pfSense v2.4.3 as a CPE for 2Degeees/Snap broadband with static IPv4 and IPv6 with DHCP6C

This is a description of the broadband service which has been reverse engineered. It's all guesswork.

This has been done with a service that has a static IPv4 and a static IPv6 /56 prefix.

Service Description

Description of the 2DeegreesMobile/Snap UFB (ultrafast broadband) service:

The service is presented as a layer 2 ethernet (over copper), on port 1 of the ONT (Optical Network Terminator)

All traffic over VLAN 10 (QOS is ignored in this document)

PPPoE

Max Payload (MTU) is negiotiable - use 1508
PPP

Auth by PAP (LCP)

IPv6 is negiotiated (IPV6CP)

Link local addresses are negiotiated

IPv4 is negiotiated (IPCP)

IPv4 address/gateway is negiotated (static or dynamic)

DHCP6c

IPv6 DNS servers
IPv6 prefix delegation

Notes:

SLAAC is not supported.
IA-NA (stateful address - non-temporary address allocation is not supported).
2degrees/Snap run a Juniper network, with multiple BNG (Broadband Network Gateway) devices
IPv6 prefix delegation is valid for a day (86400 seconds)

pfSense

pfSense supports DHCP v6 as a client (with prefix delegation), but there are some limitations:

the basic (non-advanced) configuration only works if one or more interface is setup to gets it's IPv6 address via 'Track IPv6 Interface' option.
the advanced option only supports assigning an IPv6 address to a single interface (i.e. one prefix-interface statement) - use the configuration override
the advanced option only supports SLAAC/EUI-64 style addresses being assigned, which means static reverse DNS is problematic (note: the FreeBSD DHCP v6 client doesn't support the ifid parameter)

For static IPv6 prefix

Use the advanced DHCP6C option and discard the prefix. Add static addresses to the LAN interfaces and static alias to the WAN interface.

the generated configuration '/var/etc/dhcp6c_wan.conf' is:

interface pppoe0 {
        send ia-pd 0;
        request domain-name-servers;
        request domain-name;
        script "/var/etc/dhcp6c_wan_dhcp6withoutra_script.sh";
};
id-assoc pd 0 {
};

For dynamic prefix

Not tested.

Use the basic DHCP6C, which will assign the prefix to the WAN interface. Then use track-interface on the LAN interface(s).

The following options should be configured:

Options	Description
Use IPv4 connectivity as parent interface	This must be checked so that the DHCP request is make over the PPPoE interface, otherwise it will be sent over the VLAN interface which won't work
Request only an IPv6 prefix	The 2Degrees/Snap Juniper BNG won't provide an address, so don't bother asking for it
DHCP Prefix delegation size	This is fixed by the ISP as 56 (a /48 is not available)
Send IPv6 prefix hint	Leave unchecked - a /56 prefix will arrive regardless
Do not wait for a RA	The 2Degrees/Snap BNG won't send a RA (router advertisement), so check this so that the DHCP6C is started immediately

