Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
23.1 Legacy Series
»
IPv6: old prefixes blocked after prefix changes
« previous
next »
Print
Pages: [
1
]
Author
Topic: IPv6: old prefixes blocked after prefix changes (Read 822 times)
herrhannes
Newbie
Posts: 2
Karma: 0
IPv6: old prefixes blocked after prefix changes
«
on:
April 09, 2023, 10:12:43 am »
Hello,
as my WAN connection is unfortunately a VDSL connection with a daily reconnect, I stumble into the following issue: At each reconnect, I get assigned a new prefix which is then distributed to the network clients as well.
But only this new prefix seems to be part of the definition of "LAN Net", therefore all connections using the addresses based on the old prefix are blocked by the default deny rule.
Is this actually intended behavior? Linux clients seem to always use the latest prefix but MacOS and iPhone e.g. do not and are consequently blocked from reaching "the internet". Local addresses such as the virtual IP of OPNsense are still reachable.
How could I circumvent this issue without allowing IPv6 traffic from any to any on the LAN Interface?
Edit: The firewall rules were probably the wrong lead as that should be the correct behavior. Only the deprecation did not work as expected?!
«
Last Edit: April 09, 2023, 03:53:55 pm by herrhannes
»
Logged
herrhannes
Newbie
Posts: 2
Karma: 0
Re: IPv6: old prefixes blocked after prefix changes
«
Reply #1 on:
April 09, 2023, 03:52:18 pm »
AdvDeprecatePrefix = on
seems to have helped. Shouldn't that be the default configuration?
Maybe it's also just a coincidence...
Edit: No, it didn't. My Apple devices still do not get the deprecation and continue to use the old IPs.
Why?
«
Last Edit: April 10, 2023, 12:23:56 pm by herrhannes
»
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
23.1 Legacy Series
»
IPv6: old prefixes blocked after prefix changes
