Messages

To anyone that finds this thread facing a similar problem....

OPNsense 24.7.3_1-amd64
FreeBSD 14.1-RELEASE-p3
OpenSSL 3.0.14

Go to Services > Router Advertisements > (Interface) > Uncheck Advertise Default Gateway

That has fixed the problem for me. Hopefully that helps others  :)

I slowly want to work my way to full IPv6 deployment which is why I was just starting with the LAN (VLAN 1). I can throw my desktop on it to test. However, given that everything else stops working it's kind of a showstopper at the moment  :-\

Now with just the Opnsense configured with a static IPv6 address (no DHCPv6/SLAAC yet) out of one of the /64s is when this stops working. I have confirmed that the /64 does NOT overlap with the DMZ one as well.

DMZ: 2001:470:XXXX::/64
LAN: 2001:470:XXXX:1::/64

I have setup a connection to Hurricane Electric's TunnelBroker to start using IPv6 in my network for the first time in a couple years. I'm lucky to have a legacy account and still have access to a /48. I am able to get one of the /64s working with a DMZ interface on my Opnsense and I don't have any issues with things in that interface/VLAN.

However, when I configure another /64 IPv6 on my LAN interface all IPv4 traffic EXCEPT for things directly on the LAN (VLAN 1) stop working. Here is a basic diagram of the connectivity between my Opnsense and switch.



My switch is the default gateway for all the VLANs listed and then traffic gets routed to the Opnsense via the default route the switch is receiving. While IPv6 is enabled on the LAN interface, BGP is still functioning and I am still sending/receiving routes on both ends.

My desktop is hard-wired to the switch and lives on the LAN VLAN (1). It does not have IPv6 configured/enabled and this continues to work when v6 is configured on the Opnsense LAN interface. However, all other devices on all other VLANs (Management, Servers, IoT and Wireless) stop working. For example, my laptop is on the wireless VLAN and it just stops working. A traceroute shows that it does hit the default gateway (10.0.5.1) but does not get past that. The moment I set IPv6 back to disabled on the LAN interface AND reboot Opnsense, everything starts working again. Note there, I MUST restart Opnsense to get this working again, if I don't restart things continue to not work.

Now given that I must reboot Opnsense after disabling IPv6 on the LAN interface leads me to believe this is an issue with Opnsense hence why I am posting here.

A couple steps I've taken...
1. Ensure prefer v4 over v6 is enabled
2. Configure v6 firewall rules to allow all traffic
3. Disable v6 on DMZ and try only on LAN
4. Ensure Opnsense is fully up to date + plugins

These steps have not fixed the issue and I'm a little stuck. Does anyone else have thoughts on what this could be or where to start troubleshooting?