OPNSense newbie with IPv6 musings and questions

Started by cmpsalvestrini, October 31, 2019, 10:50:40 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
October 31, 2019, 10:50:40 PM
Hello, please bear with me guys:

I installed OPNSense on a computer with a dual-nic network card. I set everything up and everything is fine and dandy. However... IPv6 does not work: it is plotz.

There is no doubt that i can get IPv6 at the WAN port. Up to there I'm good. FWIW the prefix is a /56 (would love to know how to properly set this up). at the gateway interface, I have set up my ONT router IPv6 address as the gateway, and a static IPv6 address way at the end of the spectrum (2001:818:d9d9:ba00:ffff:ffff:ffff:fffe). This, I set as a /64.

On the LAN side, i set my IPv4 address, a /16, and an address thus: 2001:818:d9d9:ba00::ffff /64. I also configured DHCPv6 to spread a pool from ::10 to ::ffff and I configured radvd thus:

* Managed router advertisements
* Normal priority
* Advertise default gateway checked
* Advertised route (2001:818:d9d9:ba00::/64)
* blank dns servers and domain search
* minimum interval 200
* maximum interval 600

However,
If I don't do a wiring trick involving a switch (which gives me dual IPv6 addresses at LAN level) my OPNsense produced IPv6 addresses do not get Internet connectivity. ipv6-test.com tests fail. I have ICMPv6 set to be allowed at the WAN level.

The scheme for the wiring trick is as follows:



ONT ----- Switch port 1
         |----- Switch port 2---To WAN port on OPNSense
         |----- Switch port 3---From LAN port on OPNsense
         |----- Switch port 4---To main switch going to the rest of my net

I suspect some configuration is missing here. IPv6 should work and the wiring hack above should not be necessary, I think. I wonder whether I have to set the LAN with a totally different prefix within the /56 subnet?

I have tried ULA and NPT -- that was a spooktacular fail. (de rigueur pun, because Halloween). Perhaps I'm not configuring things properly, after all I am a newbie at using OPNsense.

What should I do, how should I proceed, to have IPv6 working as good theory says it should?

Thanks in advance.

Print
Go Up Pages1
User actions