radvd | prefix length should be 64 for ix0

Started by fakebizprez, November 30, 2024, 03:24:06 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
November 30, 2024, 03:24:06 PM
Code Select

+---------------------------+----------+---------+--------------------------------+
| Time                      | Severity | Process | Message                        |
+---------------------------+----------+---------+--------------------------------+
| 2024-11-30T08:13:55-06:00| Warning  | radvd   | prefix length should be 64 for ix0 |
| 2024-11-30T08:10:31-06:00| Warning  | radvd   | prefix length should be 64 for ix0 |
| 2024-11-30T08:09:52-06:00| Warning  | radvd   | prefix length should be 64 for ix0 |
| 2024-11-30T08:05:14-06:00| Warning  | radvd   | prefix length should be 64 for ix0 |
| 2024-11-30T08:03:08-06:00| Warning  | radvd   | prefix length should be 64 for ix0 |
+---------------------------+----------+---------+--------------------------------+


Live Logs...this came out of nowhere, I haven't messed with a config or touched a machine in a few days.
WAN is set to DHCP, LAN is set to Track WAN interface. Always has been like that.  ISP issue?
Founder of a freight brokerage and software development company....aspiring sysadmin at heart.
November 30, 2024, 04:32:20 PM #1
Is ix0 WAN or LAN? What prefix length is configured?
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
December 01, 2024, 09:57:51 AM #2
My apologies, Patrick. ix0 is for LAN, ix1 is for WAN, and there is another interface for the Wireguard plugin.

I believe I know what caused this. Somehow in the DHCP4 settings, my subnet route changed to end at .240 instead of .254.

Despite me remedying that in the GUI and going into the terminal to reconfigure the interface and subnet, my prefix length is still /60. My WAN IPv6 is 128 and, for what it's worth, they have completely different IPv6 addresses (not sure if that's out of the ordinary).
Founder of a freight brokerage and software development company....aspiring sysadmin at heart.
December 01, 2024, 10:07:06 AM #3
You have prefix length /60 configured on LAN? That's not correct. All interfaces must be /64 or /128.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
December 01, 2024, 10:11:27 AM #4 Last Edit: December 01, 2024, 11:19:13 AM by meyergru
Your IPv4 prefix length has nothing to do with IPv6.

It is perfectly fine that the WAN (IA-NA) and other prefixes (IA-PD) prefixes differ. Usually, IA-NA is one /128 IPv6 and IA-PD is /56 - or at least something bigger than /64.

One /64 subnet out of the IA-PD prefix is what you need for SLAAC / RADVD to work for any (V)LAN, therefore the warning. IDK how you got a /60 there. If you just configure your (V)LAN to "track interface" and choose a prefix ID (which will control which of the available prefixes your LAN will get), you should get one specific /64 IA-PD prefix and 64 bits available for EUI-64 via SLAAC.

Maybe you have a static prefix and configured something else than "track interface"? If you configure it manually, you will have to use /64.
Intel N100, 4 x I226-V, 16 GByte, 256 GByte NVME, ZTE F6005

1100 down / 770 up, Bufferbloat A
December 02, 2024, 06:25:09 PM #5
Good Morning, Gentlemen, and thank you for the detailed response @Meyergru

I wanted to speak with some of my fellow AT&T Fiber Users before responding, and it appears that AT&T does not issue  a/64 prefix to their Residential users.

Quote
LAN subnet should be /64 indeed.
If your ISP give you a Prefix delegation of /60 then you can create 16 /64 with it for you to create LAN and VLANs.
When you set your LAN IPv6 and choose Track Interface, at the bottom of the config page you will choose WAN as the tracked interface and OPNsense will ask you to set the "Assign prefix ID" this is the id that will define the /64 within the /60 you were delegated the control of.

For example you ISP give you a Prefix Delegation of 2001:db8:1111:2220::/60
In the LAN configuration the prefix id will define that last 0 in hex, from 0 to F: 16 possibilities.

Your ISP will route that /60 to your WAN IPv6 address that they give you through their DHCPv6 probably.
Code Select
 
LAN :   2001:db8:1111:2220::/64
IoT :   2001:db8:1111:2221::/64
Guests: 2001:db8:1111:2222::/64
OPT1:   2001:db8:1111:2223::/64
OPT2:   2001:db8:1111:2224::/64 

Any thoughts on this is before I proceed?

Founder of a freight brokerage and software development company....aspiring sysadmin at heart.
December 02, 2024, 06:45:41 PM #6
No problem, it will work like that. Any subnet will have /64 then and each has a different prefix. You only have 16 prefixes with /60 instead of 256 with /56, but that should do.
 
Intel N100, 4 x I226-V, 16 GByte, 256 GByte NVME, ZTE F6005

1100 down / 770 up, Bufferbloat A
December 02, 2024, 06:46:04 PM #7
The give you a /60 so you can run up to 16 interfaces. Each individual interface must have a /64 from that /60.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
December 03, 2024, 02:26:50 AM #8
Going to Interfaces --> WAN, then making the changes that are on the attached screenshot gave me these results:


Code Select

LAN
XXX:XXXX:XXXX:XXXX:a236:9fff:fea4:191c/64
WAN
XXX::XXX:XXX::XXX:191d%ix1/64


Shouldn't the WAN be a /60 now?
Founder of a freight brokerage and software development company....aspiring sysadmin at heart.
December 03, 2024, 09:18:51 AM #9
No. No interface ever has anything but a /64 in IPv6. If you create OPT1, OPT2, ... and set them to "track" they will get different /64s from your /60.

"/60" is just a way to write "you get 16 /64 from your ISP."
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
December 03, 2024, 11:13:50 AM #10
Since radvd complains I wonder what is in /var/etc/radvd.conf ?

Further code context: https://github.com/opnsense/core/commit/54f2ed4fa703c


Cheers,
Franco
Print
Go Up Pages1
User actions