# ipv6 not available for all vlans



## trumee (Apr 16, 2018)

Hello,

I have a few VLANS defined on a FreeBSD host. I have enabled ipv6 for the vlans, however only one vlan gets an ipv6 from the router. The rest do not get an ipv6 address. All the vlans have static ipv4 addresses set. Here is my /etc/rc.conf


```
ifconfig_ix0="-rxcsum -txcsum  -vlanmtu  -vlanhwtso  -tso4 -tso6 -vlanhwtso -vlanhwcsum up"
ifconfig_ix1="-rxcsum -txcsum  -vlanmtu  -vlanhwtso  -tso4 -tso6 -vlanhwtso -vlanhwcsum up"

cloned_interfaces="lagg0 vlan100 vlan200"
ifconfig_lagg0="laggproto lacp laggport ix0 laggport ix1"

ifconfig_vlan100="inet 192.168.1.5 netmask 255.255.255.0 vlan 100 vlandev lagg0 fib 0"
ifconfig_vlan200="inet 192.168.2.5 netmask 255.255.255.0 vlan 200 vlandev lagg0 fib 2"
ifconfig_lo1="inet 127.0.0.2 netmask 255.255.255.0 fib 1"

ifconfig_vlan100_ipv6="inet6 accept_rtadv"
ifconfig_vlan200_ipv6="inet6 accept_rtadv"

rtsold_enable="YES"

defaultrouter="192.168.1.1"

static_routes="vlan200_if vlan200_gw"

route_vlan200_if="-net 192.168.2.0/24 -iface vlan200 -fib 2"
route_vlan200_gw="default 192.168.2.1 -fib 2"
```

The output of ifconfig shows that only vlan100 gets a global routed address while vlan200 only gets a link local.


```
vlan100: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=400<LRO>
        ether 0c:c4:7a:xx:xx:xx
        inet 192.168.1.5 netmask 0xffffff00 broadcast 192.168.1.255 
        inet6 fe80::ec4:7axx:xxxx:xxx0%vlan100 prefixlen 64 scopeid 0x9 
        inet6 2601:2c2:x00:xxx:xxx:xxxx:xxxx:xxxx prefixlen 64 autoconf 
        nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
        media: Ethernet autoselect
        status: active
        vlan: 100 vlanpcp: 0 parent interface: lagg0
        groups: vlan 
vlan200: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=400400<LRO,TXCSUM_IPV6>
        ether 0c:c4:7a:xx:xx:xx
        inet 192.168.2.5 netmask 0xffffff00 broadcast 192.168.2.255 
        inet6 fe80::ec4:7xxx:xxxx:xxx0%vlan200 prefixlen 64 scopeid 0xa 
        nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
        media: Ethernet autoselect
        status: active
        fib: 2
        vlan: 200 vlanpcp: 0 parent interface: lagg0
        groups: vlan
```

Any idea why vlan200 doesnt get a routed address?


----------



## SirDice (Apr 16, 2018)

Each network needs its own /64 range for the router advertisements. It also requires a rtadvd(8) for each network. In this sense it works similar to IPv4 DHCP.


----------



## trumee (Apr 16, 2018)

I have given /64 to each vlan on the pfsense router. To confirm this i plugged in my linux laptop on the vlan200 and it was able to get an ipv6 address. However, somehow FreeBSD server is not able to get it.


----------



## SirDice (Apr 16, 2018)

Try running `rtsol vlan200`. It's similar to running `dhclient vlan200` but for IPv6 SLAAC.


----------



## trumee (Apr 16, 2018)

Ok, after running `rtsol vlan200`, I get an ipv6 address,


```
vlan200: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=400400<LRO,TXCSUM_IPV6>
        ether 0c:c4:7a:xx:xx:xx
        inet 192.168.2.5 netmask 0xffffff00 broadcast 192.168.2.255
        inet6 fe80::ec4:7xxx:xxxx:xxx0%vlan200 prefixlen 64 scopeid 0xa
        inet6 2601:2c2:xxx:xxx:xxx:xxxx:xxxx:xxxx prefixlen 64 autoconf
        nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
        media: Ethernet autoselect
        status: active
        fib: 2
        vlan: 200 vlanpcp: 0 parent interface: lagg0
        groups: vlan
```

Is there a way to specify this in /etc/rc.conf?

How do I get an address using DHCPv6?


----------



## SirDice (Apr 16, 2018)

Try enabling rtsold(8) in /etc/rc.conf. I've never had to do this though, the `accept_rtadv` was enough. 

`sysrc rtsold_enable="YES"`
`service rtsold start`



trumee said:


> How do I get an address using DHCPv6?


You'll need to use net/isc-dhcp43-client or net/isc-dhcp44-client. The standard dhclient(8) doesn't support IPv6.


