home-server

pfSense 2.2.1 breaks TekSavvy IPv6 on the LAN

So I decided to update to pfSense 2.2.1 today because I had time. Turned out to be a good decision to wait on this upgrade for a time where I wasn’t in a rush – this release changed the way that pfSense handles IPv6 prefix delegation. Long story short, I lost all IPv6 access on LAN clients but had full IPv6 internet access on the WAN. After some searching, I found out that I wasn’t the only one with this issue: https://forum.pfsense.org/index.php?topic=90699.0

Apparently in this case, it’s not a bug, it’s a feature. This was apparently done on purpose according to this post in the pfSense redmine. PD is no longer being requested if you do not have tracking interfaces configured.

The “official” way to make IPv6 work now is apparently to set the LAN interface to Track Interface under Interfaces | LAN | IPv6 Configuration Type. The problem is that you can no longer configure DHCPv6 settings anymore. Apparently DHCPv6 is still enabled but the configuration options are not exposed in the GUI a the moment. It also broke some of my internal LAN due to the static IP address assignments no longer being valid. In the end, my connection was very flaky over IPv6. For some reason, clients were taking a very long time to get their IPv6 addresses (up to 5 minutes). Then some clients started randomly losing their IPv6 internet access again. This piled on top of all the ways this breaks the LAN configuration and internal DNS resolution settings already in place, I decided that configuring it this way is probably going to be unreliable and more trouble than it’s worth, at least with Teksavvy IPv6 addressed handed out via prefix delegation.

In the end, I configured Interfaces | WANv6 | DHCP6 client configuration like this and put everything else back how it was before and it works fine again:

pfsense-2.2.1-ipv6-configuration-teksavvy

Leave a Reply

Your email address will not be published. Required fields are marked *