VyOs 1.4 rolling - Starlink IPV6 and Prefix delegation not assigning a prefix to the LAN interface

Hi all, new to the forum, first post, starting with a bang …
I have a dual WAN setup, one standard DSL and one Starlink service
IPV4 config, load balancing, nat, failover is working, now I am trying to set up IPV6 on the Starlink WAN and use prefix delegation to get part of my LAN on full IPV6

vyos@vyos:~$ sh ver

Version:          VyOS 1.4-rolling-202202040318
Release train:    sagitta

Built by:         autobuild@vyos.net
Built on:         Fri 04 Feb 2022 03:18 UTC
Build UUID:       3099ad05-9578-4068-9b1a-caaa8a859f09
Build commit ID:  1d455e14a17f96

Architecture:     x86_64
Boot via:         installed image
System type:      KVM guest

Hardware vendor:  QEMU
Hardware model:   Standard PC (i440FX + PIIX, 1996)
Hardware S/N:     
Hardware UUID:    b5a2c64e-0f65-4ce3-82eb-227e7bbdcd4e

Copyright:        VyOS maintainers and contributors

Running a rolling 1.4, The Starlink Dish is connected directly to one of the WAN ports (not using the Starlink router), I am able to get both an IPV4 IP and an IPV6 one:

vyos@vyos:~$ sh int
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface        IP Address                        S/L  Description
---------        ----------                        ---  -----------
eth0             172.30.2.1/24                     u/u  LAN
eth1             192.168.101.71/24                 u/u  TIM-TEST
eth2             xx.xx.xx.xx/10                   u/u  STARLINK
                 2a0d:3340:dish:dish:dish:dish:dish:b68f/64
                                                        
eth3             192.168.200.1/24                  u/u  STORAGE
eth4             172.30.3.1/24                     u/u  IOT
eth5             172.30.4.1/24                     u/u  GUEST
lo               127.0.0.1/8                       u/u  
                 ::1/128                                
pppoe0           xx.xx.xx.xx/32                   u/u  TIM-PPPOE
wg0              10.223.220.2/24                   u/u  VPN-to-OCI
vyos@vyos:~$ 
vyos@vyos:~$ ping www.google.com
PING www.google.com(fra16s53-in-x04.1e100.net (2a00:1450:4001:813::2004)) 56 data bytes
64 bytes from fra16s53-in-x04.1e100.net (2a00:1450:4001:813::2004): icmp_seq=1 ttl=122 time=31.6 ms
64 bytes from fra16s53-in-x04.1e100.net (2a00:1450:4001:813::2004): icmp_seq=2 ttl=122 time=29.9 ms
64 bytes from fra16s53-in-x04.1e100.net (2a00:1450:4001:813::2004): icmp_seq=3 ttl=122 time=31.0 ms
64 bytes from fra16s53-in-x04.1e100.net (2a00:1450:4001:813::2004): icmp_seq=4 ttl=122 time=29.0 ms
^C
--- www.google.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3005ms
rtt min/avg/max/mdev = 29.046/30.376/31.635/0.997 ms

Being on 1.4 I have tried to adapt existing documentation, most of it is specific to the EdgeRouter, but there are a lot of similarities, and there are a few posts on using IPV6 and Prefix delegation on the forums, but the syntax used is 1.3 and slightly different

I have tried to set up prefix delegation:

interfaces {
    ethernet eth0 {
        address 172.30.2.1/24
        description LAN
        firewall {
            in {
                name LAN_INBOUND_4
            }
            out {
                name LAN_OUTBOUND_4
            }
        }
        hw-id 00:a0:98:12:42:81
        ipv6 {
            address {
                autoconf
            }
        }
    }
    ethernet eth1 {
        address dhcp
        description TIM-TEST
        firewall {
            in {
                name OUTSIDE-IN
            }
            local {
                name OUTSIDE-LOCAL
            }
        }
        hw-id 00:a0:98:14:70:59
    }
    ethernet eth2 {
        address dhcp
        address dhcpv6
        description STARLINK
        dhcpv6-options {
            duid 00:44:cd:80:ee:e2:80:a4:d2:f8:c6:82:d4:b3:eb:91:b0:00
            pd 0 {
                interface eth0 {
                    address 1
                    sla-id 0
                }
                length 56
            }
            rapid-commit
        }
 firewall {
            in {
                ipv6-name WAN_INBOUND_6
                name OUTSIDE-IN
            }
            local {
                ipv6-name WAN_LOCAL_6
                name OUTSIDE-LOCAL
            }
        }
        hw-id 00:a0:98:61:b6:8f
        ipv6 {
            address {
                autoconf
            }
        }
    }

