RA: Is there a known issue?

Started by lrosenman, September 06, 2024, 06:09:03 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
September 06, 2024, 06:09:03 PM
My colo provider just turned on IPv6 and I *THINK* I have everything set up so that OPNSense should advertise the /56 I have.  HOWEVER my FreeBSD boxes sitting behind it are NOT picking up the advertisements.

If I statically assign IPv6's they work.

Is there a known issue on 24.7.3_1?
September 06, 2024, 06:19:03 PM #1
What are you trying do do with the /56? Delegate parts of it to some downstream routers? You are not supposed to use that /56 directly on local interfaces. Pick a /64 from the prefix range for each of your networks.
September 06, 2024, 06:24:27 PM #2
ok so I don't "need" the full /56.  I narrowed the LAN interface to the first /64 and now I'm seeing the AUTOCONF addresses. 

So thank you.
September 06, 2024, 06:31:18 PM #3
/64 is a requirement for SLAAC.

Otherwise, /56 is 2^8 = 256 /64 subnets. DHCPv6 can use things like /96. But you definitely do not waste the /56 on a single interface. You can use some calc if needed. E.g., https://www.calculator.net/ip-subnet-calculator.html
September 06, 2024, 06:48:27 PM #4
Thanks!
September 07, 2024, 12:00:59 AM #5
> /64 is a requirement for SLAAC.

To elaborate: radvd will ignore the input and just force /64 with a polite log line that it cannot do otherwise.

The way we ended up modelling this for VIPs is to always do /64 despite the user input and to ignore /128 completely (so the user has a way to disable SLAAC on the VIP) to avoid breaking all the twilight configurations that currently work by accident.

https://github.com/opnsense/core/blob/d0806969/src/etc/inc/plugins.inc.d/dhcpd.inc#L480-L502


Cheers,
Franco
Print
Go Up Pages1
User actions