Appendices

dhcp6c log

Aug 19 09:58:30 marathon dhcp6c[83721]: Sending Request
Aug 19 09:58:30 marathon dhcp6c[83721]: a new XID (e57dc9) is generated
Aug 19 09:58:30 marathon dhcp6c[83721]: set client ID (len 14)
Aug 19 09:58:30 marathon dhcp6c[83721]: set server ID (len 26)
Aug 19 09:58:30 marathon dhcp6c[83721]: set elapsed time (len 2)
Aug 19 09:58:30 marathon dhcp6c[83721]: set option request (len 4)
Aug 19 09:58:30 marathon dhcp6c[83721]: set IA_PD prefix
Aug 19 09:58:30 marathon dhcp6c[83721]: set IA_PD
Aug 19 09:58:30 marathon dhcp6c[83721]: send request to ff02::1:2%pppoe0
Aug 19 09:58:30 marathon dhcp6c[83721]: reset a timer on pppoe0, state=REQUEST, timeo=0, retrans=909
Aug 19 09:58:30 marathon dhcp6c[83721]: receive reply from fe80::3e61:4ff:fe4d:be94%pppoe0 on pppoe0
Aug 19 09:58:30 marathon dhcp6c[83721]: get DHCP option client ID, len 14
Aug 19 09:58:30 marathon dhcp6c[83721]:   DUID: 00:01:00:01:1e:d7:8c:c8:00:0d:b9:33:06:f8
Aug 19 09:58:30 marathon dhcp6c[83721]: get DHCP option server ID, len 26
Aug 19 09:58:30 marathon dhcp6c[83721]:   DUID: 00:02:00:00:05:83:33:63:3a:36:31:3a:30:34:3a:34:64:3a:63:33:3a:63:30:00:00:00
Aug 19 09:58:30 marathon dhcp6c[83721]: get DHCP option IA_PD, len 41
Aug 19 09:58:30 marathon dhcp6c[83721]:   IA_PD: ID=0, T1=43200, T2=69120
Aug 19 09:58:30 marathon dhcp6c[83721]: get DHCP option IA_PD prefix, len 25
Aug 19 09:58:30 marathon dhcp6c[83721]:   IA_PD prefix: 2406:e001:1:2c00::/56 pltime=86400 vltime=86400
Aug 19 09:58:30 marathon dhcp6c[83721]: get DHCP option DNS, len 32
Aug 19 09:58:30 marathon dhcp6c[83721]: dhcp6c Received REQUEST
Aug 19 09:58:30 marathon dhcp6c[83721]: nameserver[0] 2406:e000::100
Aug 19 09:58:30 marathon dhcp6c[83721]: nameserver[1] 2406:e000::200
Aug 19 09:58:30 marathon dhcp6c[83721]: make an IA: PD-0
Aug 19 09:58:30 marathon dhcp6c[83721]: create a prefix 2406:e001:1:2c00::/56 pltime=86400, vltime=86400
Aug 19 09:58:30 marathon dhcp6c[83721]: add an address 2406:e001:1:2c80:20d:b9ff:fe33:6f8/63 on re0
Aug 19 09:58:30 marathon dhcp6c[83721]: executes /var/etc/dhcp6c_wan_dhcp6withoutra_script.sh
Aug 19 09:58:32 marathon dhcp6c: dhcp6c REQUEST on pppoe0 - running rc.newwanipv6
Aug 19 09:58:32 marathon dhcp6c[83721]: script "/var/etc/dhcp6c_wan_dhcp6withoutra_script.sh" terminated
Aug 19 09:58:32 marathon dhcp6c[83721]: removing an event on pppoe0, state=REQUEST
Aug 19 09:58:32 marathon dhcp6c[83721]: removing server (ID: 00:02:00:00:05:83:33:63:3a:36:31:3a:30:34:3a:34:64:3a:63:33:3a:63:30:00:00:00)
Aug 19 09:58:32 marathon dhcp6c[83721]: got an expected reply, sleeping.
Aug 19 21:58:30 marathon dhcp6c[83721]: IA timeout for PD-0, state=ACTIVE
Aug 19 21:58:30 marathon dhcp6c[83721]: reset a timer on pppoe0, state=RENEW, timeo=0, retrans=9118
Aug 19 21:58:30 marathon dhcp6c[83721]: Sending Renew
Aug 19 21:58:30 marathon dhcp6c[83721]: a new XID (4dbcd2) is generated
Aug 19 21:58:30 marathon dhcp6c[83721]: set client ID (len 14)
Aug 19 21:58:30 marathon dhcp6c[83721]: set server ID (len 26)
Aug 19 21:58:30 marathon dhcp6c[83721]: set elapsed time (len 2)
Aug 19 21:58:30 marathon dhcp6c[83721]: set option request (len 4)
Aug 19 21:58:30 marathon dhcp6c[83721]: set IA_PD prefix
Aug 19 21:58:30 marathon dhcp6c[83721]: set IA_PD
Aug 19 21:58:30 marathon dhcp6c[83721]: send renew to ff02::1:2%pppoe0
Aug 19 21:58:30 marathon dhcp6c[83721]: receive reply from fe80::3e61:4ff:fe4d:be94%pppoe0 on pppoe0
Aug 19 21:58:30 marathon dhcp6c[83721]: get DHCP option client ID, len 14
Aug 19 21:58:30 marathon dhcp6c[83721]:   DUID: 00:01:00:01:1e:d7:8c:c8:00:0d:b9:33:06:f8
Aug 19 21:58:30 marathon dhcp6c[83721]: get DHCP option server ID, len 26
Aug 19 21:58:30 marathon dhcp6c[83721]:   DUID: 00:02:00:00:05:83:33:63:3a:36:31:3a:30:34:3a:34:64:3a:63:33:3a:63:30:00:00:00
Aug 19 21:58:30 marathon dhcp6c[83721]: get DHCP option IA_PD, len 41
Aug 19 21:58:30 marathon dhcp6c[83721]:   IA_PD: ID=0, T1=43200, T2=69120
Aug 19 21:58:30 marathon dhcp6c[83721]: get DHCP option IA_PD prefix, len 25
Aug 19 21:58:30 marathon dhcp6c[83721]:   IA_PD prefix: 2406:e001:1:2c00::/56 pltime=86400 vltime=86400
Aug 19 21:58:30 marathon dhcp6c[83721]: get DHCP option DNS, len 32
Aug 19 21:58:30 marathon dhcp6c[83721]: dhcp6c Received INFO
Aug 19 21:58:30 marathon dhcp6c[83721]: nameserver[0] 2406:e000::100
Aug 19 21:58:30 marathon dhcp6c[83721]: nameserver[1] 2406:e000::200
Aug 19 21:58:30 marathon dhcp6c[83721]: update an IA: PD-0
Aug 19 21:58:30 marathon dhcp6c[83721]: update a prefix 2406:e001:1:2c00::/56 pltime=86400, vltime=86400
Aug 19 21:58:30 marathon dhcp6c[83721]: executes /var/etc/dhcp6c_wan_dhcp6withoutra_script.sh
Aug 19 21:58:30 marathon dhcp6c: dhcp6c renew, no change - bypassing update on pppoe0
Aug 19 21:58:30 marathon dhcp6c[83721]: script "/var/etc/dhcp6c_wan_dhcp6withoutra_script.sh" terminated
Aug 19 21:58:30 marathon dhcp6c[83721]: removing an event on pppoe0, state=RENEW
Aug 19 21:58:30 marathon dhcp6c[83721]: got an expected reply, sleeping.

