pfSense Support Subscription

Author Topic: Help with native ipv6  (Read 1708 times)

0 Members and 1 Guest are viewing this topic.

Offline ferllings

  • Newbie
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
Help with native ipv6
« on: June 02, 2013, 01:48:46 am »
Hello,

I'm trying to setup native ipv6 on my network
I'm using a fresh install of pFsense 2.1rc0.
My ISP provide me ipv6 with this prefix: 2a01:e34:eedf:8ea0::/64
The WAN interface receives this ip via dhcp6 : 2a01:e34:eedf:8ea0:20d:bf9f:f2cc:fdd1
I set static ip on the LAN interface: 2a01:e34:eedf:8ea0:1::1

If I ping ipv6.google.com, from the WAN source address it works fine:
Code: [Select]
PING6(56=40+8+8 bytes) 2a01:e34:eedf:8ea0:20d:bf9f:f2cc:fdd1 --> 2a00:1450:4007:809::1013
16 bytes from 2a00:1450:4007:809::1013, icmp_seq=0 hlim=57 time=161.021 ms
16 bytes from 2a00:1450:4007:809::1013, icmp_seq=1 hlim=57 time=119.564 ms
16 bytes from 2a00:1450:4007:809::1013, icmp_seq=2 hlim=57 time=184.896 ms

--- ipv6.l.google.com ping6 statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 119.564/155.160/184.896/26.992 ms

But if I ping from LAN, it does not work:

Code: [Select]
PING6(56=40+8+8 bytes) 2a01:e34:eedf:8ea0:1::1 --> 2a00:1450:4007:809::1013

--- ipv6.l.google.com ping6 statistics ---
3 packets transmitted, 0 packets received, 100.0% packet loss

It does not look like a firewall issue, as does have IPV6* allowed rule.
And if I capture the packets, I can see the request sent, but not comming back:

Code: [Select]
08:45:29.200477 IP6 2a01:e34:eedf:8ea0:1::1 > 2a00:1450:4007:809::1013: ICMP6, echo request, seq 0, length 16
08:45:30.201570 IP6 2a01:e34:eedf:8ea0:1::1 > 2a00:1450:4007:809::1013: ICMP6, echo request, seq 1, length 16
08:45:31.191715 IP6 2a01:e34:eedf:8ea0:1::1 > 2a00:1450:4007:809::1013: ICMP6, echo request, seq 2, length 16
            
What is wrong why my settings?
Is it possible that my LAN ip is wrong?

Thanks for your help.

--CÚdric

Offline ferllings

  • Newbie
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
Re: Help with native ipv6
« Reply #1 on: June 02, 2013, 11:50:17 am »
According to this article: http://www.zw3b.fr/linux/reseaux/ipv6-derriere-une-freebox-routeur-linux

My ISP (Free), send a /64 prefix, which does not allow to have sub-networks.

So one of the solution is to create a bridge between LAN and WAN.
with:

ebtables -t broute -A BROUTING -p ! ipv6 -j DROP
brctl addbr br0
ifconfig br0 up
brctl addif br0 eth0
brctl addif br0 eth1

I have created a bridge in >Interfaces > Bridge
 BRIDGE0 :    WAN, LAN

But what else now?
- what ipv6 should be assigned to OPT1 (BRIDGE0) and WAN?