Take note that iOS and Android dislike DHCPv6 Server, your phone wont received IPv6, it's advisable to use NDP instead

i tested with maxis fibre
ping on opnsense diagnostic ipv6 works but when check on ipv6 test site not working

Currently I'm using 6 lan ports i5-7200u mini pc which bought from taobao 2 years back, actually it's too powerfully for my needs, iperf test with IPS enabled getting max throughput around 940Mb and cpu max @60%. I'm getting a J4125 4 lan port mini pc now for another project from taobao also, it's cheaper but there is a risk if want to claim warranty, seems like it's impossible to send back the item for warranty claim.

where can i buy it? i am lazy to find a mini pc then have to buy another pcie network card for additional ports. prefer one come with the ready made additional ports

I use IPv6 to put some hexspeak:



[attachmentid=11036378]
[attachmentid=11036379]
[attachmentid=11036380]

My /64:


My Server Address: [2001:d08:e6:7a1b:dead:daff:feed:f00d]:8080

hm.....

i sorta get what ur saying, but trying to translate that to how to configure pfsense to work with tmnut unifi ipv6 is a separate matter xd whether i managed to configure as u mentioned.

i mostly use this as a clue by the ts
https://forum.lowyat.net/topic/5204701
as for the lan, all i could find was the dhcpv6 server RA, which i enabled.

Then i tested on mobile android, now ipv6 works whereas before it didn't.

I'm assuming this is the NDP you were talking about? cause thats the only option i could find in pfsense :{
from desktop, i get a 8/10 score here (the 2 parts it said had issue with was dns, and ICMP. for the dns portion, there is no dns hostname shown, not sure why  )

https://ipv6-test.com/
and a perfect score here

https://ipv6test.google.com/
https://test-ipv6.com/

my internet also suddenly didn't work.

equipment and wiring all ok. rebooted everything still didn't work. modem showed no issues connecting ppoe, but log shows there is authentication issue.

so the technician just connected the default router and logged in fine.

after re-adding the cable back to pfsense, wan could connect fine.
so firstly excuse the layman talk, but i suspect the issue has something to do with how pfsense is communicating to unifi to login for internet access which somehow got stuck which resulted in no internet. so when using the default unifi router equipment to login, this somehow unstucked the login, which would explain why reconnecting the ethernet back to the pfsense router why wan could work fine now (because the account connection to unifi was unstuck).

i don't know the technical explanation for this, but this is what i discovered.

Theory #1, could be that my ip4/ip6 pppoe settings is done incorrectly which is why it resulted in this odd behaviour resulting in internet authentication failure. or the #2nd theory, could be some sort of bad stuff with tmnut end which results in this odd issue. thats all i could deduce from this  but it's definitely not a hardware or wiring issue (in my case) cause i checked.
so no, i did not have to resort to resetting unifi password (fyi calling tmnut to reset the port didn't work, neither did restarting modem). just simply connecting to wan using the default unifi router, then replacing back the ethernet to the pfsense router (to connect to wan) seemed to fix the problem.
anyway i think u were spot on in regards to your comment
i'm not using opnsense, but my pfsense setting is roughly similar to yours    if u figure out if the setting was done incorrectly somehow (which is causing this weird account froze/stuck behaviour, assuming the issue is on the pfsense/opnsense router settings side), i would love to know 

but for now, my temporary solution is to have the default router on standby to temporary login to wan to unstuck, then switch back to pfsense, if i encounter this issue again (thkfully this doesn't seem to occur very often afaik), before i bother calling up tmnut to look into it 

i''m not sure but i think ur right. i've used pfsense for years using ipv4 only, no issue. only recently i added the ipv6 based on your guide, but then i run into this issue where the unifi pppoe login gets stuck.

so the technician explained was, the pfsense router gets stuck for some reason (he doesn't elaborate why). So his solution was, use the stock unifi router and don't use back pfsense, if get stuck will void warranty (though that makes no sense if u don't tamper with their own equipment when switching back).

But his point was, the pfsense gets stuck, i suspect like u its something to do with ipv6.

i noticed when setting up the original stock unifi router, he asked to reset password. i think he did that to unstuck it (also based on what i read online. though he did not want to admit he had to do that to unstuck it).

i tried asking them what “release HSI” is, he claimed he don't know    but i'll try that next time. did doing so fix your issue though?

is it possible to reset ur unifi password yourself? so don't have to call the technician over to do that? becauz seems like that would solve the issue if i encounter this next time 
so anyway, i switch pfsense back to an older config where i used ipv4 only (no ipv6). This old setup worked fine for many years, so hopefully i won't encounter this stuck pppoe issue (which resulted in unable to relogin to pppoe again)


hm i'm using the latest pfsense, no idea if that is the reason for the recent issues    the only setting changed recently was just adding ipv6 to get that working, which is why i suspect that was the culprit.
eh rely? i managed to get the stock tmnut router upon request the same day, didn't know this was hard to get    had to pay for it though cauz warranty for old one expired    i had an asus router i don't use but it's not using the stock firmware, so i could not use the unifi Isp requirements from the preselect list. So i'll have to reflash back to stock firmware, so i can use that as a backup for emergency to test the internet 

i use the regular pfsense 1 year + but only using ipv4 without issue. only recently when added ipv6 then i started having this freeze issue at least once a month or 2-3 month roughly, when before i never had this issue
o like this? well hopefully customer support will be enuff. i rather not call the technician over. is it true there is such warranty if u use ur own networking gear like router? technician claim should i decide to use my own router like the pfsense, if it resulted in tmnut account getting stuck/frozen again, then he claims warranty expire. But how does that work? it's not like i am flashing third party firmware onto the default tmnut router which i am not using. i keep the default router so i can use that to relogin because it should work, because by their logic, at that point i am using their own gear/setup so it should connect to the internet, so then they can't blame pfsense for why i cannot connect .

