IPv6 weirdness

[jcdick1]

I am running OPNsense in an XCP-NG VM, and I am seeing some genuine weirdness going on.

I have four interfaces labelled WAN, LAN, Management and Storage. 

Some VMs in my environment have only a single interface on the LAN network, others have some combination of the three. Physical devices (PCs, streaming devices, etc) are all on the LAN network.

The Management and Storage networks have firewall rules to keep them isolated - for all intents and purposes, unrouted.

KEA is configured to only have its DHCPv6 server active on the LAN network (only interface with a checkbox in the dropdown).  But its "Leases DHCPv6" page is showing active leases on the "Management" interface.  And on the hosts, those corresponding IPv6 addresses are showing on their LAN-associated interface.  At the same time, some devices on the LAN network cannot get IPv6 addresses.

Even after the latest upgrade, I still have ISC doing the IPv4, as I am fairly dependent on the Unbound relationship for DHCP lease DNS resolution.

This IPv6 stuff is genuinely a headache for me.  But since Matter devices require IPv6, I have to figure this all out.

I'd like to put IPv6 on all my interfaces and then it probably wouldn't matter since there'd be addresses available all over, but I can only get a single /64 from my ISP (AT&T).

Any insight or assistance is appreciated.  Thank you!

[meyergru]

Take a look at the Tutorial section - there is a HowTo for IPv6.