and router advertisement:

    router-advert {
        interface eth0 {
            default-lifetime 300
            default-preference high
            hop-limit 64
            interval {
                max 30
            }
            link-mtu 1500
            name-server 2001:4860:4860::8888
            name-server 2001:4860:4860::8844
            name-server 2606:4700:4700::1111
            name-server 2606:4700:4700::1001
            other-config-flag
            prefix ::/64 {
                preferred-lifetime 300
                valid-lifetime 900
            }
            reachable-time 900000
            retrans-timer 0
        }
    }

and have tried to fiddle (not really knowing what I am doing) with the prefix length and sla-ids, but I am struggling, as IPV6 is not officially supported, and it looks like in Europe they are providing a different set of prefixes, I am not even sure that in Europe IPV6 PD is a thing …
It is not super important to get it going, but it would be really cool if I was able to understand whether I am doing something silly, or the provider just isn’t there yet with the prefix delegation …
Any suggestion as to how to debug it further would be welcome, I have tried a tcpdump on the Starlink WAN side to capture the PD - dhcpv6 handshake but I am not versed enough on the subject to understand the data / the traffic I am seeing …

BTW, very nice product, and solid docs and framework for buidling a custom router/appliance

Hi @madmatt,

nice to see StarLink beeing tested with VyOS.
Your configuration looks fairly solid except you won‘t need the eth0 ipv6 address autoconf node.

You already said „playing with the length“ parameter - this must match to your ISP/StarLink. I habe seen 56, and 60 in the wild.

Maybe there is some on the Starlink forums?

The forums use a prefix length of 56, some get a 56, some a 64, it is not clear whether it is a regional thing or simply whether the service is under active development and things are changing on the Starlink side …I have tried with multiple prefix lengths, but the behaviour is the same, get a /64 on the wan, no prefix delegation… will drop the autoconf
Thanks

Any chance to test out any other device if PD is received and if it’s VyOS bug - or any chance to contact StarLink and ask for support?

Starlink does not offically support ipv6, so I am afraid no official response.
I have set up a pfsense deployment, using the latest 2.6.
Using what it looks like a similar config:
WAN requesting a 64 prefix,

image1175×500 31.8 KB

and selecting what PfSense calls interface tracking on LAN:

image1179×818 92.4 KB

I get a /56 assigned to the WAN interface and a /64 assigned to the LAN

vtnet0 is LAN, vtnet1 is WAN

vtnet0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
	options=800b8<VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,LINKSTATE>
	ether 00:a0:98:7a:74:c0
	inet6 fe80::2a0:98ff:fe7a:74c0%vtnet0 prefixlen 64 scopeid 0x1
	inet6 fe80::1:1%vtnet0 prefixlen 64 scopeid 0x1
	inet6 2a0d:3340:2e2a:dddd:dddd:dddd:fe7a:74c0 prefixlen 56
	inet 192.168.1.1 netmask 0xffffff00 broadcast 192.168.1.255
	media: Ethernet 10Gbase-T <full-duplex>
	status: active
	nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
vtnet1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
	description: WAN
	options=800b8<VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,LINKSTATE>
	ether 00:a0:98:15:0b:3b
	inet6 fe80::2a0:98ff:fe15:b3b%vtnet1 prefixlen 64 scopeid 0x2
	inet6 2a0d:3340:2e2b:dddd:dddd:dddd:fe15:b3b prefixlen 64 autoconf
	inet 100.66.172.250 netmask 0xffc00000 broadcast 100.127.255.255
	media: Ethernet 10Gbase-T <full-duplex>
	status: active
	nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>

the config file for dhccp6c:

[2.6.0-RELEASE][admin@pfSense.home.arpa]/root: cat /var/etc/dhcp6c_wan.conf
interface vtnet1 {
	send ia-na 0;	# request stateful address
	send ia-pd 0;	# request prefix delegation
	request domain-name-servers;
	request domain-name;
	script "/var/etc/dhcp6c_wan_dhcp6withoutra_script.sh"; # we'd like nameservers and RTSOLD to do all the work
};
id-assoc na 0 { };
id-assoc pd 0 {
	prefix-interface vtnet0 {
		sla-id 0;
		sla-len 0;
	};
}

the script that dhcp6c calls:

[2.6.0-RELEASE][admin@pfSense.home.arpa]/root: cat /var/etc/dhcp6c_wan_dhcp6withoutra_script.sh
#!/bin/sh
# This shell script launches rtsold.
dmips=${new_domain_name_servers}
dmnames=${new_domain_name}
dreason=${REASON}
echo $dmips > /tmp/vtnet1_domain_name_servers
echo $dmnames > /tmp/vtnet1_new_domain_name
echo $dreason > /tmp/vtnet1_reason
case $REASON in
REQUEST)
/bin/sleep 2
/usr/sbin/rtsold -1 -p /var/run/rtsold_vtnet1.pid -M /var/etc/rtsold_vtnet1_script.sh -O /var/etc/rtsold_vtnet1_script.sh vtnet1
;;
REBIND)
;;
RELEASE)
/usr/local/sbin/fcgicli -f /etc/rc.newwanipv6 -d "interface=vtnet1&dmnames=${dmnames}&dmips=${dmips}"
;;
RENEW|INFO)
esac
[2.6.0-RELEASE][admin@pfSense.home.arpa]/root: 

will switch back to vyos and see what is the difference with the generate dhcp6c config there …

Thanks for the suggestion … will keep digging …

This is what I get in vyos as dhcp6c conf:

root@vyos:/home/vyos# cat /run/dhcp6c/dhcp6c.eth2.conf
### Autogenerated by interface.py ###

# man https://www.unix.com/man-page/debian/5/dhcp6c.conf/
interface eth2 {
    send client-id 00:44:cd:80:ee:e2:80:a4:d2:f8:c6:82:d4:b3:eb:91:b0:00;
    request domain-name-servers;
    request domain-name;
    send ia-na 0; # non-temporary address
    send ia-pd 0; # prefix delegation #0
};

id-assoc na 0 {
    # Identity association for non temporary address
};

id-assoc pd 0 {
    prefix ::/56 infinity;
    prefix-interface eth0 {
        sla-len 8;
        sla-id 0;
        ifid 1;
    };
};

I have no idea what affects the sla-len parameter
I am running what I think is the equivalent of the rtsold call in freebsd:

vyos@vyos:~$ rdisc6 -q -m eth2
2a0d:3340:2e33:fe3b::/64

but still … no dice on the LAN interface …

Did some more debugging, it looks like I am not getting an answer back from the Starlink side when dhcp6c requests a prefix delegation …

 00:00:15.792829 IP6 (flowlabel 0x1192b, hlim 1, next-header UDP (17) payload length: 109) fe80::2a0:98ff:fe61:b68f.dhcpv6-client > ff02::1:2.dhcpv6-server: [bad udp cksum 0x4e96 -> 0x7bcf!] dhcp6 solicit (xid=66af99 (client-ID type 68) (IA_NA IAID:0 T1:0 T2:0) (elapsed-time 65535) (option-request DNS-server DNS-search-list) (IA_PD IAID:0 T1:0 T2:0 (IA_PD-prefix ::/56 pltime:4294967295 vltime:4294967295)))
 0

Feb 15 10:20:23 vyos dhcp6c[155617]: clear_poolconf: called
Feb 15 10:20:23 vyos dhcp6c[155621]: dhcp6_reset_timer: reset a timer on eth2, state=INIT, timeo=0, retrans=851
Feb 15 10:20:24 vyos dhcp6c[155621]: client6_send: a new XID (66af99) is generated
Feb 15 10:20:24 vyos dhcp6c[155621]: copy_option: set client ID (len 18)
Feb 15 10:20:24 vyos dhcp6c[155621]: copyout_option: set identity association
Feb 15 10:20:24 vyos dhcp6c[155621]: copy_option: set elapsed time (len 2)
Feb 15 10:20:24 vyos dhcp6c[155621]: copy_option: set option request (len 4)
Feb 15 10:20:24 vyos dhcp6c[155621]: copyout_option: set IA_PD prefix
Feb 15 10:20:24 vyos dhcp6c[155621]: copyout_option: set IA_PD
Feb 15 10:20:24 vyos dhcp6c[155621]: client6_send: transmit failed: Cannot assign requested address
Feb 15 10:20:24 vyos dhcp6c[155621]: dhcp6_reset_timer: reset a timer on eth2, state=SOLICIT, timeo=0, retrans=1096
Feb 15 10:20:25 vyos dhcp6c[155621]: copy_option: set client ID (len 18)
Feb 15 10:20:25 vyos dhcp6c[155621]: copyout_option: set identity association

I have normalized the PD and router advertisement options to the config generated in pfsense:

[2.6.0-RELEASE][admin@pfSense.home.arpa]/root: ifconfig -a
vtnet0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
	options=800b8<VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,LINKSTATE>
	ether 00:a0:98:7a:74:c0
	inet6 fe80::2a0:98ff:fe7a:74c0%vtnet0 prefixlen 64 scopeid 0x1
	inet6 fe80::1:1%vtnet0 prefixlen 64 scopeid 0x1
	inet6 2a0d:3340:2e2a:ss:ss:ss:74c0 prefixlen 56
	inet 192.168.1.1 netmask 0xffffff00 broadcast 192.168.1.255
	media: Ethernet 10Gbase-T <full-duplex>
	status: active
	nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
vtnet1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
	description: WAN
	options=800b8<VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,LINKSTATE>
	ether 00:a0:98:15:0b:3b
	inet6 fe80::2a0:98ff:fe15:b3b%vtnet1 prefixlen 64 scopeid 0x2
	inet6 2a0d:3340:ss:ss:ss:b3b prefixlen 64 autoconf
	inet 100.66.160.168 netmask 0xffc00000 broadcast 100.127.255.255
	media: Ethernet 10Gbase-T <full-duplex>
	status: active
	nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
enc0: flags=0<> metric 0 mtu 1536
	groups: enc
	nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
	options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
	inet6 ::1 prefixlen 128
	inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
	inet 127.0.0.1 netmask 0xff000000
	groups: lo
	nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
pflog0: flags=100<PROMISC> metric 0 mtu 33160
	groups: pflog
pfsync0: flags=0<> metric 0 mtu 1500
	groups: pfsync



[2.6.0-RELEASE][admin@pfSense.home.arpa]/root: cat /var/etc/radvd.conf
# Automatically Generated, do not edit
# Generated for DHCPv6 Server lan
interface vtnet0 {
	AdvSendAdvert on;
	MinRtrAdvInterval 200;
	MaxRtrAdvInterval 600;
	AdvDefaultLifetime 1800;
	AdvLinkMTU 1500;
	AdvDefaultPreference medium;
	AdvManagedFlag on;
	AdvOtherConfigFlag on;
	prefix 2a0d:3340:2e2a:100::/56 {
		DeprecatePrefix on;
		AdvOnLink on;
		AdvAutonomous on;
		AdvValidLifetime 86400;
		AdvPreferredLifetime 14400;
	};
	route ::/0 {
		AdvRoutePreference medium;
		RemoveRoute on;
	};
	RDNSS 2a0d:3340:2e2a:ss:ss:ss:74c0 {
		AdvRDNSSLifetime 1800;
	};
	DNSSL home.arpa  {
		AdvDNSSLLifetime 1800;
	};
};

[2.6.0-RELEASE][admin@pfSense.home.arpa]/root: cat /var/dhcpd/etc/dhcpdv6.conf

option domain-name "home.arpa";
option ldap-server code 95 = text;
option domain-search-list code 119 = text;

default-lease-time 7200;
max-lease-time 86400;
log-facility local7;
one-lease-per-client true;
deny duplicates;
ping-check true;
update-conflict-detection false;
authoritative;
subnet6 2a0d:3340:2e2a:100::/56 {
	range6 2a0d:3340:sss::ss ss:ss:ss:100::2000;
	do-forward-updates false;
	option dhcp6.name-servers 2a0d:3340:2e2a:ss:ss:ss:74c0;

