pfSense and disapling prefix delegation for LAN side
-
Good morning, forum
I have a rather odd setup, in which I need to configure strictly controllable IPv6 scheme on the LAN side of pfSense. There is no IPv6 on WAN side, I tunnel IPv6 over WireGuard to the far end with the same setup, creating essentially for now two isolated IPv6 enabled LAN segments.
I added my static IPv6 addresses on LAN subinterface, which seems to be straightforward enough
The other side of my setup uses VLAN 151 (just for sake of forcing routing)
Now, within each LAN segment, I want to control address allocation to individual hosts and be able to track them for security reasons, similar to what would be done on DHCPv4. Down the road, I will want to disable SLAAC altogether. In this setup, I do not need prefix delegation at all
but there does not seem to be a way to bypass or not fill it in. The form checker seems to enforce the PD population unconditionally. Is there a way to disable PD altogether on the LAN side when and if PD is not to be used at all? This is always an option on bigger systems, where PD is just an option to be enabled (or not), depending on the use case. In pfSense, it seems to be required under the assumption that LAN prefixes are always derived from the ISP-assigned larger prefix.
Thank you!