Recently my provider switched from IPv4 to native IPv6 Dual Stack lite.
I get assigned IPv6 address /56 using DHCPv6 Prefix Delegation mechanism + ATFR name for IPv4
Does anyone have experience setting up Dual Stack using dd-wrt on R7000?
ISP requires some specific options, otherwise will not respond to the query:
Are these options supported by the current client used by dd-wrt? I have succesfully used isc dhclient to get a DHCPv6 response on another OS. _________________ Asus RT-AC66R Target:brcm47xx SubTarget:mips74k Packages:mipsel_74kc
Netgear R7000 Target:bcm53xx Packages:arm_cortex-a9
With my Telus ISP I recently upgraded my services to include TV. Their OptikTV Boxes connect either Ethernet of Wireless. I have both OptikTV boxes connected via etherent going through an number of Netgear Smart-Plus Switches (layer-2). These OptikTV boxes support 4K streaming and was having stuttering issues with only one 4K stream. So I ended up tweaking the network switches leaving the the QoS set to 802.1p and IGMP tweaks. Now I can stream three 4K streams no problem (view 2x 4K and record HD, ISP has a limit of only two 4K stream with HD/SD or 5 HD streams) all was good util a couple days ago I noticed that no devices was getting IPv6 Internet access. Long story short, these layer-2 Smart-Plus switches do not support IPv6 so Enabling "Block Unknown Multicast Addresses" would break IPv6, so disabling it, fixed it. _________________ Home Network on Telus 1Gb PureFibre - 10GbE Copper Backbone
2x R7800 - Gateway & WiFi & 3xWireGuard - DDWRT r53562 Std k4.9
Off Site 1
R7000 - Gateway & WiFi & WireGuard - DDWRT r54517 Std
E3000 - Station Bridge - DDWRT r49626 Mega K4.4
Off Site 2
R7000 - Gateway & WiFi - DDWRT r54517 Std
E2000 - Wired ISP IPTV PVR Blocker - DDWRT r35531
Apr 18 13:23:14 DD-WRT daemon.warn dnsmasq[3348]: warning: ignoring resolv-file flag because no-resolv is set
Apr 18 13:23:14 DD-WRT daemon.info dnsmasq-dhcp[3348]: DHCP, IP range XXX.XXX.X.100 -- XXX.XXX.X.149, lease time 1d
Apr 18 13:23:14 DD-WRT daemon.info dnsmasq-dhcp[3348]: DHCPv6 stateless on br0
Apr 18 13:23:14 DD-WRT daemon.info dnsmasq-dhcp[3348]: router advertisement on br0
Apr 18 13:23:14 DD-WRT daemon.info dnsmasq-dhcp[3348]: DHCPv6 stateless on 2804:zxx:xxxx:xxxx::, constructed for br0
Apr 18 13:23:14 DD-WRT daemon.info dnsmasq-dhcp[3348]: router advertisement on 2804:zxx:xxxx:xxxx::, constructed for br0
Apr 18 13:23:14 DD-WRT daemon.info dnsmasq-dhcp[3348]: IPv6 router advertisement enabled
Apr 18 13:23:14 DD-WRT daemon.info dnsmasq[3348]: using nameserver 2606:4700:4700::1111#53
Apr 18 13:23:14 DD-WRT daemon.info dnsmasq[3348]: using nameserver 2606:4700:4700::1001#53
Apr 18 13:23:14 DD-WRT daemon.info dnsmasq[3348]: using nameserver 1.1.1.1#53
Apr 18 13:23:14 DD-WRT daemon.info dnsmasq[3348]: using nameserver 1.0.0.1#53
Apr 18 13:23:14 DD-WRT user.info : dnsmasq : daemon successfully started
Apr 18 13:23:14 DD-WRT daemon.info dnsmasq[3348]: read /etc/hosts - 2 addresses
Apr 18 13:23:14 DD-WRT user.info : wland : daemon successfully stopped
Apr 18 13:23:14 DD-WRT user.info : wland : daemon successfully started
Apr 18 13:23:14 DD-WRT user.info : wan : WAN is up. IP: 179.XXX.XXX.XXX
Apr 18 13:23:14 DD-WRT user.info : igmprt : successfully started
Apr 18 13:23:14 DD-WRT user.info : process_monitor : daemon successfully stopped
Apr 18 13:23:14 DD-WRT user.info : process_monitor : successfully started
Apr 18 13:23:15 DD-WRT user.info : vpn modules : vpn modules successfully unloaded
Apr 18 13:23:15 DD-WRT user.info : vpn modules : nf_conntrack_proto_gre successfully loaded
Apr 18 13:23:15 DD-WRT user.info : vpn modules : nf_nat_proto_gre successfully loaded
