Configuring an IPv6 gateway - a few questions

jem

Well-Known Member

Reaction score: 67
Messages: 385

Hi forum.

Until recently I ran pfSense on my gateway system for my home vDSL connection, but I decided to revert to plain FreeBSD and relearn how to configure everything manually. I've got it up and running with the typical setup of a private subnet (two in my case) NATed behind a single public IPv4 address using pf.

My ISP (Sky) is one of the few in the UK that offers native IPv6 connectivity, so I've been playing around with getting that working too. I've had better success getting it working with FreeBSD than I did with pfSense.

Sky delegates a /56 prefix to each customer through DHCPv6. Using the dhcp6 package and the following configuration file, a prefix-delegation is requested, then the first two /64 chunks of the /56 are assigned to my two LAN subnets:

(Interfaces: igb0 = general LAN, igb0.2 = lab LAN, igb1 = WAN)

/usr/local/etc/dhcp6c.conf
Code:
interface igb1 {
  send ia-pd 1;
};

id-assoc pd 1 {
  prefix ::/56 infinity;
  prefix-interface igb0 {
    sla-id 1;
    sla-len 8;
  };
  prefix-interface igb0.2 {
    sla-id 2;
    sla-len 8;
  };
};

With rtadvd enabled on igb0 and igb0.2, devices on those networks are successfully configuring themselves with global IPv6 addresses from the delegated prefix and a default route using SLAAC.

A few things I'm unclear on though.

1. When a DHCPv6 request is sent on my WAN interface, I see (in tcpdump) the reply come back followed immediately by a router advertisement, which wasn't specifically solicited (by rtsold) at that moment. Is this normal behaviour?

2. The default IPv6 route is automatically added to routing tables. Is rtsold doing this, or is the FreeBSD networking stack adding it due to ACCEPT_RTADV being set on the WAN interface? If the latter, is there even any point running rtsold on the WAN interface?

3. The LAN hosts are not getting IPv6 DNS servers and are relying on resolution using IPv4 instead. I understand that I need to configure a DHCPv6 server on my LAN to provide this information without also assigning IPv6 addresses, aka DHCPv6 Stateless. I've been searching the web, but have so far been unable to find any good resources describing how this should be done. Can anyone point me in the right direction?

4. Each time I reboot my gateway or restart the DHCPv6 client on the WAN interface, the ISP delegates a different /56 prefix. When this happens is there any way to signal all my LAN clients to immediately relinquish their addresses from the old prefix? I've seen some LAN hosts ending up with numerous global IPv6 addresses from different prefixes while I've been tinkering with the gateway host.

5. If I wanted to try using stateful IPv6 configuration on my LANs using DHCPv6, is there any way of having it automatically assign addresses from whatever prefix the ISP has currently delegated? The man pages describe using a 'subnet6' directive equivalent to the 'subnet' directive for IPv4, but it requires explicitly declaring the prefix. Short of writing a script to automatically modify the DHCPv6 server configuration file each time the WAN DHCPv6 client restarts, I can't see how this might be done.

Thanks in advance for any advice.

jem
 
Last edited:
Top