ipv6 issues

Started by hescominsoon, March 02, 2022, 05:38:08 PM

Previous topic - Next topic
Print
Go Down Pages 1 2
User actions
March 11, 2022, 04:18:57 AM #15
Quote from: linuxha on March 06, 2022, 06:28:40 PM
Quote from: hescominsoon on March 04, 2022, 09:12:00 PM
... then if i set the prefix to 56 and add track 6 on the internal vlan interface...using 0x0..and...nothing.  ...
@hescominsoon, did you try 0x1 instead of 0x0? I had to change mine on each interface. 0x0 didn't work for me. I incremented for each LAN I added under IPv6.

The 0 offset (0x0) won't work because that is on your WAN interface, afaik.
March 11, 2022, 07:58:29 AM #16
It depends on the modem's choice for that matter. From experience it seems to be better to not request an address for WAN, which may or may not give you a separate GUA (via SLAAC) from a router subnet not delegated further. So you are free to use the full prefix delegation range to delegate yourself.


Cheers,
Franco
March 18, 2022, 04:45:33 AM #17
Quote from: 5SpeedFun on March 11, 2022, 04:15:46 AM
Quote from: hescominsoon on March 06, 2022, 02:05:21 AM
except my internal interfaces get....nothing.  I have noticed when I switch modems the BSD based firewalls then do ipv6 correctly but then I lose connectivity every 3-5 minutes for about 5-20 seconds.  When I plug a laptop or desktop directly into the modem however everything works fine.  it's only opn(and PF)sense that have this weird behavior.  This latest version it went from partially working to nothing at all.

If you are on comcast business, and have static /56, one of the /64's is going to be on your wan interface.  Try requesting /59 on your wan interface, and then try assigning 0x1 to one of your internal interfaces and "track interface" of your wan connection.  This is working for me.

yeppers tried all of this..started at 1 instead of zero and count up..zero ipv6 on internal.  if I reformat the machine and leave it at defaults(so no vlans only the wan and plan at d3efaults) then ipv6 works for the wan and plan.  As I noted I have seen this on both opn and pf sense. 
March 18, 2022, 04:48:00 AM #18
Quote from: 5SpeedFun on March 11, 2022, 04:15:46 AM
Quote from: hescominsoon on March 06, 2022, 02:05:21 AM
except my internal interfaces get....nothing.  I have noticed when I switch modems the BSD based firewalls then do ipv6 correctly but then I lose connectivity every 3-5 minutes for about 5-20 seconds.  When I plug a laptop or desktop directly into the modem however everything works fine.  it's only opn(and PF)sense that have this weird behavior.  This latest version it went from partially working to nothing at all.

If you are on comcast business, and have static /56, one of the /64's is going to be on your wan interface.  Try requesting /59 on your wan interface, and then try assigning 0x1 to one of your internal interfaces and "track interface" of your wan connection.  This is working for me.
static ipv6 in my area with comcrap business doesn't work due to known firmware issues with their CPE in my area:  https://etc-md.com/2021/07/28/the-comcast-business-ipv6-issue-resolved/
Also comcast is now requiring you sue their cpe for ALL installs or they charge you what's know as the rack rate which is roughly double what you'll pay under a "promotion"
March 20, 2022, 01:00:07 PM #19 Last Edit: March 20, 2022, 01:14:06 PM by zneaks
I fixed my issue, where I was receiving IPv6 addresses but not actually able to reach the internet with IPv6.

Created a new firewall rule on the LAN,

Address: IPv4 + IPv6
Action: Pass
Direction: In
Source: LAN Net
Destination: LAN Address

Rebooted, and clients are now working on IPv6.

Makes me think there was a firewall generation/compatibility issue with 21.7 -> 22.1, as I'm using my config from 21.7 and experiencing this issue.
March 21, 2022, 08:04:15 AM #20
Quote from: zneaks on March 20, 2022, 01:00:07 PM
Created a new firewall rule on the LAN,

Address: IPv4 + IPv6
Action: Pass
Direction: In
Source: LAN Net
Destination: LAN Address

That's a typical rule you need when you set your policy based routing too coarsely.


