No reaction so far, just bumping this topic back to the first page in the hope an IPv6 expert sees it. _________________ Netgear WNDR4300v1 DD-WRT v3.0 BS r29837 | Netgear R6400 DD-WRT v3.0 KB r33525M | Tickets: 5429 IPv4 & IPv6-PD | ProFTP & Samba to USB thumb | DNSMasq DHCPv6 | Pi-Hole on RasPi
Okay, interesting. I will have a look if it combines with my DNSMasq settings, or if I have to skip DHCP trough DNSMasq.
Do you have an idea where the pd 1 refers to in: 'id-assoc pd 1 {' ? _________________ Netgear WNDR4300v1 DD-WRT v3.0 BS r29837 | Netgear R6400 DD-WRT v3.0 KB r33525M | Tickets: 5429 IPv4 & IPv6-PD | ProFTP & Samba to USB thumb | DNSMasq DHCPv6 | Pi-Hole on RasPi
No problem, and thanks for responding. I will keep your contact suggestion in mind.
To answer your question, I unfortunately did not got it to work and stopped trying because:
- I think there might be a bug in DD-WRT IPv6*;
- I was running in circles
While trying to create some ip6tables rules to contact my FTP server, I bumped into this:
Code:
2001:aaaa:bbbb:cccc::/64 dev vlan2 proto kernel metric 256 expires 57598sec
2001:aaaa:bbbb:cccc::/59 dev br0 proto kernel metric 256
However, if you have a suggestion how to get IPv6 up and running on my br1, I am very interested! _________________ Netgear WNDR4300v1 DD-WRT v3.0 BS r29837 | Netgear R6400 DD-WRT v3.0 KB r33525M | Tickets: 5429 IPv4 & IPv6-PD | ProFTP & Samba to USB thumb | DNSMasq DHCPv6 | Pi-Hole on RasPi
Joined: 13 Mar 2014 Posts: 856 Location: Montreal, QC
Posted: Mon Apr 04, 2016 19:27 Post subject:
FWIW I have no reason to believe you are experiencing a bug in ddwrt and a ticket seems premature as everything points a config error. Browsing through your comments I see no reason why you shouldn't be able to get it working as desired. I suggest you break down your problem into 3 configuration steps where you resolve each one completely before moving on to the next one.
1. Address assignment from ISP to router interfaces (dhcpv6-pd)
As Per Yngve Berg has pointed out, dhcp6c needs to be properly configured where you request a prefix greater than /64 and then split it up between the interfaces.
You've referred to a /59 having been assigned to your router, while unusual that prefix size is not impossible. You should be aware that an ISP is not required to honor prefix size requests. Ex. dhcp6c is configured to request a /56 but your ISP turns around and assigns /59. In these cases your likely to see unexpected results.
Out of curiosity what dhcp6c config were you using when the /59 was assigned?
In any event to properly configure dhcp6c you need to determine what prefix sizes are supported by your ISP. Generally that information is easily available by asking your ISP or reading their user forums.
If you're unable to get that information the next step would be to configure dhcp6c to request a larger prefix such as a /48, reboot, then restart dhcp6c in debug mode which will log everything from dhcpv6 solicit through confirmation to the syslog (syslog must be enabled).
FWIW I have no reason to believe you are experiencing a bug in ddwrt and a ticket seems premature as everything points a config error. Browsing through your comments I see no reason why you shouldn't be able to get it working as desired. I suggest you break down your problem into 3 configuration steps where you resolve each one completely before moving on to the next one.
That's best practise indeed. Since BR0 seemed to work fine, I wanted to open a port to me NAS and bumped on an issue. Digging in to it, I noticed the prefix part and since I did not configure anything, I tought to bump into a bug.
Quote:
1. Address assignment from ISP to router interfaces (dhcpv6-pd)
As Per Yngve Berg has pointed out, dhcp6c needs to be properly configured where you request a prefix greater than /64 and then split it up between the interfaces.
Since I disabled 'Dhcp6c custom', 'Dhcp6s' and 'Radvd' and serve local IP addresses via DNSMasq DHCPv6, I never took a look at dhcp6c.
Because there is an ISP router that also takes a small part of the IPv6 addresses, I guess it is best to not delegate the whole /56 block, but perhaps a /60 (where I now configured a delegatetion of /64 by the way).
I guess after I change the delegated prefix to 60 in the GUI, I should past the code below in my DHCP6c custom config:
You've referred to a /59 having been assigned to your router, while unusual that prefix size is not impossible. You should be aware that an ISP is not required to honor prefix size requests. Ex. dhcp6c is configured to request a /56 but your ISP turns around and assigns /59. In these cases your likely to see unexpected results.
Out of curiosity what dhcp6c config were you using when the /59 was assigned?
That whould be a mistake. I have a /56 from my ISP and set dhcpv6-pd at the DDWRT with /64 (and like said above, will set it to /60)
When I entered 'ip -6 route' at the SSH Console, I however noticed the strange "split" with a /59 as shown below:
Code:
2001:aaaa:bbbb:cccc::/64 dev vlan2 proto kernel metric 256 expires 57598sec
2001:aaaa:bbbb:cccc::/59 dev br0 proto kernel metric 256
I did not configured /59 anywhere myself, so I concluded it had to be a bug.
Quote:
In any event to properly configure dhcp6c you need to determine what prefix sizes are supported by your ISP. Generally that information is easily available by asking your ISP or reading their user forums.
If you're unable to get that information the next step would be to configure dhcp6c to request a larger prefix such as a /48, reboot, then restart dhcp6c in debug mode which will log everything from dhcpv6 solicit through confirmation to the syslog (syslog must be enabled).
It is displayed on my ISP router, so I am certain that it is a /56, but it is always good to know the steps above.
Quote:
2. Address assignment from router to clients (dnsmasq)
3. Firewall rules permitting remote access to local hosts
I will give it a go this evening (GMT+2) and report back at here. _________________ Netgear WNDR4300v1 DD-WRT v3.0 BS r29837 | Netgear R6400 DD-WRT v3.0 KB r33525M | Tickets: 5429 IPv4 & IPv6-PD | ProFTP & Samba to USB thumb | DNSMasq DHCPv6 | Pi-Hole on RasPi
Since I found a minute, I configured it as planned (/60), but somehow did not receive an IPv6 address at the WAN-Interface.
So I've put it back to: DHCP-PD -> Prefix Length /64
Set DHCP6c Custom to:
The result was that no IPv6 address was set on the WAN-Interface.
After disabling DHCP6c Custom, the IPv6 address was again. _________________ Netgear WNDR4300v1 DD-WRT v3.0 BS r29837 | Netgear R6400 DD-WRT v3.0 KB r33525M | Tickets: 5429 IPv4 & IPv6-PD | ProFTP & Samba to USB thumb | DNSMasq DHCPv6 | Pi-Hole on RasPi
2001:xxxx:yyyy:zzzz::/64 dev vlan2 proto kernel metric 256 expires 57581sec
2001:xxxx:yyyy:zzzz::/63 dev br0 proto kernel metric 256
2001:xxxx:yyyy:zzzz::/63 dev br1 proto kernel metric 256
The ip address result on:
wan: 2001:xxxx:yyyy:zzz0:200:ff:fe00:0
br0: 2001:xxxx:yyyy:zzz0:8ddd:481d:e5af:b80b
br1: 2001:xxxx:yyyy:zzz1:8ddd:481d:e5af:b80b
Is this all as expected? _________________ Netgear WNDR4300v1 DD-WRT v3.0 BS r29837 | Netgear R6400 DD-WRT v3.0 KB r33525M | Tickets: 5429 IPv4 & IPv6-PD | ProFTP & Samba to USB thumb | DNSMasq DHCPv6 | Pi-Hole on RasPi
Joined: 13 Mar 2014 Posts: 856 Location: Montreal, QC
Posted: Tue Apr 05, 2016 18:28 Post subject:
All 3 of your above examples are off. If you only request a /64 then you shouldn't be trying to subnet that allocation to 2 interfaces as each subnet should be a separate /64
**** Note if your wan interface is not vlan2 then you need to change it to whatever it actually is
The ia-pd parts refer to the dhcpv6-pd prefix request for the lan interfaces and the ia-na requests a dhcpv6 address for the WAN
As Per Yngve Berg's mentioned the sla-len should be 64 - requested prefix size. So 64 - 60 = 4
Now if you requested a /56 then sla-len would be 8 for each interface.
When requesting a single /64 sla-len = 0
You can try the above but at this point we are guessing that your isp supports /60
if /60 does not work try /56 (sla-len 8 ). If /56 does not work then its time to stop guessing and either confirm what prefix sizes are supported by your isp or run dhcp6c in debug mode
I know, I pasted the wrong config, but the submit of my edit timed out multiple times. I will give it another try to edit the post with my current result.
-- Edit
With the removal of some ip6table rules I now scored 10/10 on http://test-ipv6.com/ on br1 too
Thanks!
Since I like to document things for myself, I will post some documentation later. The main thing to me was that I did not know you needed dhcp6c. _________________ Netgear WNDR4300v1 DD-WRT v3.0 BS r29837 | Netgear R6400 DD-WRT v3.0 KB r33525M | Tickets: 5429 IPv4 & IPv6-PD | ProFTP & Samba to USB thumb | DNSMasq DHCPv6 | Pi-Hole on RasPi
Joined: 13 Mar 2014 Posts: 856 Location: Montreal, QC
Posted: Tue Apr 05, 2016 19:15 Post subject:
Good to hear you got it working.
Before I stop following the atheros sub-forum would you mind sending me a PM with the results of the following commands, this way I can walk away knowing there's no glaring issues
Joined: 20 Mar 2014 Posts: 4 Location: San Francisco, CA, USA
Posted: Fri Jan 06, 2017 13:50 Post subject: working 6rd config for charter
So I got everything working with the Charter 6rd tunnel finally, before I used radvd as suggested in the wiki, but that doesn't work for windows hosts, so I'm now using the dnsmasq config suggested here and everything is working great, here is my config:
if [ -n "$WANIP" ]; then
V6PREFIX=$(printf $PREFIX':%02x%02x:%02x%02x' $(echo $WANIP | tr . ' '))
ip tunnel add tun6rd mode sit local $WANIP ttl 255
ip tunnel 6rd dev tun6rd 6rd-prefix $PREFIX::/32
ip addr add $V6PREFIX::1/32 dev tun6rd
ip addr add $V6PREFIX::1/64 dev br0
ip link set tun6rd mtu 1280
ip link set tun6rd up
ip route add ::/0 via ::$IP6RD dev tun6rd
kill -HUP $(cat /var/run/radvd.pid) 2>/dev/null
fi
firewall script to allow IPV6 traffic (Administration -> Commands, save as firewall):
Had to take down my reply because today James told me in another thread that the configuration above is completely absurd and wrong period and whatever else he said to completely belittle my help.