Show Posts
1
High availability / IPv6 Router Advertisement 22.x
« on: March 03, 2022, 05:57:19 pm »
Pre 22.x release it was possible to use a specific virtual ip address (carp) as source address for router advertisements. Now the only option is "Automatic".
In a HA setup you could use an IPv6 carp address for router advertisements so clients would use that carp address as default gateway and routing is fixed to a single node.
Now opnsense uses the link local address for advertisement and as such the clients get multiple ipv6 default gateways assigned (one for each HA node).
This can introduce routing issues when the return path of packets differs. Clients may discard packets when the return packet is received from a different ip than the original packet was sent to.
What is the correct way to setup router advertisement in HA setup with 22.x?
In a HA setup you could use an IPv6 carp address for router advertisements so clients would use that carp address as default gateway and routing is fixed to a single node.
Now opnsense uses the link local address for advertisement and as such the clients get multiple ipv6 default gateways assigned (one for each HA node).
This can introduce routing issues when the return path of packets differs. Clients may discard packets when the return packet is received from a different ip than the original packet was sent to.
What is the correct way to setup router advertisement in HA setup with 22.x?