}
ddns-update-style none;



ddns-update-style none;
[2.6.0-RELEASE][admin@pfSense.home.arpa]/root: cat /var/etc/dhcp6c_wan.conf
interface vtnet1 {
	send ia-na 0;	# request stateful address
	send ia-pd 0;	# request prefix delegation
	request domain-name-servers;
	request domain-name;
	script "/var/etc/dhcp6c_wan_dhcp6withoutra_script.sh"; # we'd like nameservers and RTSOLD to do all the work
};
id-assoc na 0 { };
id-assoc pd 0 {
	prefix-interface vtnet0 {
		sla-id 0;
		sla-len 0;
	};
};

Vyos:

set interfaces ethernet eth2 dhcpv6-options pd 0 interface eth0 sla-id '0'
set interfaces ethernet eth2 dhcpv6-options pd 0 length '56'
set service router-advert interface eth0 default-lifetime '1000'
set service router-advert interface eth0 default-preference 'medium'
set service router-advert interface eth0 dnssl 'home.arpa'
set service router-advert interface eth0 hop-limit '64'
set service router-advert interface eth0 interval max '600'
set service router-advert interface eth0 interval min '200'
set service router-advert interface eth0 link-mtu '1500'
set service router-advert interface eth0 managed-flag
set service router-advert interface eth0 name-server '2001:4860:4860::8888'
set service router-advert interface eth0 name-server '2001:4860:4860::8844'
set service router-advert interface eth0 other-config-flag
set service router-advert interface eth0 prefix ::/56 preferred-lifetime '14400'
set service router-advert interface eth0 prefix ::/64 preferred-lifetime '300'
set service router-advert interface eth0 prefix ::/64 valid-lifetime '900'
set service router-advert interface eth0 reachable-time '900000'
set service router-advert interface eth0 retrans-timer '0'
set service router-advert interface eth0 route ::/0 route-preference 'medium'

I am not sure what the option ‘Use IPv4 connectivity as parent interface’ on pfsense really means in terms of configuration changes, and I couldn’t find any explanation in the docs, other than

Use IPv4 Connectivity as Parent Interface
When set, the IPv6 DHCP request is sent using IPv4 on this interface, rather than using native IPv6. This is only required in special cases when the ISP requires this type of configuration.

that means very little to me in terms of what options are changed during the prefix delegation config …

OK, this is a tcpdump from the Vyos side

 00:00:08.587275 IP6 (hlim 1, next-header UDP (17) payload length: 109) fe80::2a0:98ff:fe61:b68f.dhcpv6-client > ff02::1:2.dhcpv6-server: [bad udp ckdhcp6 solicit (xid=664f31 (client-ID type 68) (IA_NA IAID:0 T1:0 T2:0) (elapsed-time 65535) (option-request DNS-server DNS-search-list) (IA_PD IAID:0 T1:0 T2:0 (IA_PD-prefix ::/56 pltime:4294967295 vltime:4294967295)))

and this is from the PFSense side, request packets look similar, in Vyos I do not get an answer back

 00:02:57.047691 IP6 (hlim 1, next-header UDP (17) payload length: 76) fe80::2a0:98ff:fe15:b3b.dhcpv6-client > ff02::1:2.dhcpv6-server: [udp sum ok] dhcp6 solicit (xid=9c26ab (client-ID hwaddr/time type 1 time 698183185 00a0987a74c0) (IA_NA IAID:0 T1:0 T2:0) (elapsed-time 0) (option-request DNS-server DNS-search-list) (IA_PD IAID:0 T1:0 T2:0))
 00:00:00.031373 IP6 (hlim 255, next-header UDP (17) payload length: 151) fe80::1.dhcpv6-server > fe80::2a0:98ff:fe15:b3b.dhcpv6-client: [udp sum ok] dhcp6 advertise (xid=9c26ab (client-ID hwaddr/time type 1 time 698183185 00a0987a74c0) (server-ID hwaddr/time type 1 time 698273327 020200000001) (DNS-server dns.google dns.google) (IA_PD IAID:0 T1:0 T2:0 (IA_PD-prefix customer.mc.starlinkisp.net/56 pltime:150 vltime:300)) (IA_NA IAID:0 T1:0 T2:0 (status-code NoAddrsAvail)))

The two routers are set up the same way network wise, the difference is Pfsense has only two interfaces, no wan load balance and a lot less routing going on, will try to replicate that with vyos as next step to rule out other variables.
On the Vyos side I have the usual IPV6 firewall rules set up. but even without any rule the behaviour is the same …

I am running the routers on Truenas SCale/KVM, interfaces are VLANs assigned over a Bond in KVM, and then passed through using virtio
I can see the IPV6 traffic (or lack thereof) on the KVM host as well in both cases, on the proper VLAN

aaand I’ve got it

there were two settings, caused by me fiddling/not understanding IPV6/copy and pasting from the only document I could find related to configure prefix delegation on vyos (http://soucy.org/vyos/DHCPv6-PD_on_VyOS.pdf) that were causing the Starlink side to just ignore my dhcp requests, namely:

set service router-advert interface eth0 prefix ::/56

I just removed it, and I also removed

set interfaces ethernet eth2 dhcpv6-options duid '00:44:cd:80:ee:e2:80:a4:d2:f8:c6:82:d4:b3:eb:91:b0:00'

For good measure, and to match the pfSense dhcpv6c config I also removed

set interfaces ethernet eth2 dhcpv6-options pd 0 length '56'

This yields this much simpler config:

interfaces {
    ethernet eth0 {
        address 172.30.2.1/24
        description LAN
        firewall {
            in {
                name LAN_INBOUND_4
            }
            out {
                name LAN_OUTBOUND_4
            }
        }
        hw-id 00:a0:98:12:42:81
        ipv6 {
            address {
                autoconf
            }
        }
    }
    ethernet eth1 {
        address dhcp
        description TIM-TEST
        firewall {
            in {
                name OUTSIDE-IN
            }
            local {
                name OUTSIDE-LOCAL
            }
        }
        hw-id 00:a0:98:14:70:59
    }
    ethernet eth2 {
        address dhcp
        address dhcpv6
        description STARLINK
        dhcpv6-options {
            pd 0 {
                interface eth0 {
                    sla-id 0
                }
            }
        }
        firewall {
            in {
                ipv6-name WAN_INBOUND_6
                name OUTSIDE-IN
            }
            local {
                ipv6-name WAN_LOCAL_6
                name OUTSIDE-LOCAL
            }
        }
        hw-id 00:a0:98:61:b6:8f
        ipv6 {
            address {
                autoconf
            }
        }
    }

and

    router-advert {
        interface eth0 {
            default-lifetime 1000
            default-preference medium
            dnssl home.arpa
            hop-limit 64
            interval {
                max 600
                min 200
            }
            link-mtu 1500
            managed-flag
            name-server 2001:4860:4860::8888
            name-server 2001:4860:4860::8844
            other-config-flag
            prefix ::/64 {
                preferred-lifetime 300
                valid-lifetime 900
            }
            reachable-time 900000
            retrans-timer 0
            route ::/0 {
                route-preference medium
            }
        }

with these configs, I get an IPV6 address on the LAN interface:

vyos@vyos:~$ sh int
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface        IP Address                        S/L  Description
---------        ----------                        ---  -----------
eth0             172.30.2.1/24                     u/u  LAN
                 2a0d:3340:2e32:dddd:dddd:dddd:dddd:4281/56

eth1             192.168.101.188/24                u/u  TIM-TEST
eth2             100.67.47.14/10                   u/u  STARLINK
                 2a0d:3340:2e33:dddd:dddd:dddd:dddd:b68f/64

eth3             192.168.200.1/24                  u/u  STORAGE
eth4             172.30.3.1/24                     u/u  IOT
eth5             172.30.4.1/24                     u/u  GUEST
lo               127.0.0.1/8                       u/u
                 ::1/128
wg0              10.223.220.2/24                   u/u  VPN-to-OCI

Tomorrow I’ll try and test whether I can get on IPV6 my lan, and will monitor what happens with the routed /56 prefix to see whether it sticks between interface resets

This was indeed needed to get clients on the LAN to receive a proper IPV6 address using prefix delegation and router advertisement.
I am now online with IPV6

Screenshot 2022-02-16 at 07.58.131223×715 81.1 KB

Unrelated to IPv6, but still cool, getting pretty good performance from a satellite link

Screenshot 2022-02-15 at 13.36.171566×761 227 KB

Hi all,
for closure, I have created a Wiki Howto with a stripped down config for public consumption:

cool !! maybe we can add this lab our documentation @robort @syncer

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.