ppp log

Aug 19 09:58:24 marathon ppp: [wan] Bundle: Interface ng0 created
Aug 19 09:58:24 marathon ppp: [wan_link0] Link: OPEN event
Aug 19 09:58:24 marathon ppp: [wan_link0] LCP: Open event
Aug 19 09:58:24 marathon ppp: [wan_link0] LCP: state change Initial --> Starting
Aug 19 09:58:24 marathon ppp: [wan_link0] LCP: LayerStart
Aug 19 09:58:24 marathon ppp: [wan_link0] PPPoE: Set PPP-Max-Payload to '1500'
Aug 19 09:58:24 marathon ppp: [wan_link0] PPPoE: Connecting to ''
Aug 19 09:58:24 marathon ppp: PPPoE: rec'd ACNAME "SNAP-08"
Aug 19 09:58:24 marathon ppp: [wan_link0] PPPoE: rec'd PPP-Max-Payload '1500'
Aug 19 09:58:24 marathon ppp: [wan_link0] PPPoE: connection successful
Aug 19 09:58:24 marathon ppp: [wan_link0] Link: UP event
Aug 19 09:58:24 marathon ppp: [wan_link0] LCP: Up event
Aug 19 09:58:24 marathon ppp: [wan_link0] LCP: state change Starting --> Req-Sent
Aug 19 09:58:24 marathon ppp: [wan_link0] LCP: SendConfigReq #1
Aug 19 09:58:24 marathon ppp: [wan_link0]   PROTOCOMP
Aug 19 09:58:24 marathon ppp: [wan_link0]   MRU 1500
Aug 19 09:58:24 marathon ppp: [wan_link0]   MAGICNUM 0xfbc73c94
Aug 19 09:58:24 marathon ppp: [wan_link0] LCP: rec'd Configure Request #174 (Req-Sent)
Aug 19 09:58:24 marathon ppp: [wan_link0]   AUTHPROTO PAP
Aug 19 09:58:24 marathon ppp: [wan_link0]   MAGICNUM 0x283b5bbb
Aug 19 09:58:24 marathon ppp: [wan_link0] LCP: SendConfigAck #174
Aug 19 09:58:24 marathon ppp: [wan_link0]   AUTHPROTO PAP
Aug 19 09:58:24 marathon ppp: [wan_link0]   MAGICNUM 0x283b5bbb
Aug 19 09:58:24 marathon ppp: [wan_link0] LCP: state change Req-Sent --> Ack-Sent
Aug 19 09:58:24 marathon ppp: [wan_link0] LCP: rec'd Configure Ack #1 (Ack-Sent)
Aug 19 09:58:24 marathon ppp: [wan_link0]   PROTOCOMP
Aug 19 09:58:24 marathon ppp: [wan_link0]   MRU 1500
Aug 19 09:58:24 marathon ppp: [wan_link0]   MAGICNUM 0xfbc73c94
Aug 19 09:58:24 marathon ppp: [wan_link0] LCP: state change Ack-Sent --> Opened
Aug 19 09:58:24 marathon ppp: [wan_link0] LCP: auth: peer wants PAP, I want nothing
Aug 19 09:58:24 marathon ppp: [wan_link0] PAP: using authname "user@snap.net.nz"
Aug 19 09:58:24 marathon ppp: [wan_link0] PAP: sending REQUEST #1 len: 42
Aug 19 09:58:24 marathon ppp: [wan_link0] LCP: LayerUp
Aug 19 09:58:24 marathon ppp: [wan_link0] PAP: rec'd ACK #1 len: 5
Aug 19 09:58:24 marathon ppp: [wan_link0] LCP: authorization successful
Aug 19 09:58:24 marathon ppp: [wan_link0] Link: Matched action 'bundle "wan" ""'
Aug 19 09:58:24 marathon ppp: [wan_link0] Link: Join bundle "wan"
Aug 19 09:58:24 marathon ppp: [wan] Bundle: Status update: up 1 link, total bandwidth 64000 bps
Aug 19 09:58:24 marathon ppp: [wan] IPCP: Open event
Aug 19 09:58:24 marathon ppp: [wan] IPCP: state change Initial --> Starting
