Changing WAN IPv6 prefix length breaks all connectivity

Started by tic226, February 22, 2022, 03:14:53 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
February 22, 2022, 03:14:53 PM
Hi,
yesterday i made the switch from pfSense to OPNsense 22.1.1_3-amd64. After the install i followed the wizard to set up my PPPoE WAN connection. All went well, a ping to 4.2.2.2 showed 0% packet loss, IPv4 connectivity worked as expected.
The wizard automatically sets DHCP6 for the WAN connection with a prefix length of 64. My ISP hands out 56 subnets so i left all other settings as they were and only changed the prefix length to 56. After applying the settings all connectivity breaks, no more v4 pings (100% packet loss). Switching back to 64bit prefix length (as that was the only setting i touched) didn't bring back connectivity. Reboot didn't make any difference either, only way to fix the problem is to revert the config to pre-wizard state and start over.

So far i have tried proper IPv6 settings for the WAN link (56bit prefix, only get a prefix, send hint, use v4 link for acquiring the prefix) just like they worked on the pfSense install. None of it worked or got IPv4 connectivity working again.

What else gets changed when merely changing the requested prefix length for the WAN IPv6 link? I tried everything i could think of, the only way to get even IPv4 connectivity to work is to never touch that prefix length field.
Any advice or pointers where i could look next?

Thank you!
February 22, 2022, 03:31:30 PM #1
You cannot have anything but a /64 on any particular link. What your ISP does is route that /56 to your OPNsense in addition to the /64 on the link proper. For you to use as internal networks, DMZ, VPN, ... whatever.

So with the WAN interface set to DHCP6, this is how to get that /56 routed - see screenshot, please.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
February 22, 2022, 03:39:28 PM #2
Yes, your screenshot shows exactly what i was trying to do and it broke my v4 connectivity as well. Apologies if i didn't make that clear in my original post. I basically have to leave it as the wizard set it initially as shown in my attached screenshot.
If i change that prefix length entry, connectivity breaks.
February 22, 2022, 04:10:45 PM #3
Did you tick "Request only an IPv6 prefix"?
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
February 22, 2022, 04:36:53 PM #4 Last Edit: February 22, 2022, 04:39:07 PM by tic226
Yep, i've set it exactly like shown in your screenshot (the way it worked before on pfSense on same hardware).
The result can be seen in the screenshot i've attached.
What i don't understand is the broken v4 connectivity, changing v6 settings shouldn't interfere with that. That's why i'm completely out of ideas...
The connection is VDSL from (german) Telekom with dual stack, no 4in6 tunneling or anything like that.
February 22, 2022, 04:47:04 PM #5
Exactly the same here. DTAG, PPPoE for IPv4, DHCP6 for IPv6.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
February 22, 2022, 05:25:02 PM #6 Last Edit: February 22, 2022, 05:42:26 PM by tic226
Hmm, that's all so very strange. It's a long shot but maybe it's hardware related? pfSense still uses FreeBSD 12.2, OPNsense is already on 13. I use an 82571EB based Intel PRO/1000PF fiber card for the WAN link, maybe there's something funky going on with the drivers. I'll i dig out a media converter and try again with the onbard i350 ports (Supermicro A1SRM-2558F).
Print
Go Up Pages1
User actions