How to enable IPv6 on LAN interface only for Matter devices?

Started by AG_2023, January 13, 2025, 09:10:34 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
January 13, 2025, 09:10:34 PM
My ISP does not have IPv6. I just need to enable IPv6 on LAN interface so I can connect Matter over Thread smart home devices to the Thread Border Router built into Amazon Echo Gen4 device. What is the right way to do this? OPNsense version 24.7.11_2.

If I enable IPv6 on WAN and LAN interfaces, the log is full of hundreds of entries like:

Code Select
2025-01-13T15:01:44-05:00 Notice kernel <7>cannot forward src fe80:2::f3ad:95c1:a7af:33c3, dst 2607:f8b0:4006:809::2003, nxt 6, rcvif igc1, outif igc0

Thanks
January 14, 2025, 12:48:33 AM #1
Is the IPv6 Configuration Type selection set for your LAN interface adequate to your needs? If so, you can disable IPv6 link-local address assignment via setting a tunable (under System: Settings: Tunables): "net.inet6.ip6.auto_linklocal", to "0". Once done, set your WAN IPv6 Configuration Type to None, set your LAN appropriately (both of which you may have already done), and see if that works for you. You can verify IPv6 address assignments under Interfaces: Overview.
January 14, 2025, 03:52:34 AM #2
The IPv6 Configuration Type for LAN is the problem. These are the options offered:

Static IPv6 <- I do not have a static IPv6 for LAN interface. I tried assigning some random IPv6 IP address and Matter over Thread devices stopped working.

DHCPv6 <- I do not have DHCPv6 setup for LAN interface, the IPv6 address is provided by the Thread Border Router. If I turn on DHCPv6 on LAN, the Matter over Thread devices stop working.

SLAAC <- I don't even know what this is
PPPoEv6 <- Don't have PPPoE, I have Verizon FIoS
6rd Tunnel <- No idea what this is
6to4 Tunnel <- No idea

Track Interface <- This is what I have setup currently. LAN interface tracks the WAN interface for IPv6. IPv6 is enabled on WAN interface even though not supported by ISP. If I disable IPv6 on WAN interface, this option gets disabled and Matter over Thread devices stop working. But enabling this option floods the logs with the error messages that I posted.

IPv6 is very confusing and I have spent lot of time trying to understand it, but no luck. So, I really need help.

Thanks...

January 14, 2025, 09:57:08 AM #3
If you only want to reach the matter devices, you might want to go for "Static IPv6" and use a unique local address range (fdXX::).
January 14, 2025, 04:31:57 PM #4
Quote from: AG_2023 on January 14, 2025, 03:52:34 AM[..]
Track Interface <- This is what I have setup currently.
[...]

OK, that explains the log. Bad assumptions on my part. That's not the selection you want.

IPv6 config should be very similar to IPv4 - for any sort of dynamic addressing you just need to lay out the server (generally singular) and client(s). I'd assume the Echo acts a client by default, but I'm not familiar with the device or (naturally) its current configuration. I don't see any detailed documentation on it offhand - all I see is basically "plug it in".
Print
Go Up Pages1
User actions