Question about IPv6 error

Started by Tuxtom007, September 20, 2023, 05:47:02 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
September 20, 2023, 05:47:02 PM
Hello all,

I would like to ask here in the large group if anyone has any ideas about the behaviour of my OPNSense, so far there has been no feedback in the German subgroup:

I have a question about the behaviour of the OPNSense with IPv6:

- OPNSense lastest Version on a Single-PC with 8 NIC
- Internetprovider "Vodafone Cabel Internet" - DUAL-Stack ( IPv4 + IPv6 )
- Fritzbox in bridge mode, forwards the public IP addresses to the OPNSense, the router works in modem mode like this
- WAN interface runs on DHCP for IPv4 and IPv6, prefix /59 is assigned - everything o.k.
- Router Advertisements on the OPNSense is active for each VLAN and distributes fd00 addresses - works fine
- DHCPv6 is active and distributes DNS and public addresses from one /64 network per VLAN - works fine.

I am currently trying to set up a DynDNS but the update of the IP address does not work for IPv6 (IPv4 works without problems).

If I query my local IP from different clients in the network via dig over IPv6, it works without any problems:
I always get the IPv6 address assigned to the client from the subnet

Code Select

dig @resolver1.ipv6-sandbox.opendns.com AAAA myip.opendns.com +short -6
2a02:8071:6310:xxxx:......


If I do the same on the OPNSense shell, it always times out:
Quote
dig @resolver1.ipv6-sandbox.opendns.com AAAA myip.opendns.com +short -6
;; communications error to 2620:0:ccc::2#53: timed out
;; communications error to 2620:0:ccc::2#53: timed out
;; communications error to 2620:0:ccc::2#53: timed out

; <<>> DiG 9.18.16 <<>> @resolver1.ipv6-sandbox.opendns.com AAAA myip.opendns.com +short -6
; (1 server found)
;; global options: +cmd
;; no servers could be reached

traceroute6 does not look any better:
Quote
traceroute6 resolver1.ipv6-sandbox.opendns.com
traceroute6 to resolver1.ipv6-sandbox.opendns.com (2620:0:ccc::2) from 2a02:908:f000:xxxxxxxxxx, 64 hops max, 28 byte packets
1  * * *
2  * * *
3  * * *
.....

The WAN interface has a v6 address:

Quote
WAN (igb0)      -> v4/DHCP4: 84.xxx.xxx.xxx/22
                    v6/DHCP6: 2a02:908:xxxxxxxxx/64


The WebGUI shows me the public v6 address but only the fe80 address of the interface ( sees screenshot )

Under System -> General -> Setting the same picture, as WAN only the public IPv4 or the IPv6 fe80 address is displayed for DNS ( see screenshot )

Then someone can explain to me why the Sense ignores the public IPv6 address.
"Prefer to use IPv4 even if IPv6 is available" is deactivated.

Thanks in advance

September 20, 2023, 06:57:59 PM #1
Does the gateway appear under System -> Routes -> Status appear as a v6 default gateway?
September 20, 2023, 09:26:03 PM #2
yes, but also with the link-local adress

ipv6   default   fe80::1212:ff:fe00:6598%igb0   UGS   NaN   1500   igb0   wan   
Print
Go Up Pages1
User actions