close to getting IPv6 working.. i think.

Started by tswalker, March 21, 2021, 12:12:48 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
March 21, 2021, 12:12:48 AM
so, this is more of an experiment on my part i suppose... been using cellular services for a few months now, which is using 464XLAT.  I've somewhat got things working with OPNSense now, but falling short I believe.  This is my first attempt to become more involved with IPv6...

I configured WAN interface to use SLAAC, and get appear to get a valid address with /64 (prefix?)
I configured LAN interface to use "track interface" on the WAN with a 0x0 prefix ID and "allow manual adjustment"

I get what seems like a valid IPv6 address on the LAN, but no gateway?  However, WAN_SLAAC does show up in the gateways list on the dashboard.

I enabled DHCPv6 server on the LAN interface with a range of :: - ::ffff  (? not sure that is totally correct)

I set Router Advertisements on the LAN as "stateless"  (windows 10 supports SLAAC ?) with RA Interface as LAN(dynamic) & router priority to normal.

I can ping ipv6.google.com from WAN interface in opnsense:

Code Select

--- ipv6.l.google.com ping6 statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 29.330/32.563/34.813/2.344 ms


However, LAN interface fails
Code Select

--- ipv6.l.google.com ping6 statistics ---
3 packets transmitted, 0 packets received, 100.0% packet loss


clients on LAN network are indeed now getting IPv6 addresses... but are unable to also ping ipv6.google.com
at least unbound seems to be resolving to IPv6.. so i guess that's good right?

what am i missing?
March 21, 2021, 12:30:09 AM #1
What exactly is your WAN connection? You mention cellular, are you tethering OPNsense to a phone / mobile hotspot? That won't work.
Or are you using a USB modem? Or something else?
OPNsense virtual machine images
OPNsense aarch64 firmware repository

Commercial support & engineering available. PM for details (en / de).
March 21, 2021, 03:35:26 AM #2
Quote from: Maurice on March 21, 2021, 12:30:09 AM
What exactly is your WAN connection? You mention cellular, are you tethering OPNsense to a phone / mobile hotspot? That won't work.
Or are you using a USB modem? Or something else?

This is actually a new service (well.. new as in it has been in beta for a bit).. it is TMobile Home Internet 4G LTE / 5G service.

They provide a cellular modem, similar to the Nokia Fastmile, but OEM variant.. called Nokia 5G21 which support 4G LTE (b2,b4,b12,b66) and 5G (n41 n71).

The device has two LAN ports and offers 802.11/ax, which i essentially just use it as a modem.  Its been surprisingly good, which fairly reasonable bandwidth and (usually) good latency.

I setup opnsense as my home firewall/gateway  (yes CGNAT).  I've been strictly using IPv4 since November, and it has been decent.  Unforuntately, the modem does not permit much in the way of administrative controls (other than turning wifi channels on/off)...  and it feeds both an IPv4 address (NAT) and IPv6.
March 21, 2021, 04:56:02 AM #3
Yeah, this unfortunately won't work. There was another user with a similar setup just recently. Might actually be the same device: https://forum.opnsense.org/index.php?topic=21795.0

In that thread you'll also find a "dirty trick" which allows you to get some limited IPv6 in the OPNsense LAN, although I still don't recommend that.
OPNsense virtual machine images
OPNsense aarch64 firmware repository

Commercial support & engineering available. PM for details (en / de).
March 21, 2021, 01:35:53 PM #4
Quote from: Maurice on March 21, 2021, 04:56:02 AM
Yeah, this unfortunately won't work. There was another user with a similar setup just recently. Might actually be the same device: https://forum.opnsense.org/index.php?topic=21795.0

In that thread you'll also find a "dirty trick" which allows you to get some limited IPv6 in the OPNsense LAN, although I still don't recommend that.

I see, ok.. thank you for pointing that out.  I'll take a look there, I appreciate it.
Print
Go Up Pages1
User actions