Solved: DHCPv6 Prefix Delegation with upstream pfSense

Hi,

as my provider provides me with a static /48 which terminates via PPPoE (VDSL) at my pfSense 2.4 box I wanna play ISP.
So I setup dhcpv6 service in order to provide Prefix Delegation for which I reserved a /52 prefix that can hand out 256 times /60, right?. I love IPv6 :laughing:
So I put a downstream device in, which is OpenWrt virtualized with Proxmox 18.06.04 x86_64 with all default settings.
First time plugin it just worked out of the box. I saw my OpenWrt's interface to have an IP address within a local prefix of /60. Well that's not what I intended to have OpenWrt downstream /60 but ok, at least the process of DHCPv6 solicitation -> advertisement is working.
What's bothering me is that even now that it's not working any more, I don't even see DHCPv6 Solicitation messages directed at the pfSense. Shouldn't there be any?

See the following for the diagnostics:

ifstatus wan6
ifstatus lan

If you want to manually trigger the process:

ifup wan6
1 Like

Thank you.
When I trigger I can see that I get a UGA but via SLAAC. I don't get nothing via Statefull DHCPv6. No Prefix, no IP, nothing.
I still don't see DHCP solicitation on wan6 when I tcpdump -i eth1 -n -nn icmp6
All I see is router solicitation and following router advertisement.

This is what ifstatus wan6 gives me.

{
        "up": true,
        "pending": false,
        "available": true,
        "autostart": true,
        "dynamic": false,
        "uptime": 178,
        "l3_device": "eth1",
        "proto": "dhcpv6",
        "device": "eth1",
        "metric": 0,
        "dns_metric": 0,
        "delegation": true,
        "ipv4-address": [

        ],
        "ipv6-address": [
                {
                        "address": "2001:4a1a:6bbb:1001:9cfd:47ff:fea1:7332",
                        "mask": 64,
                        "preferred": 14394,
                        "valid": 86394
                }
        ],
        "ipv6-prefix": [

        ],
        "ipv6-prefix-assignment": [

        ],
        "route": [
                {
                        "target": "2001:4a1a:6bbb:1001::",
                        "mask": 64,
                        "nexthop": "::",
                        "metric": 256,
                        "valid": 86394,
                        "source": "::\/0"
                },
                {
                        "target": "::",
                        "mask": 0,
                        "nexthop": "fe80::1:1",
                        "metric": 512,
                        "valid": 54,
                        "source": "2001:4a1a:6bbb:1001:9cfd:47ff:fea1:7332\/64"
                }
        ],
        "dns-server": [ 
                "2001:4a1a:6bbb:1001:5054:ff:fef6:7ebc"
        ],
        "dns-search": [ 
                "my.domain.name"
        ],
        "inactive": {
                "ipv4-address": [

                ],
                "ipv6-address": [

                ],
                "route": [

                ],
                "dns-server": [

                ],
                "dns-search": [

                ]
        },
        "data": {

        }
}

It's working now. I just deleted all configuration and recreated it upstream as downstream and it's working.
Here's my DHCPv6 client configuration

type or paste code hereconfig interface 'lan'
        option type 'bridge'
        option ifname 'eth0'
        option proto 'static'
        option ipaddr '192.168.1.1'
        option netmask '255.255.255.0'
        option ip6assign '64'

config interface 'wan'
        option ifname 'eth1'
        option proto 'dhcp'

config interface 'wan6'
        option ifname 'eth1'
        option proto 'dhcpv6'

I'd usually expect option ifname '@wan' (instead of eth1) in your wan6 stanza (yes, technically both should work, but the @-syntax clarifies the linkage).

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.