Netgate SG-1000 microFirewall

Author Topic: DHCPv6 Not Working for LAN Interface, SLAAC works without issue  (Read 844 times)

0 Members and 1 Guest are viewing this topic.

Offline bawitdaba

  • Newbie
  • *
  • Posts: 2
  • Karma: +2/-0
    • View Profile
I have a residential TWC (Spectrum) line and I finally configured pfSense 2.3.3 to use IPv6.

I am using DHCP6 on the WAN interface, with Track Interface on the LAN interface.

When I configure Router Advertisements to Unmanaged or Assisted I have no issues my machines acquire an IPv6 address and I score a 19/20 on http://ipv6-test.com/ (they ding me a point for ipv6 hostnames).

I can't get Router Advertisements to work in Managed mode none of my Windows, Linux, or iOS Devices pull an IPv6 address from the DHCPv6 Server. I also tried static IPv6 assignments and they do not acquire them either. I set my range to ::130 to ::254 for testing purposes so I would know if I pulled an address.

I'm aware there is an issue on Windows 10 machines with DHCPv6, but I already have update "Update for Windows 10 Version 1607 for x64-based Systems (KB4013418)" installed which allegedly resolves these issues.

I verified that dhcpd is running

Code: [Select]
46995  -  Ss     0:00.17 /usr/local/sbin/dhcpd -6 -user dhcpd -group _dhcp -chroot /var/dhcpd -cf /etc/dhcpdv6.conf -pf /var/run/dhcpdv6.pid em1
None of my machines will pull an IPv6 Address over DHCP it seems :( I tried ipconfig /release6 and ipconfig /renew6 on windows machines too...

Any ideas?

/edit
Forgot to add I also Added Inbound and Outbound Rules to Windows Firewall for ICMPv6
« Last Edit: March 26, 2017, 05:08:30 pm by bawitdaba »

Offline bimmerdriver

  • Sr. Member
  • ****
  • Posts: 515
  • Karma: +21/-3
    • View Profile
Re: DHCPv6 Not Working for LAN Interface, SLAAC works without issue
« Reply #1 on: March 26, 2017, 11:40:37 am »
You should be using assisted. With regards to the windows issue, it has been fixed on a recent update, but I can't confirm which update. You should be able to get a dhcpv6 lease if you use ipconfig /release6 and ipconfig /renew6. If you disable and enable the adapter before ipconfig, it will clear the previous privacy addresses. If this is not working, you probably have a configuration problem.

Offline bawitdaba

  • Newbie
  • *
  • Posts: 2
  • Karma: +2/-0
    • View Profile
Re: DHCPv6 Not Working for LAN Interface, SLAAC works without issue
« Reply #2 on: March 26, 2017, 04:44:17 pm »
You should be using assisted. With regards to the windows issue, it has been fixed on a recent update, but I can't confirm which update. You should be able to get a dhcpv6 lease if you use ipconfig /release6 and ipconfig /renew6. If you disable and enable the adapter before ipconfig, it will clear the previous privacy addresses. If this is not working, you probably have a configuration problem.

I switched to assisted mode, and I get IPv6 Addresses via SLAAC but I do not receive any IPv6 addresses from the DHCPv6 Server Pool. I tried multiple devices iOS Devices, Windows Devices, Linux VM's, all pull SLAAC Addresses but none from DHCPv6.

/edit/

It looks like for some reason on my LAN interface I had checked "Block Bogon Networks" which blocked all Link-Local IPv6 Traffic such as DHCPv6. My clients pull addresses now from DHCPv6 yay!
« Last Edit: March 26, 2017, 05:33:07 pm by bawitdaba »

Offline bimmerdriver

  • Sr. Member
  • ****
  • Posts: 515
  • Karma: +21/-3
    • View Profile
Re: DHCPv6 Not Working for LAN Interface, SLAAC works without issue
« Reply #3 on: March 27, 2017, 09:06:00 pm »
You should be using assisted. With regards to the windows issue, it has been fixed on a recent update, but I can't confirm which update. You should be able to get a dhcpv6 lease if you use ipconfig /release6 and ipconfig /renew6. If you disable and enable the adapter before ipconfig, it will clear the previous privacy addresses. If this is not working, you probably have a configuration problem.

I switched to assisted mode, and I get IPv6 Addresses via SLAAC but I do not receive any IPv6 addresses from the DHCPv6 Server Pool. I tried multiple devices iOS Devices, Windows Devices, Linux VM's, all pull SLAAC Addresses but none from DHCPv6.

/edit/

It looks like for some reason on my LAN interface I had checked "Block Bogon Networks" which blocked all Link-Local IPv6 Traffic such as DHCPv6. My clients pull addresses now from DHCPv6 yay!
Good catch. Those damn bogons will get you every time. ;)

Offline hvisage

  • Newbie
  • *
  • Posts: 24
  • Karma: +1/-0
    • View Profile
Perhaps modify bogon for IPv6 (DHCPv6 does work, SLAAC works)
« Reply #4 on: February 01, 2018, 04:40:53 am »

It looks like for some reason on my LAN interface I had checked "Block Bogon Networks" which blocked all Link-Local IPv6 Traffic such as DHCPv6. My clients pull addresses now from DHCPv6 yay!

Thanks, just got bitten by this one myself, trying to protect the internet from my devices going bad ;(