Apr 18 13:23:15 DD-WRT user.info : vpn modules : nf_conntrack_pptp successfully loaded
Apr 18 13:23:15 DD-WRT user.info : vpn modules : nf_nat_pptp successfully loaded
Apr 18 13:23:19 DD-WRT daemon.err ntpclient[3367]: Failed resolving address to hostname br.pool.ntp.org: Try again
Apr 18 13:23:19 DD-WRT daemon.err ntpclient[3367]: Failed resolving server br.pool.ntp.org: Network is down
Apr 18 13:23:19 DD-WRT daemon.err process_monitor[3364]: cyclic NTP Update failed (servers br.pool.ntp.org)
Apr 18 13:23:19 DD-WRT daemon.err process_monitor[3364]: Last update failed, we need to re-update after 30 seconds
Apr 18 13:23:19 DD-WRT daemon.debug process_monitor[3364]: We need to re-update after 3600 seconds
Apr 18 13:23:19 DD-WRT daemon.info process_monitor[3364]: process_monitor : set timer: 3600 seconds, callback: ntp_main()
Apr 18 13:23:21 DD-WRT daemon.info dnsmasq[3348]: read /jffs/dnsmasq/mphosts - 347606 addresses
Code:
root@DD-WRT:~# ip -6 addr show
1: lo: <LOOPBACK,MULTICAST,UP,LOWER_UP> mtu 65536 state UNKNOWN qlen 1
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UNKNOWN qlen 1000
inet6 fe80::XXXX:XXXX:XXXX:XXXX/64 scope link
valid_lft forever preferred_lft forever
4: vlan1@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 fe80::XXXX:XXXX:XXXX:XXXX/64 scope link
valid_lft forever preferred_lft forever
5: vlan2@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 fe80::XXXX:XXXX:XXXX:XXXX/64 scope link
valid_lft forever preferred_lft forever
6: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UNKNOWN qlen 1000
inet6 fe80::XXXX:XXXX:XXXX:XXXX/64 scope link
valid_lft forever preferred_lft forever
7: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UNKNOWN qlen 1000
inet6 fe80::XXXX:XXXX:XXXX:XXXX/64 scope link
valid_lft forever preferred_lft forever
10: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 2804:XXXX:XXXX:XXXX:XXXX:0/64 scope global
valid_lft forever preferred_lft forever
inet6 fe80::XXXX:XXXX:XXXX:XXXX/64 scope link
valid_lft forever preferred_lft forever
root@DD-WRT:~# ip -6 route
XXXX:XXXX:XXXX:XXXX::/64 dev br0 metric 256
fe80::/64 dev eth0 metric 256
fe80::/64 dev br0 metric 256
fe80::/64 dev vlan1 metric 256
fe80::/64 dev eth1 metric 256
fe80::/64 dev eth2 metric 256
fe80::/64 dev vlan2 metric 256
default via fe80::XXXX:XXXX:XXXX:XXXX dev vlan2 metric 1024 expires 1798sec
unreachable default dev lo metric -1 error -101
ff00::/8 dev eth0 metric 256
ff00::/8 dev br0 metric 256
ff00::/8 dev vlan1 metric 256
ff00::/8 dev eth1 metric 256
ff00::/8 dev eth2 metric 256
ff00::/8 dev vlan2 metric 256
unreachable default dev lo metric -1 error -101
root@DD-WRT:~# ping6 2001:4860:4860::8888
PING 2001:4860:4860::8888 (2001:4860:4860::8888): 56 data bytes
64 bytes from 2001:4860:4860::8888: seq=0 ttl=59 time=10.660 ms
64 bytes from 2001:4860:4860::8888: seq=1 ttl=59 time=9.954 ms
64 bytes from 2001:4860:4860::8888: seq=2 ttl=59 time=9.764 ms
64 bytes from 2001:4860:4860::8888: seq=3 ttl=59 time=10.297 ms
64 bytes from 2001:4860:4860::8888: seq=4 ttl=59 time=11.033 ms
64 bytes from 2001:4860:4860::8888: seq=5 ttl=59 time=9.541 ms
64 bytes from 2001:4860:4860::8888: seq=6 ttl=59 time=9.732 ms
^C
--- 2001:4860:4860::8888 ping statistics ---
7 packets transmitted, 7 packets received, 0% packet loss
round-trip min/avg/max = 9.541/10.140/11.033 ms
My usual 19/20 test result started returning 17/20 on my Windows 10 PC when I upgraded to r39572 (ICMP not tested). Disabling the ICMPv6 rule on the Windows 10 firewall caused ICMP not tested to change to ICMP filtered, but simply re-enabling the same firewall rule got me back to 19/20 with no changes to the router.
