How to configure IPV6 on FreeBSD 12

Sun Dec 30 17:09:26 UTC 2018

On 12/29/2018 11:54 AM, Bill Crowell, N4HPG wrote:
> I found my system at various stages of updates within the 11 release series and tidied it up to v12 as it became an official release.
> 
> I use FreeBSD on a Zotac mini PC as a firewall, router, caching DNS server and for other things.
> 
> It has 2 nics - one public and the other on my LAN. It does NAT for IPv4 and I’m using the PF firewall with great results.
> 
> What I am NOT able to make work is IPV6. My ISP is Comcast and they support full IPv6 over DHCP and this worked on BSD 8 and 9 using the instructions here:
> [snip]
> 
> So, what should I be using?

While I'm currently using OpenBSD for my firewall, in the past I have
used FreeBSD for the task and it worked well.  Comcast is my ISP, I've
found their IPv6 implementation to be quite good.  I was able to have a
/60 IPv6 prefix delegated to me.  Comcast, by default, provides a /128
IPv6 address and a /64 prefix delegation.  You can change the length of
the prefix delegation via dhclient parameters when you ask for the prefix.

First things first...

In order to get the IPv6 prefix delegation:  (check man pages for the
details and precise syntax of the following)

- you need to assure that your WAN interface accepts IPv6 rtadv ( add
"inet6 accept_rtadv" to the WAN interface in rc.conf )

- you need a working dhcp6 client.  I use the ISC dhclient.  The one in
packages works well for me.  One of the command line parameters
specifies the length of the prefix to be delegated.
https://www.freshports.org/net/isc-dhcp44-client/

At this point you should have the IPv6 addresses and a prefix.  I use
the entr package to watch the dhcp6 lease file and then run a script as
needed to adjust the IPv6 addresses assigned to the interfaces.   You'll
probably do it in a different way.

I also use rtadvd to distribute addresses on my home network.  The
syntax for rtadvd is bizarre (and I'm being kind).

The OpenBSD project just rewrote rtadvd as the rad (router advertisement
daemon) and its syntax is much, much better.  Hopefully at some point it
will be ported to FreeBSD.

Anyway, when I used FreeBSD, here is the rtadvd .conf I used.
(addresses have been modified to protect the innocent)

The fdcf... address is local to my home network.
The 2601:0186:1234:... address was assigned via a prefix obtains from
Comcast via dhcp.

=====================================

default:                              \
        :vltime#259200:pltime#82400:

igb1:\
        :maxinterval#45:                                \
        :addrs#2:                                       \
        :addr0="fdcf:1234:2f4d:1::":prefixlen0#64:      \
        :addr1="2601:0186:1234:479::":prefixlen1#64:    \
        :rdnss="fdcf:1234:2f4d:1::1":

igb2:\
        :maxinterval#60:                                \
        :addr="2601:0186:1234:47a::":prefixlen#64:      \
        :rdnss="2001:558:feed::1":

======================================

That gives my to subnets, with the one on the igb2 interface using
Comcast's DNS.

I hope this gives you a starting point...