

I have a specific configuration question regarding OPNsense and I'm hoping someone here can assist me. In my network setup, I have a separate device that is connected to the OPNsense via VPN. This device is running an ISC-DHCP-Relay.

The relay is successfully forwarding requests over the VPN to the OPNsense. However, I am having trouble getting OPNsense to respond to these DHCP requests from the ISC-DHCP-Relay device. Could anyone advise me on how to configure the integrated DHCP in OPNsense to accomplish this?

Thank you in advance for any help or suggestions you can provide.

Hello pmhausen
and thank you for the helpful suggestion.

I was not aware of the issues with ULAs until now.

I will think about how I will implement IPv6 in my internal network in the future.

Thank you for the solution and your prompt response.

Hello everyone,

I am seeking your assistance in configuring IPv6 on OPNsense 23.1.7_3. Specifically, I would like to know how to assign IPv6 GUA addresses dynamically provided by the Internet provider and ULA addresses simultaneously on the LAN interface. Additionally, I would like to permanently assign the same ULA addresses to clients similar to DHCPv4.

Here is some more information on my setup: I have installed OPNsense in four private locations, each with at least one LAN interface (with an additional OPT interface in one location) and one WAN interface. Each WAN interface is connected to the Internet via PPPoE and receives a dynamic public IPv4 address. The Internet provider also provides a dynamic IPv6 address for each location via DHCPv6 and a dynamic /56 IPv6 network for use in the LAN.

In each LAN interface, I have assigned private IPv4 addresses (RFC 1918) and I use DHCPv4 to assign IP addresses to all devices in the LAN network. All devices can connect to the IPv4 Internet via IPv4 NAT. I have also configured SLAAC to assign public IPv6 addresses to every device in the LAN network so that they can access the IPv6 Internet.

The four locations are connected via wireguard VPN, and all LAN devices can communicate with each other via private IPv4 addresses. I have manually registred DNS names for all devices using A records.

Additionally, I would like all devices in the LAN network to communicate with each other via IPv6 ULA addresses since the GUA addresses are dynamic. I have set up virtual IPv6 ULA addresses on each LAN interface and assigned random IPv6 ULA addresses to all devices via SLAAC. However, I would like to assign specific IPv6 ULA addresses to each device manually and set the appropriate AAAA records for the names with the A records via DNS.

When I set up DHCPv6 on one of the LAN interfaces, only the GUA subnet is available, and not the ULA subnet. How can I configure DHCPv6 to make the ULA subnet available for selection, or even better, both the ULA and GUA subnets?

I would appreciate any help you can provide. Thank you very much!  :)

_c_v_