13: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 2001:470:fxxx::/48 scope global
valid_lft forever preferred_lft forever
inet6 fe80::ae9e:17ff:fea9:c1f4/64 scope link
21: ip6tun@NONE: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1480 state UNKNOWN qlen 1
inet6 2001:470:c:1xxx::2/64 scope global
valid_lft forever preferred_lft forever
inet6 fe80::adc4:dd63/64 scope link
valid_lft forever preferred_lft forever
Here is the output of ip for route:
Code:
root@ddwrt-ac3200:~# ip -6 route list
2001:470:c:1xxx::/64 dev ip6tun metric 1024
2001:470:fxxx::/48 dev br0 metric 256
2000::/3 dev ip6tun metric 1024
so br0 does have the /48 that was assigned to me by HE and the route list looks right.
I can route/ping from the DDWRT router. Local Clients get correct assigned /64 addresses. But I can't route from any of the LAN clients
Any help would be appreciated
NOTE: I haven't added any br1 because I was still testing to get br0 working _________________ ASUS RT-AC3200 - Deployed Client's site
ASUS RT-AC5200 - Merlin
ASUS RT-AX88U - Merlin
Even if it did, how can I control the IPv6 Scope. I got assigned 2001:470:f3xx::/48 from HE.
But I want to SPECIFICALLY use 2001:470:f3xx:1::/64, 2001:470:f3xx:2::/64, and so on. Not whatever it decides it wants to use after 2001:470:f3xx::/48 _________________ ASUS RT-AC3200 - Deployed Client's site
ASUS RT-AC5200 - Merlin
ASUS RT-AX88U - Merlin
I get the RIGHT subnet assignment IPs but i get NO routes
I wonder... if I should be sending that to the ip6tun interface and not the vlan2
****UPDATE: Just tried to turn off radvd and doesn't do anything different _________________ ASUS RT-AC3200 - Deployed Client's site
ASUS RT-AC5200 - Merlin
ASUS RT-AX88U - Merlin
If ipv6 only works on router
It seems that the routing is not correctly created when using 6in4.
If you log into the router and pinging ipv6.google.com works but not on other computers in LAN.
Then try run this commands to add routing:
Code:
ip -6 addr add [Assigned / Routed Prefix] dev br0
ip -6 ro add default via [Tunnel Client IPv6 Address] dev ip6tun
If it works now you can add those lines to startup script under Administration -> Save Firewall.
But when I do that I get this....
Code:
root@ddwrt-ac3200:~# ip -6 addr add 2001:470:fxxx::/48 dev br0
ip: RTNETLINK answers: File exists
root@ddwrt-ac3200:~# ip -6 r add default 2001:470:c:1xxx::2/64 dev ip6tun
ip: either "to" is duplicate, or "2001:470:c:1xxx::2/64" is garbage
which leave me to think I have done everything by that WIKI guide.
How can I contact the author of that guide? _________________ ASUS RT-AC3200 - Deployed Client's site
ASUS RT-AC5200 - Merlin
ASUS RT-AX88U - Merlin
root@ddwrt-ac3200:~# ip -6 addr add 2001:470:fxxx::/48 dev br0
br0 shall have the first /64 block of the /48 prefix
okay so I had to do a
Code:
ip -6 addr del 2001:470:fxxx::/48 dev br0
then it would allow me to add
Code:
ip -6 addr add 2001:470:fxxx::/64 dev br0
ip -6 addr add 2001:470:fxxx:1::/64 dev br1
I am also getting an error when I execute this line as recommend by the DDWRT WIKI:
Code:
root@ddwrt-ac3200:~# ip -6 r add default via 2001:470:c:1xxx::2/64 dev ip6tun
ip: an inet address is expected rather than "2001:470:c:1xxx::2/64"
not sure if this has anything to do with it either from listing the ip route
Code:
unreachable default dev lo metric -1 error -101
Here are the result:
Code:
13: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 2001:470:fxxx::/64 scope global
valid_lft forever preferred_lft forever
inet6 fe80::ae9e:17ff:fea9:c1f4/64 scope link
valid_lft forever preferred_lft forever
14: br1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 2001:470:fxxx:1::/64 scope global
valid_lft forever preferred_lft forever
inet6 fe80::ac62:3dff:fe3c:2246/64 scope link
valid_lft forever preferred_lft forever
As good as those outputs looks. My LAN clients STILL can't access anything via IPv6 route. either way with 2001:470:fxxx:1::/64 or 2001:470:fxxx:1::/48 at br0. Nothing gets through... nothing gets through at br1 either.
