IPv6 Track on Loopback

Started by rudiservo, September 25, 2024, 09:30:07 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
September 25, 2024, 09:30:07 PM
hey guys, I tried to put a loopback with track interface to use with NPTv6.

At first it kind of worked but then dhcpv6 started throwing some errors

Code Select
Unsupported device type 24 for "lo1"

here is the full line:

Code Select
/usr/local/sbin/pluginctl: The command '/usr/local/sbin/dhcpd -6 -user dhcpd -group dhcpd -chroot /var/dhcpd -cf /etc/dhcpdv6.conf -pf /var/run/dhcpdv6.pid vlan0.3.200 lo1' returned exit code '1', the output was 'Internet Systems Consortium DHCP Server 4.4.3-P1 Copyright 2004-2022 Internet Systems Consortium. All rights reserved. For info, please visit https://www.isc.org/software/dhcp/ Config file: /etc/dhcpdv6.conf Database file: /var/db/dhcpd6.leases PID file: /var/run/dhcpdv6.pid Wrote 3 NA, 0 TA, 0 PD leases to lease file. Bound to *:547 Unsupported device type 24 for "lo1" If you think you have received this message due to a bug rather than a configuration issue please read the section on submitting bugs on either our web page at www.isc.org or in the README file before submitting a bug. These pages explain the proper process and the information we find helpful for debugging. exiting.'


It works if I add a VLAN that I do not use, is there a better way of doing this instead of VLAN?

My reason for using track with NPTv6 is the IPv6 /56 is provided dynamically by ISP, this way I can have my local resources always with the same IPv6 and I do not have to change the firewall rules.
September 25, 2024, 09:36:40 PM #1
Unsupported sounds like a good reason to not do it.

> It works if I add a VLAN that I do not use, is there a better way of doing this instead of VLAN?

I'd go with this indeed.


Cheers,
Franco
September 26, 2024, 12:01:23 AM #2
Thanks Franco.

Not the ideal solution, should I add an issue in github to brainstorm a better solution for this?
September 26, 2024, 09:24:15 AM #3
I'm probably missing something. Why are you trying to run DHCPv6 on the loopback interface? Can't you just set it up for "Track Interface", and check "Allow manual adjustment of DHCPv6 and Router Advertisements" so they won't apply to it?
September 26, 2024, 01:19:39 PM #4
Well the use case is simple. Create a virtual network on the OPNsense to run services on and give a /64 from the PD to it for the services to bind and run on. Now you need some helper hardware port or a VLAN on top to use it.

That being said I simply don't know why loopback isn't eligible here but I'd assume it's for a good reason and somebody else can maybe research that question.


Cheers,
Franco
September 26, 2024, 01:33:49 PM #5
That's not what the OP is asking for, though - they just want to use the tracked /64 for NPTv6... (IIUC)
September 26, 2024, 02:55:43 PM #6
I'm willing to ignore that bit because it's not mission critical and it may warrant further questioning about why the NPT requires a separate subnet from the PD when in normal cases you already get one to e.g. LAN. ;)


Cheers,
Franco
Print
Go Up Pages1
User actions