> Le 24 mai 2016 à 17:56, Doug Lytle a écrit :
>
>> Is the IPv4 requirement something thats planned to be removed in future
>> releases?
>>
>> I don't assume many people have adopted IPv6 yet.
>
> Ensuring stable, robust and complete IPv6 (+IPv4) support was and is
> the primary goal for 2.4
>
> IPv6-only was a non-goal so far, so nobody invested time into it yet -
> but of course, eventually nobody wants to bother with IPv4 anymore :-)
>
> Realistically, though, there's more pressing things to work on - like
> cipher negotiation (so you can upgrade encryption without having to
> roll out new configs to all your clients), actually *releasing* 2.4, etc.
You're going too far compared to what I asked: I'm not asking for IPv6 only
support.
It just is that I have a need to create an OpenVPN tunnel between two sites
only transporting IPv6 (I have an *other* tunnel using IPsec between these 2
sites for IPv4, but I'm fixing whatever bugs held me from successfully
tunneling IPv6 between those two sites through IPsec by adding another IPv6
only tunnel using OpenVPN.
For sure a world without IPv4 is not for tomorrow, I don't think this is a goal
in itself either.
Though, IPv6 is *very* important in significant portions of the world *today*
(and *yesterday* too).
Generally I have no real problems with pfSense with IPv6. The software is
excellent (and the labeled hardware too).
Except recently between an old 2.2.2 (which I can't upgrade to 2.2.6 or 2.3.x)
and a 2.3.x which gave me headaches trying to get IPv6 to get through IPsec. I
finally abandoned the idea of it between those two sites.
Oh side note: since initial post I *could* setup the IPv6-only site-to-site
tunnel. I just had to trick, giving OpenVPN an IPv4 tunnel subnet as it
insisted for, but did not declare any local or remote IPv4 subnets (to route
between sites). Works for me, both tunnels (IPsec IPv4 and OpenVPN IPv6) are
now happily living next to each other. That's a temporary solution for 1 to 3
months, then the old site with 2.2.2 will disappear. Of course the downside of
this trick is that my IPv6 traffic is so much slower through OpenVPN than
through IPsec. It is even asymmetric: A to B is 10 times faster (about 200
Mbps) than B to A (about 20 Mbps when sun shines, ~15 Mbps in other times)
through the OpenVPN tunnel. The IPv4 is much better served through the IPsec
tunnel (similar speeds both ways, and they're at about 500 Mbps, sometimes a
little bit higher. I know from a previous discussion here why this speed
difference between IPsec and OpenVPN.
Thanks !
--
Meilleures salutations, Met vriendelijke groeten, Best Regards,
Olivier Mascia, integral.be/om
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold