IPv6

[cmpsalvestrini]

I'll attempt to be brief.

My ISP provides a /56 IPv6 prefix through DHCP. I am able to get an IPv6 address at the WAN port of my router; however I choose not to use this as my WAN IP, since getting the LAN to obtain an IPv6 address through WAN tracking does not work with my hardware. So... static IPv6. Since I have a /56 prefix, I set the LAN IPv6 address to one of the subnets, configure my pools, set radvd to managed and...... No internet access with IPv6. IPv6 tests fail. I think I'm doing something wrong here, am I missing something?

[bimmerdriver]

Why do think that you need a WAN IP address? My ISP gives a /56. My routers (I have three) are set to track their respective prefix. None of them have a WAN IP address.

[franco]

Indeed, some setups work fine with a link-local IPv6 on the WAN for the essential first hop to the router.


Cheers,
Franco

[Maurice]

With most ISPs, you have to request your prefix using DHCPv6, even if it is a "static" prefix. They won't route the prefix to you until you have completed DHCPv6 Prefix Delegation.

So even if you configure your LANs statically, use DHCPv6 on the WAN.

Cheers

Maurice

[bimmerdriver]

IMO, prefix delegation is not for the WAN, but for the LAN. If you want an address for the WAN, it's part of the request for the prefix (i.e., address and prefix). Unless the ISP allocates an address for the WAN, there is no need for one. Even if the ISP allocates an address for the WAN, I'm not clear why it would be required for a subscriber-supplied device. If anyone can explain what a WAN address would be used for on OPNsense, I'd like to hear it.

[ruffy91]

As a VPN endpoint (OpenVPN/IPsec/WireGuard). As endpoints for a Load Balancer (haproxy/nginx). As an address for a MTA (postfix plugin)