I thought this was the most appropriate section since it is the complete opposite, it deals with the tunnel by omitting it--I hope my logic is OK.
I signed up for TunnelBroker a while back now, it's been doing OK for the most part, I've been learning new things on the way. I did already native IPv6 service on my internet links (I have three, four back when I signed up) though; IPv6 was rolled out nationwide many years earlier; what they didn't roll out was training for they employees of the ISP, it's ironic how a company on the bleeding edge technologically is so technologically-challenged. To sum up, they don't assign static IPv6 blocks, they don't even know what I'm talking about when every few months when I call to check, they usually start rambling on about static single IPv4 addresses right away without letting me finish or politely interrupt them which makes it kinda funny when they finally end their 5-minute speech I tell them that's not what I'm looking for.
From what I can gather on the modems' web portals--oh yeah, I have modems, the technology I use to connect is VDSL2, again irony effed me up as a few steps, literally in the next block from the one where I am, starts the zone with a fiber deployment from the same company; since of course ISP-provided hardware sucks, the devices are on bridge mode, pfSense is responsible for dialing the PPPoE lines and there I can see it apparently requests the IPv6 block via the IPv4 link, there's even a mention of a VLAN on WAN-side in the modems' admin portals, pfSense doesn't mention it. I'm assigned me a random /64 block per line. With twelve VLANs moreorless, a /64 block suffices if I use smaller blocks, however, Hurricane Electric was kind enough not only of assigning me another three /64 blocks but a /48 as well. I don't even know how to count to that number! And it's ASSIGNED, I don't have to guess and I can map the addresses directly without NAT and I know I can reach X device always at the same place.
The only downside about all this is that it's tunneled, probably using resources that someone else could make better use of and for sure putting on a damper on total network throughput, so that's when I come here; I tried earlier but it didn't let me post because my account was new, it's been about a year now, I hope I'm not just writing this and can't send it int he end :/. Is there any way to route these blocks to my network without using a tunneling interface? Should I select my own (HurricaneElectric) IPv6 address when I make the local PPPoE dial? In pfSense it connects when I select DHCP6 for the interface (after first getting the IPv4 up), so I guess it's some kind of internal DHCP server that's sent over a VLAN on the WAN side or some unencrypted, unauthenticated encapsulation. In the interface details, it appears that a link local IP address is used for the gateway but the assigned addresses on my WAN interfaces are indeed public addresses starting with 2801::, they correctly point there area where I am if i look for their geographocal location and the subnet part is identical on all of them, in fact at first sight it seems they all are the same address. I hope you can help me sort out these questions. Sometimes it's still feels kind of foreign how broadcast domains and subnets work in relation to one another.
Thanks!
You don't get to route our IP space over another provider's IPv6 service.
It has to route over the tunnel.
If for some reason they did, it would be hijacking our network allocations.
If your provider is giving you native IPv6, ideally you should be using it, since the tunnels are a stop-gap solution to providers that do NOT give IPv6 service themselves.