Just incase I missed something:
_________________ ASUS RT-AC3200 - Deployed Client's site
ASUS RT-AC5200 - Merlin
ASUS RT-AX88U - Merlin
ip -6 addr add 2001:470:fxxx::/64 dev br0
ip -6 addr add 2001:470:fxxx:1::/64 dev br1
You are missing the host portion of the address.
Code:
ip -6 addr add 2001:470:fxxx::1/64 dev br0
ip -6 addr add 2001:470:fxxx:1::1/64 dev br1
I added the 'host' address but same.. still can't reach out beyond WAN.
Code:
14: br1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 2001:470:fxxx:2::/64 scope global
valid_lft forever preferred_lft forever
inet6 2001:470:fxxx:2::1/64 scope global
valid_lft forever preferred_lft forever
inet6 fe80::ac62:3dff:fe3c:2246/64 scope link
valid_lft forever preferred_lft forever
I tried it with and without 2001:470:fxxx:2::/64
I feel like it has to do with the routing. its like it doesn't know it needs to go through interface 'ip6tun'
Code:
2001:470:c:1xxx::/64 dev ip6tun metric 1024
2001:470:fxxx:2::/64 dev br1 metric 256
2001:470:fxxx::/48 dev br0 metric 256
2000::/3 dev ip6tun metric 1024
fe80::/64 dev eth0 metric 256
fe80::/64 dev vlan6 metric 256
fe80::/64 dev br1 metric 256
fe80::/64 dev vlan1 metric 256
fe80::/64 dev eth1 metric 256
fe80::/64 dev eth2 metric 256
fe80::/64 dev eth3 metric 256
fe80::/64 dev vlan3 metric 256
fe80::/64 dev vlan2 metric 256
fe80::/64 dev ip6tun metric 256
fe80::/64 dev wl0.1 metric 256
fe80::/64 dev wl1.1 metric 256
fe80::/64 dev br0 metric 256
unreachable default dev lo metric -1 error -101
ff00::/8 dev eth0 metric 256
ff00::/8 dev vlan6 metric 256
ff00::/8 dev br1 metric 256
ff00::/8 dev vlan1 metric 256
ff00::/8 dev eth1 metric 256
ff00::/8 dev eth2 metric 256
ff00::/8 dev eth3 metric 256
ff00::/8 dev vlan3 metric 256
ff00::/8 dev vlan2 metric 256
ff00::/8 dev br0 metric 256
ff00::/8 dev ip6tun metric 256
ff00::/8 dev wl0.1 metric 256
ff00::/8 dev wl1.1 metric 256
unreachable default dev lo metric -1 error -101
root@ddwrt-ac3200:~# ip -6 route add default via 2001:470:c:1xxx::2/64 dev ip6tun
ip: an inet address is expected rather than "2001:470:c:1xxx::2/64"
root@ddwrt-ac3200:~# ip -6 route add 2001:470:fxxx:2::/64 via 2001:470:c:1xxx::2/64 dev ip6tun
ip: an inet address is expected rather than "2001:470:c:1xxx::2/64"
root@ddwrt-ac3200:~# ip -6 route add 2001:470:fxxx:2::1/64 via 2001:470:c:1xxx::2/64 dev ip6tun
ip: an inet address is expected rather than "2001:470:c:1xxx::2/64"
root@ddwrt-ac3200:~# ip -6 route add 2001:470:fxxx:2::1 via 2001:470:c:1xxx::2/64 dev ip6tun
ip: an inet address is expected rather than "2001:470:c:1xxx::2/64"
root@ddwrt-ac3200:~# ip -6 route add 2001:470:fxxx:2::1 via 2001:470:c:103f::2 dev ip6tun
ip: RTNETLINK answers: Invalid argument
root@ddwrt-ac3200:~# ip -6 route add 2001:470:fxxx:2::/64 via 2001:470:c:103f::2 dev ip6tun
ip: RTNETLINK answers: Invalid argument
root@ddwrt-ac3200:~# ip -6 route add 2001:470:fxxx:2::1 via 2001:470:c:103f::2 dev ip6tun
ip: RTNETLINK answers: Invalid argument
root@ddwrt-ac3200:~# ip -6 route add default via 2001:470:c:1xxx::2 dev ip6tun
ip: RTNETLINK answers: Invalid argument
_________________ ASUS RT-AC3200 - Deployed Client's site
ASUS RT-AC5200 - Merlin
ASUS RT-AX88U - Merlin
Last edited by mbze430 on Wed May 01, 2019 19:11; edited 1 time in total