• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

ipv6 not available for all vlans

trumee

Active Member

Thanks: 9
Messages: 129

#1
Hello,

I have a few VLANS defined on a FreeBSD host. I have enabled ipv6 for the vlans, however only one vlan gets an ipv6 from the router. The rest do not get an ipv6 address. All the vlans have static ipv4 addresses set. Here is my /etc/rc.conf

Code:
ifconfig_ix0="-rxcsum -txcsum  -vlanmtu  -vlanhwtso  -tso4 -tso6 -vlanhwtso -vlanhwcsum up"
ifconfig_ix1="-rxcsum -txcsum  -vlanmtu  -vlanhwtso  -tso4 -tso6 -vlanhwtso -vlanhwcsum up"

cloned_interfaces="lagg0 vlan100 vlan200"
ifconfig_lagg0="laggproto lacp laggport ix0 laggport ix1"

ifconfig_vlan100="inet 192.168.1.5 netmask 255.255.255.0 vlan 100 vlandev lagg0 fib 0"
ifconfig_vlan200="inet 192.168.2.5 netmask 255.255.255.0 vlan 200 vlandev lagg0 fib 2"
ifconfig_lo1="inet 127.0.0.2 netmask 255.255.255.0 fib 1"

ifconfig_vlan100_ipv6="inet6 accept_rtadv"
ifconfig_vlan200_ipv6="inet6 accept_rtadv"

rtsold_enable="YES"

defaultrouter="192.168.1.1"

static_routes="vlan200_if vlan200_gw"

route_vlan200_if="-net 192.168.2.0/24 -iface vlan200 -fib 2"
route_vlan200_gw="default 192.168.2.1 -fib 2"
The output of ifconfig shows that only vlan100 gets a global routed address while vlan200 only gets a link local.

Code:
vlan100: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=400<LRO>
        ether 0c:c4:7a:xx:xx:xx
        inet 192.168.1.5 netmask 0xffffff00 broadcast 192.168.1.255 
        inet6 fe80::ec4:7axx:xxxx:xxx0%vlan100 prefixlen 64 scopeid 0x9 
        inet6 2601:2c2:x00:xxx:xxx:xxxx:xxxx:xxxx prefixlen 64 autoconf 
        nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
        media: Ethernet autoselect
        status: active
        vlan: 100 vlanpcp: 0 parent interface: lagg0
        groups: vlan 
vlan200: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=400400<LRO,TXCSUM_IPV6>
        ether 0c:c4:7a:xx:xx:xx
        inet 192.168.2.5 netmask 0xffffff00 broadcast 192.168.2.255 
        inet6 fe80::ec4:7xxx:xxxx:xxx0%vlan200 prefixlen 64 scopeid 0xa 
        nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
        media: Ethernet autoselect
        status: active
        fib: 2
        vlan: 200 vlanpcp: 0 parent interface: lagg0
        groups: vlan
Any idea why vlan200 doesnt get a routed address?
 

SirDice

Administrator
Staff member
Administrator
Moderator

Thanks: 5,773
Best answers: 3
Messages: 26,272

#2
Each network needs its own /64 range for the router advertisements. It also requires a rtadvd(8) for each network. In this sense it works similar to IPv4 DHCP.
 

trumee

Active Member

Thanks: 9
Messages: 129

#3
I have given /64 to each vlan on the pfsense router. To confirm this i plugged in my linux laptop on the vlan200 and it was able to get an ipv6 address. However, somehow FreeBSD server is not able to get it.
 

SirDice

Administrator
Staff member
Administrator
Moderator

Thanks: 5,773
Best answers: 3
Messages: 26,272

#4
Try running rtsol vlan200. It's similar to running dhclient vlan200 but for IPv6 SLAAC.
 

trumee

Active Member

Thanks: 9
Messages: 129

#5
Ok, after running rtsol vlan200, I get an ipv6 address,

Code:
vlan200: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=400400<LRO,TXCSUM_IPV6>
        ether 0c:c4:7a:xx:xx:xx
        inet 192.168.2.5 netmask 0xffffff00 broadcast 192.168.2.255
        inet6 fe80::ec4:7xxx:xxxx:xxx0%vlan200 prefixlen 64 scopeid 0xa
        inet6 2601:2c2:xxx:xxx:xxx:xxxx:xxxx:xxxx prefixlen 64 autoconf
        nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
        media: Ethernet autoselect
        status: active
        fib: 2
        vlan: 200 vlanpcp: 0 parent interface: lagg0
        groups: vlan
Is there a way to specify this in /etc/rc.conf?

How do I get an address using DHCPv6?
 

SirDice

Administrator
Staff member
Administrator
Moderator

Thanks: 5,773
Best answers: 3
Messages: 26,272

#6

trumee

Active Member

Thanks: 9
Messages: 129

#7
I installed dual-dhclient which pulled in net/isc-dhcp43-client. In addition i modified /etc/rc.conf to

Code:
ipv6_activate_all_interfaces="YES"
ifconfig_DEFAULT="DHCP accept_rtadv"
I can see that all interfaces has an ipv6 address. All the address have 'autoconf' at the end. I guessing this is still SLAAC and DHCPV6 did not work.

