ia-na and ia-pd on a the wan interface

Started by nkajkmuk, December 10, 2022, 10:57:28 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
December 10, 2022, 10:57:28 PM Last Edit: December 11, 2022, 03:28:12 PM by nkajkmuk
Hi
I am looking to configure a WAN iPV6 address on the WAN in addition to getting the delegated /56 prefix.  On the basic menu disabling the 'get prefix only" option does not seem to solve the problem. 

I am thinking of a custom config override file as below, but there seems to be some error, not sure if I have got this right. Would appreciate any pointers, thanks.


interface em0 {
  send ia-na 0;
  send ia-pd 0;
  request domain-name-servers;
  request domain-name;
  script "/var/etc/dhcp6c_wan_script.sh";
};
id-assoc na 0 {
};
id-assoc pd 0 {
  prefix ::/56 infinity;
};
March 24, 2023, 04:07:13 PM #1
Where you ever successful?  If so what was the final solution?  I too get a delegated /56 but no address assigned to the WAN interface, yes everything works with a link local on the wan interface unless I need/want to source something from the firewall itself.

Thanks, Jeff
March 27, 2023, 09:21:00 PM #2
TLDR: it doesn't work with dhcp6c.

https://github.com/opnsense/core/issues/5630


Cheers,
Franco
March 29, 2023, 06:28:22 PM #3 Last Edit: March 29, 2023, 07:07:44 PM by Jeffrey
I've come up with a not so elegant solution based upon a posting I found elsewhere directed towards pfsense.  If I enable log level debug under "interfaces -> Settings" I can get the IA_PD address to appear in the files in /var/log/system/, I found it doesn't always show in "latest.log" so I simply cat all the files run it through grep and take the last IA_PD entry found and apply that address to the WAN interface.

After a reboot I simply run the script eg "./assign_ip6.sh <wan interface>" and the script will apply the last address from the assigned prefix to the wan interface. (ugly script attached)

I'm sure somebody can figure out a better way to put IA_PD and clean up the script, but at least it solves the problem for now, if not a little (ok very) kludgy.

Jef
April 06, 2023, 09:01:57 PM #4
I'm aware of Luke's patch, but lack of integration into the larger scheme of things has me worried about side effects which for IPv6 seem to be everywhere.

We might want to bring back prefix ID selection for WAN and build something with it, but a single script this isn't going to be.


Cheers,
Franco
April 11, 2023, 10:16:21 PM #5
never said the script was pretty, but for right now until a better solution is identified and deployed this is remains a workable option, at least for me at the moment.
Print
Go Up Pages1
User actions