Feature #14032
openNeighbor Discovery Proxy (NDproxy)
0%
Description
ISPs around the world are making effective use of IPv6.
DHCPv6-PD and others are already supported, but pfsense has no documentation on ndproxy.
The ndproxy package exists in FreebSD.
We strongly prefer that the ndproxy package be integrated into the pfsense plus package rather than having to manually install it in pfsense plus!
Updated by Jim Pingle over 1 year ago
- Project changed from pfSense Plus to pfSense Packages
- Subject changed from I would like to be able to use Neighbor Discovery Proxy (NDproxy) to Neighbor Discovery Proxy (NDproxy)
- Category changed from IPv6 Router Advertisements (RADVD) to New Package Request
- Release Notes deleted (
Default)
Updated by Yuki Hiramatsu over 1 year ago
Yuki Hiramatsu wrote:
ISPs around the world are making effective use of IPv6.
DHCPv6-PD and others are already supported, but pfsense has no documentation on ndproxy.The ndproxy package exists in FreebSD.
We strongly prefer that the ndproxy package be integrated into the pfsense plus package rather than having to manually install it in pfsense plus!
I know that a similar FR was opened long ago and you responded. (Feature# 7746)
There is now a ndproxy package in the FreeBSD repo.
Therefore, I would love to see it integrated into pfsense.
Updated by spoon spoon over 1 year ago
There is a growing need for this with more providers sticking us with /64. It's understandable that this wouldn't be wanted in all configurations since it goes against IPv6 practices, but we are left with no choice in some cases and it leads to hacky workarounds that are worse.
With the package now in FreeBSD I hope this request can be revisited.
Updated by Filippo Tessarotto over 1 year ago
NDProxy is the only way we have been able to get IPv6 working for our company network, and that have been possible only moving from pfSense to OpenWrt, which already supports this feature (see https://openwrt.org/docs/guide-user/network/ipv6/configuration#ipv6_relay).
We hope to see NDProxy coming to pfSense too in the near future, so we can get back to our most loved firewall.
Updated by Marcos M about 1 year ago
The port does not currently build on FreeBSD 14 according to:
https://gitlab.com/FreeBSD/freebsd-ports/-/commit/d7389449aa8031688c211004edf013573b2d16f7
That would need to be resolved first at least.
https://github.com/AlexandreFenyo/ndproxy
Updated by Firstname Surname 8 months ago
Bump! ndproxy has been patched and now builds on FreeBSD 14 - see commit history:
https://www.freshports.org/net/ndproxy
A binary package exists for 14 now, but as opposed to earlier versions where I happily used a FreeBSD 12 module for several years in pfSense up to 2.6.x, I can't load a prebuilt 14 module on 2.7. I'd have to build a specific kernel and compile it under that, and then keep doing it if pfsense kernel changes.
Having this package available would be a godsend for a huge number of users only having access to a single /64. VPS, ISPs, many others. With all the caveats ndproxy brings, it is really useful. It's currently preventing me from upgrading to 2.7 because my pfsense sits on a /64 and hands out VPN client addresses from the same /64. Others have other uses I'm sure...