You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
I've been trying to setup IPv6 on my network, however my ISP (Centurylink) refuses to do a decent dual-stack implementation or anything similar and believes that 6rd is still a reasonable way to deploy IPv6. Since they also no longer give static IPs (and had weird rules about getting them beforehand) I have little way to ensure my prefix remains stable. To this end, it appears my best solution is to define a ULA prefix or similar for inside my network (or at least parts of it) and setup NPTv6 so that my internal IPs for various system can remain static despite my external IP addresses changing randomly. However, the NPTv6 UI won't let me configure the logic, it instead tells me that my interface isn't tracking the rule interface (even though it is). Upon investigation, it appears that this is specific to 6rd (and probably 6in4 tunnels as well).
To Reproduce
Configure a system with IPv6 using 6rd on WAN.
Configure internal interface to track the 6rd interface.
Add additional IPv6 address using ULA (or something similar).
Add NPTv6 mapping for ULA with interface set to WAN and track interface set to internal interface
See error when clicking save.
Expected behavior
Save settings works correctly and devices with ULA addresses can access external IP addresses.
Describe alternatives you considered
I don't think I have any alternatives, using link-local inside the network gets messy (multiple VLANs) and some of the devices I'm setting up for IPv6 don't appear to handle a static IP and router advertisements correctly. Either way, this seems like an oversight that only dhcpv6 interfaces work and not 6rd or 6in4?
Additional context
I poked in the code a little bit and it looks like NPTv6 is coded to only use DHCPv6 and doesn't expect the WAN interface to be configured with either a 6rd or 6in4 tunnel. I modified the check as follows and it appears to work as I expect.
if (
(empty($config->interfaces->{$rule->interface}->ipaddrv6) ||
- $config->interfaces->{$rule->interface}->ipaddrv6 != 'dhcp6') ||
+ ($config->interfaces->{$rule->interface}->ipaddrv6 != 'dhcp6' &&
+ $config->interfaces->{$rule->interface}->ipaddrv6 != '6rd')) ||
empty($config->interfaces->{$rule->trackif}->{'track6-interface'}) ||
$config->interfaces->{$rule->trackif}->{'track6-interface'} != (string)$rule->interface
) {
$messages->appendMessage(new Message(
gettext('This interface is not tracking the current rule interface.'),
$rule->trackif->__reference
));
}
Environment
OPNsense 24.7.5 and 24.7.6 (amd64) running on XCP-NG host
Intel® Atom™ C3578 8-Core
Network Intel® I350 (IIRC)
The text was updated successfully, but these errors were encountered:
Important notices
Before you add a new report, we ask you kindly to acknowledge the following:
Describe the bug
I've been trying to setup IPv6 on my network, however my ISP (Centurylink) refuses to do a decent dual-stack implementation or anything similar and believes that 6rd is still a reasonable way to deploy IPv6. Since they also no longer give static IPs (and had weird rules about getting them beforehand) I have little way to ensure my prefix remains stable. To this end, it appears my best solution is to define a ULA prefix or similar for inside my network (or at least parts of it) and setup NPTv6 so that my internal IPs for various system can remain static despite my external IP addresses changing randomly. However, the NPTv6 UI won't let me configure the logic, it instead tells me that my interface isn't tracking the rule interface (even though it is). Upon investigation, it appears that this is specific to 6rd (and probably 6in4 tunnels as well).
To Reproduce
Expected behavior
Save settings works correctly and devices with ULA addresses can access external IP addresses.
Describe alternatives you considered
I don't think I have any alternatives, using link-local inside the network gets messy (multiple VLANs) and some of the devices I'm setting up for IPv6 don't appear to handle a static IP and router advertisements correctly. Either way, this seems like an oversight that only dhcpv6 interfaces work and not 6rd or 6in4?
Additional context
I poked in the code a little bit and it looks like NPTv6 is coded to only use DHCPv6 and doesn't expect the WAN interface to be configured with either a 6rd or 6in4 tunnel. I modified the check as follows and it appears to work as I expect.
Environment
OPNsense 24.7.5 and 24.7.6 (amd64) running on XCP-NG host
Intel® Atom™ C3578 8-Core
Network Intel® I350 (IIRC)
The text was updated successfully, but these errors were encountered: