I have 3 PVE systems, all now on 9.0.11 and I am looking to utilize the pfSense DHCPv6 setup that all my Windows machines are using, as well as my Home Assistant.
I have followed numerous 'partial' "do-this/do-that" type postings and it seems that I 'sort-of' have it working. My test PVE does pull the reserved IPv6 address I setup, after I set 'specific DUID in Proxmox'. It survives a reboot. I can ping6 both inside and outside my network. Have yet to get the VLAN stuff working as I like.
I am sure that I have things turned on should not be. I am looking to reload PVE from scratch and then setup (by a guide) to get it all working. I cannot remember everything I did, so do not ask... LOL I kept trying things to get it working.
What is working:
1) ping OUT -4 and -6 to the PVE host and machines on the same LAN segment.
2) ping OUT -4 and -6 to outside my home network (i.e. Google, etc.).
3) partial name resolution and reverse DNS (some machines I can ping the name and it resolves to IP - some do not)...same hold for the other way around (all of them work directly from pfSense)
4) creating a new LXC or VM will get an IPv6 address from pfSense as well - in the proper segment.
What is not working:
1) full name resolution for all machines both in and outside my home. CloudFlare is my DDNS and pfSense is my DNS/DHCP/DHCPv6 server
2) I am constantly getting errors such as this in the system.log of PVE 9.0.11 (there are hundreds of lines):
Nov 06 19:13:11 prox-media kernel: audit: type=1400 audit(1762474391.044:213): apparmor="DENIED" operation="create" class="net" info="failed protocol match" error=-13 profile="/{,usr/}sbin/dhclient" pid=1152 comm="dhclient" family="unix" sock_type="dgram" protocol=0 requested="create" denied="create" addr=none
Nov 06 19:13:11 prox-media kernel: audit: type=1400 audit(1762474391.044:214): apparmor="DENIED" operation="create" class="net" info="failed protocol match" error=-13 profile="/{,usr/}sbin/dhclient" pid=1152 comm="dhclient" family="unix" sock_type="dgram" protocol=0 requested="create" denied="create" addr=none
-- I followed the steps here: https://pve.proxmox.com/wiki/Upgrad...Audit_Messages_are_Enabled_During_the_Upgrade (and disabled the journaling)...did not survive a reboot.
3) I cannot ping but one computer on my 'lab' VLAN. There is a Windows 2019 domain controller over there - and I can ping it (both v4 and v6) but nothing else.
4) I cannot ping IN to the PVE Host "from anywhere" it does not respond to pings from anything but itself (from itself).
This is a broad idea I found in my 'googling' that I would like to achieve. As I am looking to do more with MATTER and THREAD and other media (Sonarr, stuff) - I really want IPv6 working.
I have followed numerous 'partial' "do-this/do-that" type postings and it seems that I 'sort-of' have it working. My test PVE does pull the reserved IPv6 address I setup, after I set 'specific DUID in Proxmox'. It survives a reboot. I can ping6 both inside and outside my network. Have yet to get the VLAN stuff working as I like.
I am sure that I have things turned on should not be. I am looking to reload PVE from scratch and then setup (by a guide) to get it all working. I cannot remember everything I did, so do not ask... LOL I kept trying things to get it working.
What is working:
1) ping OUT -4 and -6 to the PVE host and machines on the same LAN segment.
2) ping OUT -4 and -6 to outside my home network (i.e. Google, etc.).
3) partial name resolution and reverse DNS (some machines I can ping the name and it resolves to IP - some do not)...same hold for the other way around (all of them work directly from pfSense)
4) creating a new LXC or VM will get an IPv6 address from pfSense as well - in the proper segment.
What is not working:
1) full name resolution for all machines both in and outside my home. CloudFlare is my DDNS and pfSense is my DNS/DHCP/DHCPv6 server
2) I am constantly getting errors such as this in the system.log of PVE 9.0.11 (there are hundreds of lines):
Nov 06 19:13:11 prox-media kernel: audit: type=1400 audit(1762474391.044:213): apparmor="DENIED" operation="create" class="net" info="failed protocol match" error=-13 profile="/{,usr/}sbin/dhclient" pid=1152 comm="dhclient" family="unix" sock_type="dgram" protocol=0 requested="create" denied="create" addr=none
Nov 06 19:13:11 prox-media kernel: audit: type=1400 audit(1762474391.044:214): apparmor="DENIED" operation="create" class="net" info="failed protocol match" error=-13 profile="/{,usr/}sbin/dhclient" pid=1152 comm="dhclient" family="unix" sock_type="dgram" protocol=0 requested="create" denied="create" addr=none
-- I followed the steps here: https://pve.proxmox.com/wiki/Upgrad...Audit_Messages_are_Enabled_During_the_Upgrade (and disabled the journaling)...did not survive a reboot.
3) I cannot ping but one computer on my 'lab' VLAN. There is a Windows 2019 domain controller over there - and I can ping it (both v4 and v6) but nothing else.
4) I cannot ping IN to the PVE Host "from anywhere" it does not respond to pings from anything but itself (from itself).
This is a broad idea I found in my 'googling' that I would like to achieve. As I am looking to do more with MATTER and THREAD and other media (Sonarr, stuff) - I really want IPv6 working.
Last edited: