TL/DR: I would like to configure a PD on my WAN interface but my ISP's DHCP server doesn't support RFC6603; I can configure this manually but I am looking for a more programatic solution.
My ISP provides a /60 which I am able to split into multiple /64's. I am currently using dhcpcd to configure one of those /64's on a WireGuard interface - once the interface is configured via dhcpcd, I am able to ping to the outside world (via ping -S ...), access the WireGuard instance remotely, etc.
At this stage, I only have the desire to configure IPv6 addresses on my FreeBSD firewalls. As such, I would like is to configure one of the /64's on my WAN interface but unfortunately, my ISP's DHCP6 servers do not support RFC6603, "Prefix Exclude Option" (as indicated by "DHCPv6 server does not support OPTION_PD_EXCLUDE" in dhcpcd's output). Consequently, the following dhcpcd.conf will only configure one /64 on the WireGuard interface:
However, once dhcpcd has forked into the background, I can manually configure an IPv6 alias on my WAN interface which then allows me normal IPv6 Internet access from the firewall:
I understand that dhcpcd provides the ability to run scripts at different stages of the IP address acquisition process - I was thinking I could run a script to manually add an IPv6 address to my WAN interface based on the address assigned to the WireGuard interface.
I am wondering if anyone else has experienced the same issue and has a better solution for configuring a globally accessible IPv6 address on their WAN interface.
My ISP provides a /60 which I am able to split into multiple /64's. I am currently using dhcpcd to configure one of those /64's on a WireGuard interface - once the interface is configured via dhcpcd, I am able to ping to the outside world (via ping -S ...), access the WireGuard instance remotely, etc.
At this stage, I only have the desire to configure IPv6 addresses on my FreeBSD firewalls. As such, I would like is to configure one of the /64's on my WAN interface but unfortunately, my ISP's DHCP6 servers do not support RFC6603, "Prefix Exclude Option" (as indicated by "DHCPv6 server does not support OPTION_PD_EXCLUDE" in dhcpcd's output). Consequently, the following dhcpcd.conf will only configure one /64 on the WireGuard interface:
Code:
duid
slaac hwaddr
nooption domain_name_servers, domain_name, domain_search, host_name
option rapid_commit
ipv6only
noipv6rs
hostname -
vendclass 40712 .
script ""
allowinterfaces igb4
interface igb4
ipv6rs
ia_na 0
ia_pd 1 igb4/1/64 wg1/2/64
However, once dhcpcd has forked into the background, I can manually configure an IPv6 alias on my WAN interface which then allows me normal IPv6 Internet access from the firewall:
Code:
ifconfig igb4 inet6 2600:d34d:b33f:12e1::1 prefixlen 64 alias
I understand that dhcpcd provides the ability to run scripts at different stages of the IP address acquisition process - I was thinking I could run a script to manually add an IPv6 address to my WAN interface based on the address assigned to the WireGuard interface.
I am wondering if anyone else has experienced the same issue and has a better solution for configuring a globally accessible IPv6 address on their WAN interface.