[Solved] Try to migrate but can't figure out right IPv6 settings

Started by tryhard, September 27, 2019, 10:05:35 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
September 27, 2019, 10:05:35 AM Last Edit: September 27, 2019, 02:52:06 PM by tryhard
Hi all,
after a long time of just reading about opnsense I want to move on and try it. I'm currently using pfsense, basic stuff is working flawless, only the additional packages don't make me happy.

Currently I'm a bit lost on how to setup my ISP (M-NET) config - regarding IPv6.

I'll try to be short :)

I get a changing IPv6 Prefix from my ISP
I use track interface on LAN side
I use DHCPv6 to give IPs to my devices
I use DHCPv6 to register those devices in my local pfsense DNS service
I use Aliases with those DNS Names
I use those Aliases to make firewall rules for my devices

This allows me too make FW rules for my devices even their IPv6 address may change every now and then

This is working fine on my pfsense and I'm try to pre config a opnSense device now.
But I'm stuck on the DHCPv6.
There is a DHCPv6 service which is stopped and won't start.
It looks like I can only configure a DHCPv6 relay ?
Which might work, but I don't have the target server IP :/

I have the feeling just to miss a small checkbox to get it right ?
So I can enable it if I have a static IPv6 address on that interface configured.
Can't a DHCPv6 Server be used with a tracked interface? Does this make sense?

Here are my pfsense settings
WAN Settings

LAN Settings

DHCPv6 Settings

Example Alias

Used in a Rule




September 27, 2019, 12:12:23 PM #1
Hi,

So we have your Pfsense settings, but no OPNsense screenshots yet.

> So I can enable it if I have a static IPv6 address on that interface configured.
> Can't a DHCPv6 Server be used with a tracked interface? Does this make sense?

A stopped DHCPv6 service suggests your LAN tracker doesn't work and so in turn maybe your WAN IPv6 doesn't work.

It's pretty common that device vs. device setups make you configure one side correctly and then you're only missing a tiny setting. IPv6 is especially picky in this regard.


Cheers,
Franco
September 27, 2019, 12:13:19 PM #2
PS: If you use a drop-in replacement with a PPPoE maybe your OPNsense MAC address is rejected by the ISP because it expects the other.
September 27, 2019, 01:26:44 PM #3
 > A stopped DHCPv6 service suggests your LAN tracker doesn't work and so in turn maybe your WAN IPv6 doesn't
> work.

Ehm well, I tried to pre configure it before taking it online. Maybe because of that my DHCPv6 Server Settings are hidden if I don't set a static IPv6.

Will try it - thanks!
September 27, 2019, 02:51:16 PM #4
 :D

Found it:

Interfaces > LAN > Track IPv6 Interface >

Manual configuration
[ x ] Allow manual adjustment of DHCPv6 and Router Advertisements
September 27, 2019, 05:50:02 PM #5
Ah, nice catch! Thanks for reporting back :)


Cheers,
Franco
Print
Go Up Pages1
User actions