# IPv6 configuration



## DenBeke (Jun 5, 2014)

I have read a few manuals about configuring IPv6 on FreeBSD. But I seem to do something wrong.
I'm running FreeBSD 10 on a VPS, and received an IPv6 address and gateway from my ISP.

I have the following IPv4 network configuration in my rc.conf file.


```
ifconfig_xn0="inet [address] netmask 255.255.254.0"
defaultrouter="[address]"
```

IPv4 has always worked and I want to keep it like that 

I now added the following lines for IPv6.


```
ipv6_network_interfaces="xn0"
ifconfig_xn0_ipv6="inet6 [address] prefixlen 64"
ipv6_defaultrouter="[address]"
ip6addrctl_policy="ipv4_prefer"
```

I rebooted the server and I don't seem able to reach my server through IPv6.
IPv4 is still working fine.

Ifconfig lists the following for the network interface:


```
xn0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
	options=503<RXCSUM,TXCSUM,TSO4,LRO>
	ether d2:4c:71:51:78:8a
	inet [address] netmask 0xfffffe00 broadcast [address]
	inet6 fe80::d04c:71ff:fe51:788a%xn0 prefixlen 64 scopeid 0x2 
	inet6 [address] prefixlen 64 
	nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
	media: Ethernet manual
	status: active
```

Since IPv6 is all new for me, I thought I could be making a stupid mistake that the experts overhere would find immediately.
I hope I haven't posted in the wrong forum, or that I am asking really stupid things...


----------



## SirDice (Jun 5, 2014)

DenBeke said:
			
		

> I rebooted the server and I don't seem able to reach my server through IPv6.


Did you modify your firewall to allow IPv6? The most common problem is having a firewall which only allows IPv4.


----------



## DenBeke (Jun 5, 2014)

I have indeed forgotten that. Stupid...


```
$ sudo ipfw list
00001 check-state
00002 allow ip from any to any via lo0
00003 allow tcp from any to any established
00200 allow udp from me to any out keep-state
00201 allow tcp from me to any out setup keep-state
00400 allow icmp from me to any icmptypes 0,3,8,11,12,13,14
00401 allow icmp from any to me icmptypes 0,3,8,11,12,13,14
00500 allow tcp from any to any out via re1 setup keep-state
00600 allow udp from any to me dst-port 28763 in keep-state
00601 allow udp from any to me dst-port 28764 in keep-state
60100 allow tcp from any to me dst-port 22 in setup keep-state
60101 allow tcp from any to me dst-port 80 in setup keep-state
65535 deny ip from any to any
```

This is my original configuration, I thought that would allow IPv6 since there are no IP addresses in it. Thought wrong...
What is the easy/good way to enable IPv6?


----------



## alexseitsinger (Jun 5, 2014)

Hi there -

I just finished configuring everything for my DualStack IPv4/IPv6 internet as well. It's a simple process and is possible, in hindsight, of course.

SirDice is indeed correct in that its important to ensure your firewall settings are correct as well as everything else. If you would like, I can provide you with a copy of my /etc/rc.conf file and PF filter as well as a small collection of links that I have found to be most helpful regarding this topic.

URLs:
1. ( the /etc/wide-dhcp6c.conf part ) - http://blog.kylemanna.com/ipv6/2013/09/ ... francisco/
2. ( General Use Info ) - http://books.google.com/books?id=VpHSCn ... on&f=false
3. ( the Autoconf part ) - https://www.slashorg.net/read-141-IPv6- ... eeBSD.html
4. ( General Use Info ) - http://tools.ietf.org/html/rfc3484
5. ( Understanding RA ) - http://www.freebsd.org/cgi/man.cgi?query=rtadvd.conf
6. ( the ipv6_cpe_wanif part ) - http://lists.freebsd.org/pipermail/free ... 23370.html

However, none of these provide a clear-cut, and concise path to accomplishing this quickly. So make sure to go through those articles and give it a try, and if you're still struggling, Ill share my RC.conf and PF.conf files with you.

-A


----------



## DenBeke (Jun 5, 2014)

Thanks for the information!

On another site I found this:


```
# Enable ip6fw.
ipv6_firewall_enable="YES"
ipv6_firewall_type="type"        # see rc.firewall6 for what goes here
ipv6_firewall_quiet="NO"
```

Can I make that work with the IPv4 script?


```
firewall_enable="YES"
firewall_script="/etc/ipfw.sh"
```


----------

