[SOLVED] Proxmox, OPNsense and IPv6

B

BenjaMwaye

New Member
Sep 13, 2021
17
4
3
46
Good evening,

Unfortunately I can't get IPv6 to work over my OPNsense VM hosted in Proxmox v7.

My config:
  • Freebox pop (ISP box) in bridge mode
  • OPNsense VM on a Proxmox 7
  • 2.5 Gbps Eth NIC for WAN
  • Leap of 2 Eth 1Gb/s network cards for the LAN
  • Multi-Vlan on the LAN (LAN1, LAN2, LAN3...)
  • Everything works perfectly in IPv4
  • Need IPv6 for Freebox pop TV box on 3 LAN (Vlan)
  • Nexthop ok on the box / Static IPv6 on WAN and LAN
  • Publication of RA router in "router only" mode on WAN and "assisted" on LAN
  • Traffic allow rule created
My problem :
  • IPv6 communication does not go from LAN to WAN (no worries with IPv4)
  • IPv6 DNS resolution OK
  • From OPNsense (interface/diagnostics/ping):
    • in IPv6 and default source and/or WAN:
      • ping ok of the OPNsense IPv6 interfaces, the Freebox IPv6 (gateway) and the external IPv6 servers (like Google DNS or k6usy.net).
    • in IPv6 and LANx source
      • ping ok of OPNsense LANx/WAN IPv6 interfaces, IPv6 of my workstation on LANx.
      • no IPv6 ping from the Freebox (gateway) and external IPv6 servers (like DNS Google or k6usy.net).
  • From LANx in IPv6:
    • OPNsense LAN1 LAN2 and WAN interface ping ok.
    • no ping from the Freebox, nor anything outside.
  • From the Proxmox (on LAN):
    • ping ok from different OPNsense LANx legs
    • but no ping on the WAN leg, and even not on the gateway (router) and on the IPv6 websites
All seems to be good in OPNsense and it's look like it that Proxmox block/unmanage the IPv6 requests.
IPv6 in Proxmox must have specific configuration to be enable and workable?
I appreciate any help you can give me.

Thanks in advance.
Good for you,

Benjam
 
Hello,

That's it, I solved the problem and IPv6 works.
If so, I have 2 small remarks concerning your article which could be useful to others:
The rule to allow the traffic you are talking about is created automatically by OPNsense.
To make it work, I added NPTv6 rules (NAT IPv6) for each LAN that needs IPv6, with the prefixes of the LAN concerned and that of the WAN. I had read in various places that it's not normally useful in IPv6 but I didn't succeed in creating its NATv6 rules.

I still have a problem in the Proxmox because it's the only one machine where I can't ping IPv6 wan address.

So much for my contribution and my little problem following the IPv6 migration.

Have a good day.
Good for you,
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back