31
22.7 Legacy Series / Re: (dumb?) IPv6 question ...
« on: November 09, 2022, 06:05:48 pm »
Hi,
as pmhausen already mentioned, the smallest IPv6 Prefix is /64. And I am sure you got a bigger prefix than /64 from your ISP. You can check that in the Fritz!Box in the Menu Internet > Online-Monitor. It will tell you since when you are connected and what IPv6 Address the Fritz!Box has on its WAN and the IPv6-Prefix is including size.
You can select the Prefix size the Fritz!Box requests from the ISP in the Menu Internet > Zugangsart. Blow Verbindungseinstellung should be the checkbox Bestimmte Länge für das LAN-Präfix anfordern. If checked you can then type in the Prefix size. The input field might be a little be short for showing the content, but you can edit it. The availability of the checkbox might depend on the Fritz OS release and if the box is your own or one provided by your ISP.
You already set Fritz!Box to work as DHCPv6 server and to provide a IPv6 prefix (IA_PD). If you are using exposed host in the Fritz!Box this is needed.
For IPv6 to work behind the OPNsense you need the following:
You need to set the WAN in the OPNsense to get its address via DHCPv6, which I assume you already did. In this WAN Interface settings you need to set then Prefix delegation size which the OPNsense should request from the Fritz!Box. This Prefix delegation size must be at least one smaller than the one in the Online-Monitor of the Fritz!Box. If the Fritz!Box has e.g. /59 you should use /60 or /61. The bigger you can choose the better. If the prefix size in the Fritz!Box is just /62, then you should try to increase the requested one it in the Fritz!Box.
In the LAN and all other Interfaces you set the IPv6 Configuration to Track interface and select a unique prefix ID. The maximum prefix ID you can select depends on the Prefix delegation size you selected in the WAN Interface on the OPNsense. None of your devices in the LAN and the other networks behind the OPNsense is allowed to use a IPv6 Address from the Fritz!Box LAN and Guest-Net.
In the German forum somebody had a similar issue issue.
KH
as pmhausen already mentioned, the smallest IPv6 Prefix is /64. And I am sure you got a bigger prefix than /64 from your ISP. You can check that in the Fritz!Box in the Menu Internet > Online-Monitor. It will tell you since when you are connected and what IPv6 Address the Fritz!Box has on its WAN and the IPv6-Prefix is including size.
You can select the Prefix size the Fritz!Box requests from the ISP in the Menu Internet > Zugangsart. Blow Verbindungseinstellung should be the checkbox Bestimmte Länge für das LAN-Präfix anfordern. If checked you can then type in the Prefix size. The input field might be a little be short for showing the content, but you can edit it. The availability of the checkbox might depend on the Fritz OS release and if the box is your own or one provided by your ISP.
You already set Fritz!Box to work as DHCPv6 server and to provide a IPv6 prefix (IA_PD). If you are using exposed host in the Fritz!Box this is needed.
For IPv6 to work behind the OPNsense you need the following:
- The OPNsense must ask the Fritz!Box of a prefix delegation
- The OPNsense must split the prefix delegation to its client networks
You need to set the WAN in the OPNsense to get its address via DHCPv6, which I assume you already did. In this WAN Interface settings you need to set then Prefix delegation size which the OPNsense should request from the Fritz!Box. This Prefix delegation size must be at least one smaller than the one in the Online-Monitor of the Fritz!Box. If the Fritz!Box has e.g. /59 you should use /60 or /61. The bigger you can choose the better. If the prefix size in the Fritz!Box is just /62, then you should try to increase the requested one it in the Fritz!Box.
In the LAN and all other Interfaces you set the IPv6 Configuration to Track interface and select a unique prefix ID. The maximum prefix ID you can select depends on the Prefix delegation size you selected in the WAN Interface on the OPNsense. None of your devices in the LAN and the other networks behind the OPNsense is allowed to use a IPv6 Address from the Fritz!Box LAN and Guest-Net.
In the German forum somebody had a similar issue issue.
KH