Topics

I have a wireguard vpn running over ipv4 between a site with ipv6-connectivity and a /64 to a site without ipv6

Can I assign some of the ipv6-adresses to the ipv4-only site and route over the vpn?

Is this possible?
Any recipies on how out there?

Is this possible?

My opnsense had a static ipv6 on fibre, but now it's connected to a 5G modem instead.

I've changed the wan to dhcpv6

But still, if I go in shell, I see the old static ip

I've examined the backup xml, but the old ipv6 is not there.

I can remove it with ifconfig re0 inet6 2a02:xxx::2 delete but it reappears a little later

Where could it be hiding?

I have 3 opn tunnels running. Well, I had it when I ran 21.7.8


After upgrading to 22.1.8_1 I get

wg0: link state changed to UP
wg0: link state changed to DOWN
wg0: changed name tp 'wg1'
wg1: link state changed to UP
wg1: link state changed to DOWN
wg0 changing name to 'wg2'
wg2: link state changed to UP


This means I only have one wireguard connection: wg2

I have another opnsense box at 22.1.8_1 with 3 working wg-interfaces.

It should be possible to add "allow-update" in the same way as "allow-transfer" and "allow-query"

I can add it manually, but naturally it disappears at configuration updates

I have a vmware server at OVH.
On this I have an opnSense firewall.
Due to the somewhat strange handling of IPv6 at OVH, I have assigned the public addresses
2001:0DB8::201/128
2001:0DB8::202/128
2001:0DB8::203/128
2001:0DB8::204/128 to the public interface.
Then NPTv6 Nats
2001:0DB8::/65 to fd30::/65.
The internal hosts have the adresses
fd30::201
fd30::202
fd30::203
fd30::204
This works in Opnsense 21.7.5, is broken in 21.7.6.

I believe the "remove redundant NPTv6 binat rule (Maurice Walker)" breaks my setup.

It appears nut can only operate in standalone and netclient mode, not netserver.

Is there a workaround?
Could I write the config-files directly?