How to setup ipv6 DHCPv6

[IsaacFL]

I am brand new to opnsense and just did a fresh install 18.1 today.

I am trying to get ipv6 configured. I can get it so my lan hosts can use SLAAC to get an address, but I cannot figure out how to turn on DHCPv6 to hand out ipv6 addresses.

When I do searches the services - DHCPv6 had settings that mine does not. The only thing I have is Relay and Leases, but I don't think I want to enable relay, and there are no leases.

I had ipv6 working pretty well on my consumer router but can't seem to figure how in opnsense.

The reason I use dhcpv6 is it seems to be the only way to get the ipv6 addresses of the hosts in the dns.

[mausy5043]

Router Advertisements can only be enabled on interfaces configured with static IP addresses. Only interfaces configured with a static IP will be shown.

Have you configured Interfaces > [LAN] >  IPv6 Configuration Type  as "Static IPv6"
And Interfaces > [LAN] > IPv6 address  with an IPv6 address?

[IsaacFL]

how do I enter a static using the prefix I get from my isp?

If I enter it manually, but still can't figure out to set up without hardcoding the prefix.  For Range I tried entering ::1000 to ::fffff but it doesn't like that.

How do I pass the prefix I get from the ISP to the DHCPv6 server?

[phoenix]

What prefix do you get from your ISP and who is your ISP?

[IsaacFL]

The prefix varies depending on the DUID. For the opnsense it was 2605:e000:100e:xxxx

My ISP is Time Warner/Spectrum and I have ipv6 working on my Asus Merlin router.

I was trying out opnsense, but can't seem to get the ipv6 to work properly so for now I am back on my Asus.

Documenation seems to be non-existing for ipv6 configuration?

Thinking of switching to something else maybe pfsense, but it is hard to tell what will work without taking my whole net down.

I would like to go beyond the capabilities of my Asus, for my homelab in ipv6.

[phoenix]

Sorry, I actually meant "prefix length" not just prefix.

[phoenix]

Does this help: https://osquest.com/2014/08/28/ipv6-with-comcast-and-pfsense/

[IsaacFL]

Prefix length is 64.

[IsaacFL]

when I set the IPv6 Configuration type to "Track Interface" it does work, but only with SLAAC.

As stated above by mausy5043, it seems that DHCPv6 and Router Advertisements can only be enabled on interfaces configured with static IP addresses so Track Interface doesn't work for that.

That seems like a bug to me. Since one of the things DHCPv6 can do, is send out prefix.

[mausy5043]

See if this works for you:

https://www.kirkg.us/posts/setting-up-ipv6-with-opnsense-and-comcast/

It especially suggests you need to add a firewall rule!

[IsaacFL]

Never did get this to work satisfactorily. I have in meantime tried pfsense, mikrotik, and vyos. Was able to get ipv6 to work ok with them.

So I am retrying opnsense again, and I am still having troubles getting it set up.

Is there any documentation that goes into the ipv6 options?

[mausy5043]

Never did get this to work satisfactorily.
Is there any documentation that goes into the ipv6 options?

I must admit that I too can't seem to get IPv6 working properly.
I have now got the WAN-interface to acquire an address from the upstream router, but getting DHCP6 to dish out IPv6 address to the LAN-interface and the LAN clients is a whole different story.

I know DNSMASQ can even do this, but the GUI doesn't seem to support this directly. And really, isn't this what DHCPv6 is there for anyway?   :(

[phoenix]

What errors are you seeing with DHCP? Do you see a suggested range when you to the DHCPv6 config page?

[EDIT] I forgot to ask if you have a fixed IP address for IPv6?

[mausy5043]

What errors are you seeing with DHCP? Do you see a suggested range when you to the DHCPv6 config page?

[EDIT] I forgot to ask if you have a fixed IP address for IPv6?

Thanks for taking the time to provide assistance with this.
Here are the settings that I think are appropriate.

My ISP (XS4ALL; NL) has provided me with a modem (Fritz!Box 5490). IPv6 relevant settings on the modem:
x Assign unique local addresses (ULA) as long as no IPv6 connection exists (recommended)
x Priority of Router advertisements = Low
x Announce DNSv6 server via router advertisement (RFC 5006)
x DHCPv6 server is enabled and assigns DNS server, prefix (IA_PD) and IPv6 address (IA_NA).

The OPNsense firewall is behind the modem (in DMZ). The WAN interface has been assigned an IPv4 and an IPv6 address. The IPv6 addresses shown by ifconfig match the addresses that the FritzBox says it has issued.



OPNsense configuration:

On Interfaces > [WAN]
IPv6 Configuration Type = DHCPv6
DHCP client configuration = all options empty (defaults); prefex delegation size = 64; use VLAN priority = disabled.

On Interfaces [LAN]
IPv6 Configuration Type = Track Interface
IPv6 Interface = WAN
IPv6 Prefix ID = 0

I get stranded when I want to configure the DHCPv6 server. On Services > DHCPv6 > Relay: I select:
Enable = ON
Interfaces = WAN

Clicking Save I get:

The following input errors were detected:
The field Destination Server is required.

Destination server?  :o

[phoenix]

A couple of things, first I'm no great expert with IPv6 and I've never had much success getting the 'track interface' to work correctly - I resorted to fixed IP address for the LAN.

I assume you want to hand out IPv6 addresses for your LAN, would that be correct? If what you're trying to achieve is IP address allocation for IPv6 then you would use a DHCP serve not a relay, I'm guessing that would explain why you're mentioning a 'destination server'.  If you could just clarify if you're trying to get LAN IPv6 addresses allocated or something else.

If when you got the Services/DHCPv6 menu you're only seeing the Relay/leases wntries I'm assuming that's because you have no fixed IPv6 addresses on your firewall.