Messages

Holy hell I think I have it all working!

Yah, the dns thing is going to irk me.  I understand that dns servers on ipv4 can return ipv6 addresses etc ... I just want to make sure my clients are using my pihole, cuz ... I'm a dork like that.  LOL

Yes, I enabled Allow manual adjustment of DHCPv6 and Router Advertisments, as I want to give the clients my PiHole as DNS, not my ISP's.

That being said, I had turned everything off (Ipv6 on the wan and everything).

Started setting everything back up ... but I did NOT turn on the Allow Manual Adjustment. 

Win11 box got an ipv6, I started ping -t -6 google.com and let it go.  Was a bunch of requests timed out, but then all of a sudden it started working!!!!!

Tested another machine, it worked!!  But I was getting my isp's DNS servers, so I turned on Allow Manual Adjustment, and now everything is broke again rofl.

I've turned it back off, but I am still not able to ping out anymore.  Clearly I'm doing something wrong, or my stuff is broke.

So I talked with Spectrum, and it looks like they are giving me a /56.  I don't need that many, so I changed it on my WAN interface to give a me a /60.

In the LAN section, I  set it to Track Interface, WAN, and the IpV6 prefix id of 1.  This should give me a /64, and it appears that it did.

It looks like my Win11 machine is getting an Ipv6 address.  So I  tried to ping... nothing.  Request timed out.

Then, out of no where, it just started working.  WTF?   Ping -t -6 google.com started working.    I got all excited.   

Thought ok, I did something right.  So I went to my IOT interface, enabled Ipv6 Tracking, WAN, IpV6 prefix id of F (put it on the other end of a /64 was my thought).   

Now nothing works again.  I even turned off IPv6 on my IOT interface, but LAN still does not work.

I can ping just from the Opnsense box... but trying to ping from a client on the LAN (windows 11) doesn't work.  I can Ping the ipv6 interface of the Opnsense box.  I can try to traceroute, but it dies right after the first hop (which is the ipv6 interface of the Opnsense box).

Granted, I'm a big newb to ipv6, but this seems like it's straight forward, lol

Got it.  OK cool.

So I've put in, on my WAN interface, Prefix Delegation Size and checked Send IPv6 prefix hint.   I've tried both 60 and now 56.

The screenshot of the overview of my WAN shows it looks like I'm getting a /60 ... but I can also get a /56 it seems.

So I'm assuming Spectrum is handing me a /60 or /56 if I ask for it?

Yep ok awesome, that makes sense.    So in terms of IPv6, a /64 is the same as saying a /24 in ipv4?  It's just 1 network?

I took a screenshot of the Overview of my WAN interface, hoping it might help?

Hello all;

So I decided to try to deep dive into IPV6. I have Spectrum as my isp, and they are giving me WAN an IPV6 address.I went to my WAN interface, did a 60 for the prefix delegation size, and check Send IPv6 prefix hint.This appears to work... at first the prefix delegation was 64.

After that, I went to my LAN interface, set IPv6 to Track Interface, and then under the Trace Interface, I set it to WAN with a Prefix ID of 1. Once I get this working my IOT vlan will be a prefix id of 2 etc. I also checked the box for Allow manual adjust of DHCPv6 and RA.

Then I went Services -> RA. I first tried it Unmanaged for just SLAAC. I eventually want to static a couple of servers with ipv6, so I ended up changing it to Assisted. Neither of them worked, so I don't think this was the issue.Advertise Default GW was checked, and for DNS config, I put the linklocal ip of my pihole box in the server list.

I was able to get an ipv6 on my Windows 11 computer. It would _always_ report no internet access. No matter what I did, I was never able to ever have it SHOW it had a dns server for ipv6, but not sure that matters as dns was resolving ipv6 names.

if I went to ipv6test.google.com it would tell me No problems, but I'm not using Ipv6. test-ipv6.com would also always fail.

If I went to command prompt and ran tracert -6 google.com, the first hope was the ipv6 ip of my Opnense Box (NOT the link local, it was the Ip from my ISP) and then dead.

I was never able to ping out or traceroute out. Yes I have firewall rules and it appeared I was passing traffic, but never got anything back.... and the test sites where saying I don't have ipv6 and Windows 11 kept saying I had no Interenet Acces w/ IPV6.

IPV6 ping test _FROM_ Opnsense worked. Only my Lan Clients seemed to be effected.

Not sure what I'm missing. I'm assuming maybe it's a route issue ???

I saw a couple of guides that say I need a floating rule for ipv6 icmp .. I've added that etc and it never seems to make a difference.   If I live watch the logs I do see the traffic getting passed by a IPv6 RFC4890 requirememets (ICMP)" ... so I assume that is old info/guide info?

I can get screenshots etc if that would help. For now I've disabled ipv6 on my LAN.
Thanks!