Date: Sun, 30 Dec 2018 12:09:21 -0500 From: Mike <the.lists@mgm51.com> To: freebsd-questions@freebsd.org Subject: Re: How to configure IPV6 on FreeBSD 12 Message-ID: <ba25e1d6-8ac3-c663-6882-71c907d47c2a@mgm51.com> In-Reply-To: <DFFA83D7-B973-4385-80B4-AAFD19D11720@comcast.net> References: <DFFA83D7-B973-4385-80B4-AAFD19D11720@comcast.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On 12/29/2018 11:54 AM, Bill Crowell, N4HPG wrote: > I found my system at various stages of updates within the 11 release series and tidied it up to v12 as it became an official release. > > I use FreeBSD on a Zotac mini PC as a firewall, router, caching DNS server and for other things. > > It has 2 nics - one public and the other on my LAN. It does NAT for IPv4 and I’m using the PF firewall with great results. > > What I am NOT able to make work is IPV6. My ISP is Comcast and they support full IPv6 over DHCP and this worked on BSD 8 and 9 using the instructions here: > [snip] > > So, what should I be using? While I'm currently using OpenBSD for my firewall, in the past I have used FreeBSD for the task and it worked well. Comcast is my ISP, I've found their IPv6 implementation to be quite good. I was able to have a /60 IPv6 prefix delegated to me. Comcast, by default, provides a /128 IPv6 address and a /64 prefix delegation. You can change the length of the prefix delegation via dhclient parameters when you ask for the prefix. First things first... In order to get the IPv6 prefix delegation: (check man pages for the details and precise syntax of the following) - you need to assure that your WAN interface accepts IPv6 rtadv ( add "inet6 accept_rtadv" to the WAN interface in rc.conf ) - you need a working dhcp6 client. I use the ISC dhclient. The one in packages works well for me. One of the command line parameters specifies the length of the prefix to be delegated. https://www.freshports.org/net/isc-dhcp44-client/ At this point you should have the IPv6 addresses and a prefix. I use the entr package to watch the dhcp6 lease file and then run a script as needed to adjust the IPv6 addresses assigned to the interfaces. You'll probably do it in a different way. I also use rtadvd to distribute addresses on my home network. The syntax for rtadvd is bizarre (and I'm being kind). The OpenBSD project just rewrote rtadvd as the rad (router advertisement daemon) and its syntax is much, much better. Hopefully at some point it will be ported to FreeBSD. Anyway, when I used FreeBSD, here is the rtadvd .conf I used. (addresses have been modified to protect the innocent) The fdcf... address is local to my home network. The 2601:0186:1234:... address was assigned via a prefix obtains from Comcast via dhcp. ===================================== default: \ :vltime#259200:pltime#82400: igb1:\ :maxinterval#45: \ :addrs#2: \ :addr0="fdcf:1234:2f4d:1::":prefixlen0#64: \ :addr1="2601:0186:1234:479::":prefixlen1#64: \ :rdnss="fdcf:1234:2f4d:1::1": igb2:\ :maxinterval#60: \ :addr="2601:0186:1234:47a::":prefixlen#64: \ :rdnss="2001:558:feed::1": ====================================== That gives my to subnets, with the one on the igb2 interface using Comcast's DNS. I hope this gives you a starting point...
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?ba25e1d6-8ac3-c663-6882-71c907d47c2a>