But he claims that for whatever reason, pfsense is causing the account login to get stuck (this part we can at least agree), there is no opinion why or any effort to troubleshoot this apparently (although i saw to fix this issue, he had to reset the tmnut password for isp    ) This part we disagree, because since the issue seems to be on their end why my isp relogin seems to get stuck for whatever reason, they can't just simply deny to solve this issue (i assume password reset or whatever it is like they did for u but didn't what exactly?) under the basis u decide to connect using pfsense that gets it stuck yet again, can they? 

i alrdy switch config to an old working one which only connects to ipv4 (but no ipv6), so hope i won't get this issue again, but i can't be completely certain until i've tested this for a while 
mine got lost ages ago. had to pay to get issued a new one 

technician saw my network rack, but don't know what a nas is.... (probly didn't even know what a server rack switch is either from the looks of it as well)    that's why hard to take seriously. i'm not a full fledged expert but even i know enuff    i also thought it was bs....

so if they refuse fix internet, can i refuse pay my bill? 

to uncomplicate during troubleshoot, i even just connect the modem to standard unifi router (this is very easy to do so wasn't a bother, just removed 2 ethernet cables and rewire accordingly), and hook direct to desktop pc, so can illustrate the networking in network rack has no relevance at that point, if the internet isn't functional.

the part i agreed with somewhat, was that perhaps something with the pfsense config was probly causing some issue during reconnect which made the unifi account frozen/stuck which results in unsuccessful login, even if u switch back to default tmnut router to do so.

but i never heard before u can void warranty using ur own gear?    (i never even said i was going to reflash their tmnut router. maybe he got confused?)

also tried to get me to rewire all the cabling to use default tmnut router fulltime right then and there, but i declined citing i will do later, but i later put back own my pfsense router after first using a working config i had no issue with for many years    internet confirmed working again no issue for now 

though i still haven't figured out why the isp relog is stuck/frozen 
but like u mentioned, seemed like they can fix on their end without sending anyone over. how come they don't train their technician to diagnose and troubleshoot this issue? save everyone time 

did u check out this thread?

https://forum.lowyat.net/topic/2978208/+1340
seems there rely might be something up with tmnuts ipv6 implementation 
anyway right now i'm using old pfsense config when i only had ipv4 only setup. so far haven't had any internet issue. but it's only been a month... so that hardly says much. i'll report back next year or if i have an issue occur for it before then.
https://forum.lowyat.net/index.php?showtopic=5285577&
but at some point not many years from now, we probly need this ipv6 sorted out    but for now using just only ipv4 seems to be ok.

i run speedtest i still max out on my subscribed speed. latency is roughly same so basically not rely much diff when using ipv6 afaik. also since i use vpns, it's even more of a reason not to use it.

There's 2 ways to solve this:

1* reduce IPv6 DHCP leasetime to say 3 mins or lower in your router(troublesome)

2* TM assign static-prefix(best option)

for pf news, there is this

https://www.youtube.com/watch?v=cDgF6UoyThQ
pfsense is adding features to their subscription pf plus release, while keeping the open source pfsense community version at a slower update track.

makes me wonder about if i should start moving to opnsense yet or not? but i'm not too familiar with it. is it better than pfsense? 

also recently pfsense added a tailscale package for pfsense which is nice. also it already has useful packages like pfblocker, and even suricata which i'm not sure opnsense has or not.

for ipv6 news in pfsense i'm not sure  but this is the changelog
https://docs.netgate.com/pfsense/en/latest/...ases/index.html

hi there.

still learning and trying to understand ipv6 in opnsense
what prefix delegation size to use by the way?

just to confirm, setting strictly to ipv4 only, and omitting the ipv6 settings, the connection remains stable and i don't experience any lock out/issue when reconnecting back to tmnut.

long term no good, since will need to figure out how to get ipv6 working in pfsense to work with tmnut without this issue 
so what is your situation like? did you figure out the working ipv6 settings for your opnsense? or do you still have this frozen internet and having to call up tmnut each time to unstuck it? 
or does anyone else who uses pfsense have a working setting for this?  :confused:

too risky. too troublesome if a problem occur 

at one point, i thought maybe it's due to me using vlan in my pfsense config (for guest wifi and iot). but based on your result doesn't seem to be that  so i could only narrow this down to something related to the ipv6 configuration on pfsense side, or something on isp side that doesn't play nicely with pfsense?

o well.. i'll visit back this thread in 1-2 years and hope someone has a solution by then    using ipv4 only reliably for now on latest community edition pfsense    i max out on the subscriber dl/ul speed, and latency is low for gaming, so not really much else to complain unless maybe if torrent peer strictly use ipv6 then doesn't that mean i cannot download from those users? other than that i don't think there is a big issue, until a few more years from now if they force everyone to use ipv6 eventually

too risky. too troublesome if a problem occur 

at one point, i thought maybe it's due to me using vlan in my pfsense config (for guest wifi and iot). but based on your result doesn't seem to be that  so i could only narrow this down to something related to the ipv6 configuration on pfsense side, or something on isp side that doesn't play nicely with pfsense?

o well.. i'll visit back this thread in 1-2 years and hope someone has a solution by then    using ipv4 only reliably for now on latest community edition pfsense    i max out on the subscriber dl/ul speed, and latency is low for gaming, so not really much else to complain unless maybe if torrent peer strictly use ipv6 then doesn't that mean i cannot download from those users? other than that i don't think there is a big issue, until a few more years from now if they force everyone to use ipv6 eventually