Despite Online.net supporting FreeBSD, they provide documentation for IPv6 on it. In this post I show how I managed to add IPv6 to my Dedibox.

Despite Online.net supporting FreeBSD, they don’t mention it at all in their IPv6 wiki page.

After a bit of research, I found two posts about that.

The first one uses WIDE DHCPv6 (also known as KAME DHCPv6, dhcp6c or dhcp6.

Since this is the only functioning tutorial I found, I will write here the steps I did to get IPv6:

  1. Enable IPv6 on the console and get your DUID.
  2. Enable IPv6 on the NIC:
ifconfig igb0 inet6 -ifdisabled accept_rtadv up
  1. Transform the DUID into a binary file (needed for dhcp6c):
echo <DUID> | awk '{ gsub(":"," "); printf "0: 0a 00 %s\n", $0 }' | xxd -r > /var/db/dhcp6c_duid
  1. Add this in /usr/local/etc/dhcp6c.conf:
id-assoc pd {
        prefix-interface igb0 {
        };
};

id-assoc na {
};

interface igb0 {
    send ia-pd 0;
    send ia-na 0;
};
  1. Now run dhpc6c manually or start the service:
dhcp6c -Df -c /usr/local/etc/dhcp6c.conf em0

# or

service dhcp6c restart
  1. You should have your public IPv6 /128 now (2001:bc8:...).
ifconfig igb0
root@fdb:~ # ping6 -c 3 angristan.xyz
PING6(56=40+8+8 bytes) 2001:bc8:xxx::1 --> 2a01:4f8:1c1c:2cc3::bad:c0de
16 bytes from 2a01:4f8:1c1c:2cc3::bad:c0de, icmp_seq=0 hlim=55 time=21.645 ms
16 bytes from 2a01:4f8:1c1c:2cc3::bad:c0de, icmp_seq=1 hlim=55 time=22.948 ms
16 bytes from 2a01:4f8:1c1c:2cc3::bad:c0de, icmp_seq=2 hlim=55 time=21.708 ms

--- angristan.xyz ping6 statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 21.645/22.100/22.948/0.600 ms
  1. Automate all of this at boot time by adding this to /etc/rc.conf:
ifconfig_igb0_ipv6="inet6 -ifdisabled accept_rtadv up"
dhcp6c_enable="YES"
dhcp6c_interfaces="igb0"
rtsold_enable="YES"

Done!

The second blog post I found raises an issue about dhcp6c which can flood the DHCP server. This can cause your server to be suspended by Online.net, that’s why on Linux they give some iptables rules to rate-limit the client:

ip6tables -A OUTPUT -p udp --dport 547 -m limit --limit 10/min --limit-burst 5 -j ACCEPT
ip6tables -A OUTPUT -p udp --dport 547 -j DROP

However this seems not (easily?) doable on FreeBSD, so the person writing the last blog post decided to use the ISC DHCP client. Sadly they don’t provide all the instructions so I have not been able to make it work, and I am not confident enough about my IPv6 networking skills to search by myself.

So far I did not have any issue with dhcp6c, but I thought it would be a great idea to make a post to summarise my findings.