----------



## trumee (Apr 17, 2018)

I installed _dual-dhclient_ which pulled in _net/isc-dhcp43-client_. In addition i modified /etc/rc.conf to


```
ipv6_activate_all_interfaces="YES"
ifconfig_DEFAULT="DHCP accept_rtadv"
```

I can see that all interfaces has an ipv6 address. All the address have 'autoconf' at the end. I guessing this is still SLAAC and DHCPV6 did not work.


```
$ifconfig vlan200
vlan200: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=400400<LRO,TXCSUM_IPV6>
        ether 0c:c4:7a:xx:xx:xx
        inet 192.168.2.5 netmask 0xffffff00 broadcast 192.168.2.255
        inet6 fe80::ec4:7xxx:xxxx:xxx0%vlan200 prefixlen 64 scopeid 0xa
        inet6 2601:2c2:xxx:xxx:xxx:xxxx:xxxx:xxxx prefixlen 64 autoconf
        nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
        media: Ethernet autoselect
        status: active
        fib: 2
        vlan: 200 vlanpcp: 0 parent interface: lagg0
        groups: vlan
```

There is a bunch of 'ifconfig: ioctl(SIOCGIFINFO_IN6): Invalid argument' in the kernel log. What could be the issue?


----------



## trumee (Apr 17, 2018)

I ran dhclient manually like so `/usr/local/sbin/dhclient -6 -d vlan200` and now i am getting an ipv6 address without an autoconf


```
$ifconfig vlan200
inet6 fe80::ec4:7xxx:xxxx:xxx0%vlan200 prefixlen 64 scopeid 0xa
inet6 2601:2c2:xxx:xxx:xxx:xxxx:xxxx:xxxx prefixlen 64 autoconf
inet6 2601:2c2:xxx:xxx::xxxx prefixlen 64
```

So why is dhclient not running automatically?


----------



## SirDice (Apr 17, 2018)

Because the system's dhclient(8) is used (which doesn't support IPv6). Never tried this but try setting this in rc.conf:

```
dhclient_program="/usr/local/sbin/dhclient"
```
You can also set additional flags with `dhclient_flags=""`


----------



## trumee (Apr 17, 2018)

SirDice said:


> Because the system's dhclient(8) is used (which doesn't support IPv6). Never tried this but try setting this in rc.conf:
> 
> ```
> dhclient_program="/usr/local/sbin/dhclient"
> ...



Sorry forgot to mention I did include this in my /etc/rc.conf. I have tried all sort of combinations now and havent managed to get a DHCPv6 at all.

Neither of these work for DHCPv6

```
dhclient_program="/usr/local/sbin/dhclient"
ifconfig_vlan100_ipv6="inet6 DHCP accept_rtadv"
ifconfig_vlan200_ipv6="inet6 DHCP accept_rtadv"
rtsold_enable="YES"
```

or

```
dhclient_program="/usr/local/sbin/dual-dhclient"
ifconfig_vlan100_ipv6="inet6 DHCP accept_rtadv"
ifconfig_vlan200_ipv6="inet6 DHCP accept_rtadv"
rtsold_enable="YES"
```


----------



## SirDice (Apr 17, 2018)

You either use SLAAC or DHCPv6, not both. SLAAC => accept_rtadv + rtsold(8).

Try this:

```
ifconfig_vlan100_ipv6="DHCP"
ifconfig_vlan200_ipv6="DHCP"
```

But, you're using static IPv4 addresses for these interfaces, why not use static IPv6 too?


----------



## trumee (Apr 17, 2018)

SirDice said:


> You either use SLAAC or DHCPv6, not both. SLAAC => accept_rtadv + rtsold(8).
> 
> Try this:
> 
> ...



I have SLAAC and DHCPV6 working simultaneously in linux, so thought to be so in FreeBSD.

I guess a static ip is the last resort, but would like to record that in pfsense. How do i get the DUID address required for static mapping (pfsense screenshot below) ?


----------



## trumee (Apr 18, 2018)

I ended up with static ip addresses,
rc.conf

```
ifconfig_vlan100_ipv6="inet6 2601:xxx:xxx:100::xxxx prefixlen 64  fib 0"
ifconfig_vlan200_ipv6="inet6 2601:xxx:xxx:101::xxxx prefixlen 64  fib 2"
ipv6_defaultrouter="2601:xxx:xxx:100:xxx:xxxx:xxxx:xxxx"

ipv6_static_routes="vlan200_if vlan200_gw"
ipv6_route_vlan200_if="2601:xxx:xxx:101:: -prefixlen 64  -iface vlan200 -fib 2"
ipv6_route_vlan200_gw="default 2601:xxx:xxx:101:xxx:xxxx:xxxx:xxxx  -fib 2"
```

To get the ipv6 in ezjail, had to add a static ip address like so

```
export jail_myjail_ip="vlan200|192.168.1.2,vlan200|2601:xxx:xxx:101::xxxx"
export jail_myjail_fib="2"
```


----------



## trumee (Apr 18, 2018)

I  am using the /64 address from my ISP for the various vlans. My ISP gives out dynamic ip addresses. Since I am using static ipv6 address if my upstream ipv6 address changes that these static ip addresses will be no good. This seems to be a limitation of using static ip addresses. Atleast with IPv4 the private network can be kept independent of the ISP allocated IPv4 address.


----------