Cheers,
Franco
March 21, 2022, 01:05:52 PM #21
Quote from: hescominsoon on March 18, 2022, 04:48:00 AM
Quote from: 5SpeedFun on March 11, 2022, 04:15:46 AM
Quote from: hescominsoon on March 06, 2022, 02:05:21 AM
except my internal interfaces get....nothing.  I have noticed when I switch modems the BSD based firewalls then do ipv6 correctly but then I lose connectivity every 3-5 minutes for about 5-20 seconds.  When I plug a laptop or desktop directly into the modem however everything works fine.  it's only opn(and PF)sense that have this weird behavior.  This latest version it went from partially working to nothing at all.

If you are on comcast business, and have static /56, one of the /64's is going to be on your wan interface.  Try requesting /59 on your wan interface, and then try assigning 0x1 to one of your internal interfaces and "track interface" of your wan connection.  This is working for me.
static ipv6 in my area with comcrap business doesn't work due to known firmware issues with their CPE in my area:  https://etc-md.com/2021/07/28/the-comcast-business-ipv6-issue-resolved/
Also comcast is now requiring you sue their cpe for ALL installs or they charge you what's know as the rack rate which is roughly double what you'll pay under a "promotion"

IF you want to ping me out of band, I have had major issues with comcast CPE as well and I finally have it (mostly) working.  If you want to pm me, maybe we could compare notes, firmwares, etc?  I started a bunch of threads over at comcast business on static ip issues.  I have no choice of other provider, so run an he.net tunnel (6-in-4) as a workaround for my servers, but have my local (non-servers) clients on comcast and it seems to work ok, although I haven't had this config long.  I did have MAJOR issues with ipv6 up until recently until I had support disable Comcast ecurity Edge which the level 2 techs on the phone (I had to get a callback) told me as broken.
March 23, 2022, 01:13:43 AM #22
Quote from: franco on March 21, 2022, 08:04:15 AM
Quote from: zneaks on March 20, 2022, 01:00:07 PM
Created a new firewall rule on the LAN,

Address: IPv4 + IPv6
Action: Pass
Direction: In
Source: LAN Net
Destination: LAN Address

That's a typical rule you need when you set your policy based routing too coarsely.


Cheers,
Franco

I have allow all rules, I don't block anything  ;D and it still wasn't working.

My Allow All Rule:

Address: IPv4 + IPv6
Action: Pass
Direction: In
Source: LAN Net
Destination: *

With this rule, IPv6 still wasn't working until I created the below rule:

Address: IPv4 + IPv6
Action: Pass
Direction: In
Source: LAN Net
Destination: LAN Address
March 23, 2022, 07:25:35 AM #23
Yes, but do you have gateways assigned to the rules? Maybe even a floating rule.


Cheers,
Franco
March 29, 2022, 04:04:51 PM #24
Quote from: 5SpeedFun on March 11, 2022, 04:15:46 AM
Quote from: hescominsoon on March 06, 2022, 02:05:21 AM
except my internal interfaces get....nothing.  I have noticed when I switch modems the BSD based firewalls then do ipv6 correctly but then I lose connectivity every 3-5 minutes for about 5-20 seconds.  When I plug a laptop or desktop directly into the modem however everything works fine.  it's only opn(and PF)sense that have this weird behavior.  This latest version it went from partially working to nothing at all.

If you are on comcast business, and have static /56, one of the /64's is going to be on your wan interface.  Try requesting /59 on your wan interface, and then try assigning 0x1 to one of your internal interfaces and "track interface" of your wan connection.  This is working for me.
yeppers..tried that..no dice with the latest version  my ipv6 is dynamic..but again it works fine if I plug a machine directly into the cable modem..and my linux based firewalls work fine..it's only OPNSense that is having this issue.
Print
Go Up Pages 1 2
User actions