How to do IPv6 with DHCPv6-PD?

Started by bimbar, August 24, 2021, 09:43:04 AM

Previous topic - Next topic
Print
Go Down Pages 1 2 3
User actions
November 20, 2021, 02:12:24 PM #30
...and of course, the static GUA being used is different for each node, right?
November 20, 2021, 02:18:02 PM #31
Yes, of yourse. No different from IPv4 here. One address per node, one shared CARP address. The only new feature in 21.7.5 is that you can use a link local CARP address for router advertisements, now. In earlier versions each node used its own LLA - which resulted in two gateways active at the client system.
Combine that with clients not really following router priorities ... but you've been there IIRC.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
November 20, 2021, 02:46:28 PM #32
Sure  :) and RA unmanaged?
November 20, 2021, 03:35:44 PM #33
Yes.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
November 21, 2021, 06:22:47 PM #34 Last Edit: November 21, 2021, 06:29:00 PM by meschmesch
What is the IPv6 Gateway on the second node? At the moment I use the fe80:: address of the router on the WAN to which Opnsense is connected (as I did before using HA). But the second node shows the gateway as being offline?

I have to correct myself, I use the fe80 address as mentioned, it is reported to be offline, but in fact, it is working? On failover it immediatelly goes online... Strange?
November 21, 2021, 07:32:19 PM #35
Same here - hadn't noticed. Possibly it is trying to use the CARP address to ping the GW ...
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
November 22, 2021, 09:56:14 AM #36
Everything seems to work now. Please note that I had to set RA to stateless or assisted. Otherwise Android devices won't be able to use IPv6.
November 24, 2021, 11:59:27 AM #37
Another finding regarding Dynamic DNS: In case I have WAN DHCPv6 as well as a WAN CARP Address configured, Dynamic DNS will public the Carp address.

Is there a way to teach Dynamic DNS the address to use?
January 08, 2022, 12:50:55 PM #38
Quote from: pmhausen on November 21, 2021, 07:32:19 PM
Same here - hadn't noticed. Possibly it is trying to use the CARP address to ping the GW ...

For me the IPv6 gateway shows down on both master and backup as dpinger is binding to the WAN interface address rather than the CARP VIP. As I only have a single GUA for the WAN link, the WAN interface addresses are ULA (I.e. not in the same subnet as the VIP):
Code Select
root@router-nuc:~ # ps x | grep dpinger
40628  -  Is      0:00.02 /usr/local/bin/dpinger -f -S -r 0 -i WAN_GWv6 -B fd00:1234:5678:90ab::5 -p /var/run/dpinger_WAN_GWv6.pid -u /var/run/dpinger_WAN_GWv6.sock -C /usr/local/etc/rc.syshook monitor -s


On the other hand the IPv4 gateway monitor binds to the VIP and it works.

From what I can see, determination of the address to bind to is done in dpinger_configure_do(). For IPv4, it iterates through the interface IPs until it finds one in the same subnet as the monitor address, so in my case it finds the VIP address. For IPv6, if the monitor address isn't an LLA it uses interfaces_primary_address6() to get the bind address which basically finds the first valid address which isn't an alias. It doesn't do the subnet check.
Print
Go Up Pages 1 2 3
User actions