Code:
$ifconfig vlan200
vlan200: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=400400<LRO,TXCSUM_IPV6>
        ether 0c:c4:7a:xx:xx:xx
        inet 192.168.2.5 netmask 0xffffff00 broadcast 192.168.2.255
        inet6 fe80::ec4:7xxx:xxxx:xxx0%vlan200 prefixlen 64 scopeid 0xa
        inet6 2601:2c2:xxx:xxx:xxx:xxxx:xxxx:xxxx prefixlen 64 autoconf
        nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
        media: Ethernet autoselect
        status: active
        fib: 2
        vlan: 200 vlanpcp: 0 parent interface: lagg0
        groups: vlan
There is a bunch of 'ifconfig: ioctl(SIOCGIFINFO_IN6): Invalid argument' in the kernel log. What could be the issue?
 

trumee

Active Member

Thanks: 9
Messages: 129

#8
I ran dhclient manually like so /usr/local/sbin/dhclient -6 -d vlan200 and now i am getting an ipv6 address without an autoconf

Code:
$ifconfig vlan200
inet6 fe80::ec4:7xxx:xxxx:xxx0%vlan200 prefixlen 64 scopeid 0xa
inet6 2601:2c2:xxx:xxx:xxx:xxxx:xxxx:xxxx prefixlen 64 autoconf
inet6 2601:2c2:xxx:xxx::xxxx prefixlen 64
So why is dhclient not running automatically?
 

SirDice

Administrator
Staff member
Administrator
Moderator

Thanks: 5,773
Best answers: 3
Messages: 26,272

#9
Because the system's dhclient(8) is used (which doesn't support IPv6). Never tried this but try setting this in rc.conf:
Code:
dhclient_program="/usr/local/sbin/dhclient"
You can also set additional flags with dhclient_flags=""
 

trumee

Active Member

Thanks: 9
Messages: 129

#10
Because the system's dhclient(8) is used (which doesn't support IPv6). Never tried this but try setting this in rc.conf:
Code:
dhclient_program="/usr/local/sbin/dhclient"
You can also set additional flags with dhclient_flags=""
Sorry forgot to mention I did include this in my /etc/rc.conf. I have tried all sort of combinations now and havent managed to get a DHCPv6 at all.

Neither of these work for DHCPv6
Code:
dhclient_program="/usr/local/sbin/dhclient"
ifconfig_vlan100_ipv6="inet6 DHCP accept_rtadv"
ifconfig_vlan200_ipv6="inet6 DHCP accept_rtadv"
rtsold_enable="YES"
or
Code:
dhclient_program="/usr/local/sbin/dual-dhclient"
ifconfig_vlan100_ipv6="inet6 DHCP accept_rtadv"
ifconfig_vlan200_ipv6="inet6 DHCP accept_rtadv"
rtsold_enable="YES"
 

SirDice

Administrator
Staff member
Administrator
Moderator

Thanks: 5,773
Best answers: 3
Messages: 26,272

#11
You either use SLAAC or DHCPv6, not both. SLAAC => accept_rtadv + rtsold(8).

Try this:
Code:
ifconfig_vlan100_ipv6="DHCP"
ifconfig_vlan200_ipv6="DHCP"
But, you're using static IPv4 addresses for these interfaces, why not use static IPv6 too?
 

trumee

Active Member

Thanks: 9
Messages: 129

#12
You either use SLAAC or DHCPv6, not both. SLAAC => accept_rtadv + rtsold(8).

Try this:
Code:
ifconfig_vlan100_ipv6="DHCP"
ifconfig_vlan200_ipv6="DHCP"
But, you're using static IPv4 addresses for these interfaces, why not use static IPv6 too?
I have SLAAC and DHCPV6 working simultaneously in linux, so thought to be so in FreeBSD.

I guess a static ip is the last resort, but would like to record that in pfsense. How do i get the DUID address required for static mapping (pfsense screenshot below) ?
1523970737143.png
 

trumee

Active Member

Thanks: 9
Messages: 129

#13
I ended up with static ip addresses,
rc.conf
Code:
ifconfig_vlan100_ipv6="inet6 2601:xxx:xxx:100::xxxx prefixlen 64  fib 0"
ifconfig_vlan200_ipv6="inet6 2601:xxx:xxx:101::xxxx prefixlen 64  fib 2"
ipv6_defaultrouter="2601:xxx:xxx:100:xxx:xxxx:xxxx:xxxx"

ipv6_static_routes="vlan200_if vlan200_gw"
ipv6_route_vlan200_if="2601:xxx:xxx:101:: -prefixlen 64  -iface vlan200 -fib 2"
ipv6_route_vlan200_gw="default 2601:xxx:xxx:101:xxx:xxxx:xxxx:xxxx  -fib 2"
To get the ipv6 in ezjail, had to add a static ip address like so
Code:
export jail_myjail_ip="vlan200|192.168.1.2,vlan200|2601:xxx:xxx:101::xxxx"
export jail_myjail_fib="2"
 

trumee

Active Member

Thanks: 9
Messages: 129

#14
I am using the /64 address from my ISP for the various vlans. My ISP gives out dynamic ip addresses. Since I am using static ipv6 address if my upstream ipv6 address changes that these static ip addresses will be no good. This seems to be a limitation of using static ip addresses. Atleast with IPv4 the private network can be kept independent of the ISP allocated IPv4 address.