MCterra10/install_ndproxy.sh

thank you , i installed it but can't receive ipv6 in lan devices
in wan settings is set dhcpv6 and getting ipv6 2002:......
in lan settings i put track but nothing

thank you , i installed it but can't receive ipv6 in lan devices in wan settings is set dhcpv6 and getting ipv6 2002:...... in lan settings i put track but nothing

You need to put a manual static IP in the LAN interface... Track Interface only works with IPv6 DHCP-PD

ok i saw that i must edit rc.conf but in opnsense i am finding only /etc/rc.conf.local

Yes you edit the .local because it's for local administrator edits

ok i saw that i must edit rc.conf but in opnsense i am finding only /etc/rc.conf.local

sorry for the questions but i don't know how. I must put all the variables?
ndproxy_uplink_interface
ndproxy_downlink_mac_address
ndproxy_exception_ipv6_addresses
ndproxy_uplink_ipv6_addresses

net.inet6.ndproxycount this says through sysctl entry??? and how many ?

sorry for the questions but i don't know how. I must put all the variables? ndproxy_uplink_interface ndproxy_downlink_mac_address ndproxy_exception_ipv6_addresses ndproxy_uplink_ipv6_addresses

net.inet6.ndproxycount this says through sysctl entry??? and how many ?

yes they must go in rc.conf.local
you need to set them according to what's in the manual; run man ndproxy
you'll need to get your interface MAC, ISP router IPs, among other things

Hi @MCterra10 which mode are you using for the Router Advertisements? Also for the LAN interface, should I give a private range IP for it? Many thanks!

Hi @MCterra10 which mode are you using for the Router Advertisements? Also for the LAN interface, should I give a private range IP for it? Many thanks!

I am using unmanaged (SLAAC) mode with RDDNS enabled.
You don't need a private IPv6 range (ULA or otherwise) on the LAN interface, use the same range as for the WAN (i.e. if ??::1 is your WAN address then use say ??::2 for LAN. This is arbitrary, and you can use whatever you see fit).

To be clear, I have since stopped using ndproxy because it just has too many caveats, so I'm using prefix translation currently, although it requires a lot more configuration when adding new hosts, it's more reliable.

@MCterra10 I just set the LAN interface address to one of the /64 ranges and enabled DHCPv6, everything seems to be working now and I got 10/10 on test-ipv6.com. What kind of caveats do you recall? Thanks again for the help :)

Thank you!

EDIT: Seems to work only if your WAN IP is not changing.

I got it to work also with that.

My setup and config for someone else with same issue, but please note that I have no idea what I'm doing:
I use DNA 5G with ZTE MC7010 in bridge mode.

WAN:
IPv6 Configuration Type -> DHCPv6
Prefix delegation size -> 64
Request prefix only -> Unchecked
Send prefix hint -> Unchecked

LAN
IPv6 Configuration Type -> Static
IPv6 address -> Based on WAN IP for example WAN IP is A:B:C:D:E:F:G:H/64 I have -> A:B:C:D::1/64. No idea about that why I did that but I'm afraid to change.

RA LAN
Router Advertisements -> Assisted
Router Priority -> High
Advertise Default Gateway -> Check

ISC DHCPv6: [LAN]
Enable -> Check
Range -> A:B:C:D::100 - A:B:C:D::FFFF

My ndproxyconf:

net.inet6.ndproxyconf_uplink_interface: -> re0
net.inet6.ndproxyconf_downlink_mac_address: -> LAN MAC
net.inet6.ndproxyconf_exception_ipv6_addresses: -> LAN Local IPv6;WAN Local IPv6
net.inet6.ndproxyconf_uplink_ipv6_addresses: -> WAN Local IPv6;Gateway (WAN) local IPv6

Save.

Now when i refreshed my IP on windows PC I noticed it came up to WAN interface in ISC DHCPv6 Leases. But then I rebooted the opnsense and everything just started to work. And the same MAC came to LAN interface in same page.