1
23.7 Legacy Series / Enabling IPv6 Track Interface creates an erroneous gateway
« on: January 12, 2024, 07:41:27 pm »
Hi,
New user, and I'm sure I messed something up when starting out with OPNsense, but I can't for the life of me think of what.
In short: My ISP recently got support for routing IPv6 to my home. I've played around with Hurricane Electric's Tunnelbroker 6in4 tunnels before, the difference to my current setup being that I received static IPv6 ranges from them, while my current ISP gives me a /56 range via DHCP.
I played around with some settings before realizing I didn't fully understand what I was doing when receiving an address space over DHCP, at which point I - at least that's what I hoped - reset the changed settings back to their defaults, and then read up a bit on how things actually work.
My network consists of multiple VLANs, for my base network equipment, clients, and servers.
I have gradually enabled IPv6 with "track interface" style IPv6 configuration, configured to track my WAN interface, and with a prefix ID based on my respective VLAN numbers. In addition to this, I've turned on manual adjustment of DHCPv6 and RA for each of my networks. Almost all of this works exactly the way I expect it to, with one strange exception:
When I turn on Track Interface (WAN) for my Servernet VLAN, OPNsense automatically creates a new gateway for me, "SERVERNET_TRACK6", which steals the default route for IPv6 traffic, rendering the protocol useless in my LAN. If I attempt to remove it, it gets automatically re-created, so no luck there. However, if I edit the new gateway and set it as Disabled (along with marking it as down, etc, but that perhaps isn't necessary), the original WAN_DHCP6 takes back control and IPv6 starts working in my network again.
I have tried un-configuring the Servernet VLAN and setting it up again without any change to this behavior.
So after this little wall of text, my question is: How did I end up in a situation where this gateway device gets auto-created? And how can I make sure it can be removed and doesn't pop up again?
New user, and I'm sure I messed something up when starting out with OPNsense, but I can't for the life of me think of what.
In short: My ISP recently got support for routing IPv6 to my home. I've played around with Hurricane Electric's Tunnelbroker 6in4 tunnels before, the difference to my current setup being that I received static IPv6 ranges from them, while my current ISP gives me a /56 range via DHCP.
I played around with some settings before realizing I didn't fully understand what I was doing when receiving an address space over DHCP, at which point I - at least that's what I hoped - reset the changed settings back to their defaults, and then read up a bit on how things actually work.
My network consists of multiple VLANs, for my base network equipment, clients, and servers.
I have gradually enabled IPv6 with "track interface" style IPv6 configuration, configured to track my WAN interface, and with a prefix ID based on my respective VLAN numbers. In addition to this, I've turned on manual adjustment of DHCPv6 and RA for each of my networks. Almost all of this works exactly the way I expect it to, with one strange exception:
When I turn on Track Interface (WAN) for my Servernet VLAN, OPNsense automatically creates a new gateway for me, "SERVERNET_TRACK6", which steals the default route for IPv6 traffic, rendering the protocol useless in my LAN. If I attempt to remove it, it gets automatically re-created, so no luck there. However, if I edit the new gateway and set it as Disabled (along with marking it as down, etc, but that perhaps isn't necessary), the original WAN_DHCP6 takes back control and IPv6 starts working in my network again.
I have tried un-configuring the Servernet VLAN and setting it up again without any change to this behavior.
So after this little wall of text, my question is: How did I end up in a situation where this gateway device gets auto-created? And how can I make sure it can be removed and doesn't pop up again?