I’ve been delving into the world of IPv6 for no other reason than because I started down the rabbit hole out of curiosity and it keeps sucking me in. I’m starting to wrap my head around the basics although at this point I still haven’t managed to fully understand everything. That being so, a few questions:
When serving a LAN, with one broadcast domain, is having both a DHCPv6 Server and Router Advertisements (the radvd service) redundant? I suspect yes, but not really sure why. I do know enabling Router Advertisements, which means you are implementing SLACC, are needed if you have any Android devices to connect to the LAN (WiFi), because Android requires SLACC and will not work with DHCPv6.
For a router & firewall in my home (i.e., pfSense or OPNsense) used as a gateway to my ISP, I can’t tell exactly if DHCPv6 and SLACC, or both, are in use to get IPv6 info from my ISP. How, exactly, can I find this? In pfSense and OPNsense? I suspect both DHCPv6 and SLACC are enabled (in both pfSense and OPNsense, I’ve looked closely at both), and I think there’s a race which ever one, DHCPv6 or SLACC, gets the values first wins. I know packet capture is one way, I’m not familiar with it, and am hoping there’s something in existing logging files I can look for or search for.
No, from pfsense webui:
Select the Operating Mode for the Router Advertisement (RA) Daemon.
RADVD will not be enabled on this interface.
Will advertise this router.
Will advertise this router with Stateless Address Auto-Configuration (SLAAC).
Will advertise this router with all configuration through a DHCPv6 server.
Will advertise this router with configuration through a DHCPv6 server and/or SLAAC.
Will advertise this router with SLAAC and other configuration information available via DHCPv6.
And you actually need it because dhcpv6 doesnt provide any gateway (GW) , it is done via RA.
As for the ISP question that is one nasty can of worms. In my case for example the router gets a /62 prefix delegated but the ISP has no RA running so no GW…
I did the plunge back in March of this year with IPv6 once I was able to get multiple /64 addresses off my AT&T gateway to support my subnetting implementation. I have found “Assisted” is my best choice for my network due to the mix of IoT, Servers, and PC devices and how they work with IPv6. Some devices don’t have static capabilities for IP addresses in the IoT domain, so I use the DHCPv6 server to assign that address. Other devices only listen to the RA messages thus the SLAAC option for them.
Just remember you are doubling up on the work with supporting both IPv4 and IPv6. Debugging some things will be “FUN” but in my case I had been waiting way to long to wade into the IPv6 waters and the use of CGNAT for IPv4 used by ISPs pushed me over the edge when it came to inbound connections for some of the services I was hosting.
Since you cannot delegate prefixes using SLAAC, your ISP will most certainly use DHCPv6 to give you your WAN address and prefix. What is “enabled” on your end is decided by what you select under Interfaces → WAN → IPv6 Configuration Type. There can be some guess work involved with the delegated prefix size though if your ISP doesn’t tell you what it is.
Should it show up on the list? Like, are you describing a problem/bug or just an observation? If you feel this is a problem, check all of the device’s IP addresses using ifconfig / ipconfig and see if any of them are in the DHCPv6 range you specified. The DHCPv6-assigned address might simply not be used for outbound connections.
Did you set RA to managed Mode under Services>Router Advertisement for the interface?
No, it is set to Assisted.
Managed shows as “for Stateful DHCPv6 (M+O flags).” Here’s the confusion part, won’t that prevent SLAAC devices, Android phones etc, from ever getting IPv6 configuration? I think yes from past experimenting using other routers not pfSense/OPNsense.
Edit to add: Quick update, setting to Managed Mode causes the laptop (windows) I am writing this from to immediately lose all it’s routable IPv6 addresses. Changing back to Assisted causes routable IPv6 to immediately return (test-ipv6.com and ipconfig /allcompartments /all). This makes more confusion for me, especially about the immediate effect with which these changes happen.