Aug 19 09:58:24 marathon ppp: [wan] IPCP: LayerStart
Aug 19 09:58:24 marathon ppp: [wan] IPV6CP: Open event
Aug 19 09:58:24 marathon ppp: [wan] IPV6CP: state change Initial --> Starting
Aug 19 09:58:24 marathon ppp: [wan] IPV6CP: LayerStart
Aug 19 09:58:24 marathon ppp: [wan] IPCP: Up event
Aug 19 09:58:24 marathon ppp: [wan] IPCP: state change Starting --> Req-Sent
Aug 19 09:58:24 marathon ppp: [wan] IPCP: SendConfigReq #1
Aug 19 09:58:24 marathon ppp: [wan]   IPADDR 0.0.0.0
Aug 19 09:58:24 marathon ppp: [wan]   COMPPROTO VJCOMP, 16 comp. channels, no comp-cid
Aug 19 09:58:24 marathon ppp: [wan] IPV6CP: Up event
Aug 19 09:58:24 marathon ppp: [wan] IPV6CP: state change Starting --> Req-Sent
Aug 19 09:58:24 marathon ppp: [wan] IPV6CP: SendConfigReq #1
Aug 19 09:58:24 marathon ppp: [wan] IPCP: rec'd Configure Request #104 (Req-Sent)
Aug 19 09:58:24 marathon ppp: [wan]   IPADDR 111.69.1.254
Aug 19 09:58:24 marathon ppp: [wan]     111.69.1.254 is OK
Aug 19 09:58:24 marathon ppp: [wan] IPCP: SendConfigAck #104
Aug 19 09:58:24 marathon ppp: [wan]   IPADDR 111.69.1.254
Aug 19 09:58:24 marathon ppp: [wan] IPCP: state change Req-Sent --> Ack-Sent
Aug 19 09:58:24 marathon ppp: [wan] IPCP: rec'd Configure Reject #1 (Ack-Sent)
Aug 19 09:58:24 marathon ppp: [wan]   COMPPROTO VJCOMP, 16 comp. channels, no comp-cid
Aug 19 09:58:24 marathon ppp: [wan] IPCP: SendConfigReq #2
Aug 19 09:58:24 marathon ppp: [wan]   IPADDR 0.0.0.0
Aug 19 09:58:24 marathon ppp: [wan] IPV6CP: rec'd Configure Request #245 (Req-Sent)
Aug 19 09:58:24 marathon ppp: [wan] IPV6CP: SendConfigAck #245
Aug 19 09:58:24 marathon ppp: [wan] IPV6CP: state change Req-Sent --> Ack-Sent
Aug 19 09:58:24 marathon ppp: [wan] IPCP: rec'd Configure Nak #2 (Ack-Sent)
Aug 19 09:58:24 marathon ppp: [wan]   IPADDR 123.255.40.190
Aug 19 09:58:24 marathon ppp: [wan]     123.255.40.190 is OK
Aug 19 09:58:24 marathon ppp: [wan] IPCP: SendConfigReq #3
Aug 19 09:58:24 marathon ppp: [wan]   IPADDR 123.255.40.190
Aug 19 09:58:24 marathon ppp: [wan] IPCP: rec'd Configure Ack #3 (Ack-Sent)
Aug 19 09:58:24 marathon ppp: [wan]   IPADDR 123.255.40.190
Aug 19 09:58:24 marathon ppp: [wan] IPCP: state change Ack-Sent --> Opened
Aug 19 09:58:24 marathon ppp: [wan] IPCP: LayerUp
Aug 19 09:58:24 marathon ppp: [wan]   123.255.40.190 -> 111.69.1.254
Aug 19 09:58:24 marathon ppp: [wan] IFACE: Up event
Aug 19 09:58:24 marathon ppp: [wan] IFACE: Rename interface ng0 to pppoe0
Aug 19 09:58:24 marathon ppp: [wan] IPV6CP: rec'd Configure Ack #1 (Ack-Sent)
Aug 19 09:58:24 marathon ppp: [wan] IPV6CP: state change Ack-Sent --> Opened
Aug 19 09:58:24 marathon ppp: [wan] IPV6CP: LayerUp
Aug 19 09:58:24 marathon ppp: [wan]   020d:b9ff:fe33:06f8 -> 3e61:04ff:fe4d:be94

Sections

Personal tools