The pfSense page here does a good job of explaining what router advertisements are and some of the settings, but I had to play around to make it work. If you have a flat uncomplicated network at home, the defaults will probably work fine. Clients would pull IPv6 + the default route, but on sleep/resume and reboot, the default route would be removed and they’d effectively lose IPv6 connectivity. Everything else was working, though. Client to client IPv6 pings. Firewall to outside, and anything static worked. There are some settings in /var/etc/radvd.conf, but if you change any of them they just go back after the service restarts. After digging around on radvd, fiddling with settings, and looking at PCAP, I got it working.
PfSense is usually pretty good at making things extremely easy, but the DHCPv6 and RA sections don’t auto populate. For example, under your address pool range, it just has ::1000 – ::2000. It won’t save by default. And under RA, none of the timing intervals are filled out. Some say there are defaults, and others are just blank.
I started messing with timing intervals and priority, and this is what ended up working for me.
There are 6 modes for router advertisements.
Disabled – RADVD will not be enabled on this interface.
Router Only – Will advertise this router.
Unmanaged – Will advertise this router with stateless autoconfig.
Managed – Will advertise this router with all configuration through a DHCPv6 server.
Assisted – Will advertise this router with configuration through a DHCPv6 server and/or stateless autoconfig.
Stateless DHCP – Will advertise this router with stateless autoconfig and other configuration information available via DHCPv6.
I chose Stateless. I set lifetime intervals to default, and set minimum RA, max RA and router lifetime to 3, 30, and 9000. Then I put in my subnets in the subnet fields, and DNS servers in long IPv6 format. For whatever reason, pfsense doesn’t like shorthand IPv6 in these fields.
This is working for all devices. *nix, Windows, IOS, Droid, and Cisco.
0 Comments