Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
18.7 Legacy Series
»
ipv6: Can I get to anounce more than one prefix/subnet?
« previous
next »
Print
Pages: [
1
]
Author
Topic: ipv6: Can I get to anounce more than one prefix/subnet? (Read 5411 times)
KlaverenBoer
Newbie
Posts: 5
Karma: 1
ipv6: Can I get to anounce more than one prefix/subnet?
«
on:
August 10, 2018, 02:32:16 pm »
I replied to an old(ish) feature request topic, but maybe that was not the smartest thing to do so I'll post it as a question here as well.
Is it possible to setup Router Advertisement so it announces more than 1 prefix (or subnet) to the clients on that interface?
I get a prefix from my ISP and would like to announce that using Track Interface (WAN). No issue there.
Next to that, I would also like to announce a ULA prefix.
Why the ULA addresses? I need something predictable/"fixed" for my Active Directory.
At home, I don't get a fixed IP nor fixed prefix.
At work, I do, but we will probably change ISPs in the not so distant future.
ULA addresses would make sure I can still reach all machines even when the GUA prefix changes.
Logged
marjohn56
Hero Member
Posts: 1701
Karma: 179
Re: ipv6: Can I get to anounce more than one prefix/subnet?
«
Reply #1 on:
August 10, 2018, 05:17:19 pm »
Is that not what Advertise Routes is for in Services->Router Advertisements->LAN is for?
Logged
OPNsense 24.7
-
Qotom Q355G4
- ISP -
Squirrel 1Gbps
.
Team Rebellion Member
- If we've helped you remember to applaud
KlaverenBoer
Newbie
Posts: 5
Karma: 1
Re: ipv6: Can I get to anounce more than one prefix/subnet?
«
Reply #2 on:
August 10, 2018, 05:33:09 pm »
That does add an additional route to the client, but does not give the extra ipv6 adresses in the new subnet.
Logged
marjohn56
Hero Member
Posts: 1701
Karma: 179
Re: ipv6: Can I get to anounce more than one prefix/subnet?
«
Reply #3 on:
August 10, 2018, 05:41:37 pm »
OK.. I'll go take a look and see what's needed.
Logged
OPNsense 24.7
-
Qotom Q355G4
- ISP -
Squirrel 1Gbps
.
Team Rebellion Member
- If we've helped you remember to applaud
KlaverenBoer
Newbie
Posts: 5
Karma: 1
Re: ipv6: Can I get to anounce more than one prefix/subnet?
«
Reply #4 on:
August 10, 2018, 06:01:18 pm »
It DOES work, but only if:
1. I add a virtual IP for the interface (I added fddd:999:999:92::1/64)
2. I reboot OPNsense
Just the reboot is not enough, it's the virtual IP that does the trick.
--
EDIT: If that was how it was supposed to work, then that was not clear to me, sorry...
--
EDIT2: The virtual IP causes another undesired effect. After a reboot, the client no longer gets a GUA address, only the additional ULA.
A bit more details:
In my test setup I have 2 VLAN interface (91 and 92), each with a single client.
For VLAN91 I have configured Track Interface (WAN) and so the client originally got a GUA adress only. ipv6 connectivity works as expected.
For VLAN92 I have configured a static ipv6 (fddd:888:888:92::1) and RA announces this prefix.
That works as expected: ipv6 connectivity but only on my own network, and no internet.
Later on I added
* the "advertise routes" setting: fddd:999:999:91::/64 for VLAN91 and fddd:999:999:92::/64 for VLAN92
* virtual IP fddd:999:999:91::1/64 for VLAN91 and fddd:999:999:92::1/64 for VLAN92
and rebooted the firewall.
For VLAN92 I now get:
* 4 ULA addresses, 2 for both subnets (that includes a temp one for both subnets)
* routes for both subnets
That works as I had expected
For VLAN91 I now get:
* 2 ULA addresses (including 1 temp)
* no more GUA addresses
This looks a bit like a known bug (over here or at pfSense) where virtual IP + Track Interface don't work nicely together. That had something to do with the order of the ipv6 addresses in ifconfig on the concerning interface, IIRC.
If required I can try to find that bug report on Monday.
«
Last Edit: August 10, 2018, 06:20:39 pm by KlaverenBoer
»
Logged
marjohn56
Hero Member
Posts: 1701
Karma: 179
Re: ipv6: Can I get to anounce more than one prefix/subnet?
«
Reply #5 on:
August 10, 2018, 06:11:14 pm »
No worries.. You have it sorted. It was not something I have done before so I was about to start delving, you've saved me from that.
Logged
OPNsense 24.7
-
Qotom Q355G4
- ISP -
Squirrel 1Gbps
.
Team Rebellion Member
- If we've helped you remember to applaud
KlaverenBoer
Newbie
Posts: 5
Karma: 1
Re: ipv6: Can I get to anounce more than one prefix/subnet?
«
Reply #6 on:
August 10, 2018, 06:17:37 pm »
Sorry to disappoint, I have just edited my post while you were adding your reply above.
It's going a bit off-topic, but is a cause of the requirement of that Virtual IP.
Of course, if we continue in this topic, then it may better get a new name, or I open a new one for it next week?
Logged
marjohn56
Hero Member
Posts: 1701
Karma: 179
Re: ipv6: Can I get to anounce more than one prefix/subnet?
«
Reply #7 on:
August 10, 2018, 06:47:34 pm »
I think the best option here is to raise it on Github as an issue. I am uncertain as to whether a VIP is meant to be able to do this or not, and heads better in the VIP area than mine will pick it up if it's raised as an issue.
Logged
OPNsense 24.7
-
Qotom Q355G4
- ISP -
Squirrel 1Gbps
.
Team Rebellion Member
- If we've helped you remember to applaud
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
18.7 Legacy Series
»
ipv6: Can I get to anounce more than one prefix/subnet?