OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of eas »
  • Show Posts »
  • Topics
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Topics - eas

Pages: [1]
1
19.7 Legacy Series / IPv6 via 6rd on Centurylink problem: No route to host.
« on: October 26, 2019, 09:09:11 pm »
I've recently switched to OPNsense from OpenWRT as part of a switch from Comcast to CenturyLink.

I'm having trouble getting IPv6 (via 6rd) working on OPNsense 19.7_5 and I could use some help.

The problem:
  • I can't reach (HTTP, ping, traceroute) any IPv6 hosts beyond the OPNsense firewall/gateway from either clients, or the OPNsense box itself.
  • I can resolve IPv6 addresses for sites like Google.
  • Pings from client and OPNsense die with "no route to host"
  • Traceroutes from clients report one hop, the opnsense box, before complaining there is no route to host on the next hop.
  • Traceroutes from the opnsense box complain "no route to host"

My configuration:
  • I have a VLAN interface setup on the ethernet port connected to the CL ONT, which is a necessary part of bypassing the modem they provided.
  • I have my WAN interface configured to use a PPPoE tunnel for IPv4 and a 6rd tunnel for IPv6.
  • The PPPoE section is configured with the ISP login info.
  • The 6rd section is configured with the 6rd tunnel config info from the ISP (details below).
  • I've updated the automatically created Point-to-Point device to use the VLAN interface for the link interface.
  • The LAN interface is configured with a static address for the IPv4 configuration type, and "Track Interface" for the IPv6 configuration type.
  • The Track IPv6 section is set to use the WAN interface as the IPv6 Interface (WAN is the only available option). The IPv6 prefix ID is 0x0, which is what it defaulted to.
  • I have also chosen to allow manual adjustment of DHCPv6and Router Advertisements because if I didn't LAN clients weren't aware of a gateway on the LAN, and traceroutes failed immediately, complaining of no route to host.
  • Router advertisements are currently set to "Assisted"
  • I'm using default/autogenerated firewall rules for both IPv4 and IPv6 (includes "default allow LAN IPv6 to any rule")
  • Firewall:Settings:Advanced AllowIPv6 is checked
  • System:Settings:General Prefer to use IPv4 even if IPv6 is available is unchecked
  • I'm using autogenerated gateways (WAN_6rd, WAN_PPPOE). "Under System:Gateways:Single," a gateway address is listed for WAN_PPPOE but not for, WAN_6RD.

Further Details:
  • IPv4 works as expected
  • Clients obtain IPv6 addresses within the Centurylink Prefix

WAN 6rd Rapid Deployment Config settings
6RD prefix   2602::/24
 6RD Border Relay   205.171.2.64
 6RD IPv4 Prefix length   0 bits
 6RD IPv4 Prefix address   Auto-detect

Interaces:Overview

[LAN interface (lan, igb0)   
Status   up
MAC address   a0:36:9f:XX:XX:XX - Intel Corporate
MTU   1500
IPv4 address   10.31.1.1 / 24
IPv6 Link Local   fe80::a236:9fff:fe0a:e870 / 64
IPv6 address   2602:ae:XXXX:XXXX::1 / 64
[...]

WAN interface (wan, pppoe0)
Status   up
PPPoE   
up    Reload  Disconnect
Uptime   00:35:57
MAC address   00:00:00:00:00:00 - XEROX CORPORATION
MTU   1492
IPv4 address   174.21.XXX.XXX / 32
Gateway IPv4   63.231.10.68
IPv6 Link Local   fe80::a236:9fff:fe0a:e870 / 64
DNS servers   205.171.3.25
205.171.2.25
[...]


That's all I can think of, now. I'll update if I think of anything else.

Suggestions on how I can get this working, or how to troubleshoot it further?

Thanks!


Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2023 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2