Clients on VLANs not receiving IPv6 addresses from Windows DHCP servers

Started by andrew_241, February 02, 2025, 09:56:11 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
February 02, 2025, 09:56:11 AM
I noticed a couple weeks ago that clients connected to my VLANs weren't receiving IPv6 addresses from my Windows DHCP servers. They do receive IPv4 addresses just fine. I think the Windows DHCP servers are configured correctly, so I'm wondering if there's something wrong with my OPNsense system. I have router advertisements set to 'Managed' for the LAN (clients there get assigned IPv6 addresses without any issues) and the two VLANs. 'Advertise Default Gateway' is checked, no route advertisements are specified, and 'Do not send any DNS configuration to clients' is checked. But, if radvd is set to 'Assisted', 'Unmanaged', or 'Stateless', the VLAN clients will get IPv6 addresses using SLAAC, not through the Windows servers though. DHCRelay is configured with the IPv4 and IPv6 addresses of the two Windows DHCP servers. I use Ubiquiti Networks Unifi switches, and DHCP snooping is disabled for both VLANs. 'Rogue DHCP Server Detection' is also disabled. A packet capture shows that there are DHCPv6 solicitations that are being transmitted from the clients (destination of ff02::1:2). Am I missing something here?

Thanks!
February 02, 2025, 11:40:29 AM #1
Do you have a DHCPv6 Relay service running for the VLAN in question? (check System > Diagnostics > Services). I've not actually used this myself, but it appears that you have to create separate "Destinations" for v4 and v6, then, for each interface, create separate "Relays" for each "Destination". It also appears that (at least in my 25.1 test instance), the resulting services do not get started automatically, so I had to start them under [System > Diagnostics > Services]. I haven't tested if they actually work, but they do appear to be running and listening now....
February 02, 2025, 11:42:50 AM #2
P.S. I notice that dhcrelay6 appears to listen on all interfaces, so I suspect that it may not be able to coexist with dhcpd6.
February 03, 2025, 04:34:49 AM #3
Yep, under 'System: Diagnostics: Services', there are two dhcrelay services, one each of DHCPv6 for both opt1 (vlan01) and opt2 (vlan02). Both those are running. A screenshot of 'Services: DHCRelay: Configuration' is attached. You're correct that dhcp6d won't run when dhcrelay is running on the same interface.
February 03, 2025, 12:01:22 PM #4
Quote from: andrew_241 on February 03, 2025, 04:34:49 AMYou're correct that dhcp6d won't run when dhcrelay is running on the same interface.

I was more concerned by the fact that it doesn't seem to listen on specific interfaces, but it appears that the SO_REUSEADDR socket option would allow both to listen on the same port at the same time.

So, have you tried a packet capture (for port 547) on the interface that the DHCP server is routed through?
February 04, 2025, 05:26:59 AM #5
Quote from: dseven on February 03, 2025, 12:01:22 PM
Quote from: andrew_241 on February 03, 2025, 04:34:49 AMYou're correct that dhcp6d won't run when dhcrelay is running on the same interface.

I was more concerned by the fact that it doesn't seem to listen on specific interfaces, but it appears that the SO_REUSEADDR socket option would allow both to listen on the same port at the same time.

So, have you tried a packet capture (for port 547) on the interface that the DHCP server is routed through?

I did, and I saw the DHCPv6 solicit and relay-forward messages. No response from the server though.
Print
Go Up Pages1
User actions