Joined: 13 Mar 2014 Posts: 856 Location: Montreal, QC
Posted: Fri Aug 08, 2014 18:17 Post subject:
DaveTheNerd wrote:
I was running into some wonkiness here, but since my understanding of IPv6 is limited (and growing) I wasn't *exactly* sure of what I was seeing.
But what I *think* I'm seeing is that enabling IPv6 on the router with DHCPv6-PD puts it in "router" mode and not "bridge" mode (at least in terms of how it deals with IPv6). I kinda figured that was just a byproduct of this all being new and the code for bridge-mode IPv6 hadn't been put into place in Kong's webif yet. Is that understanding/assumption correct?
Are you also trying to get ipv6 on br0 when the r7000 is acting as a wireless bridge?
On the bridge I would select native as dhcp-pd will not work unless the upstream device has a dhcpv6 server providing pd.
FYI dhcp6c can solicit on any interface and assign IPs to any interface. I suspect the current webif is hard coded to send solicits on the wanif. When I want to do quick dhcp-pd tests I setup a dhcpv6 server on a VM and setup the r7000 to solicit on br0 and assign to another interface.
Now I do not use a wireless bridge so I can't give a definitive answer but I suspect setting up the r7000 to do forwarding and accept RAs on the wireless bridge interface along with setting an ip and RAs on br0 should do the trick.
If I have time next week I will try a wireless bridge in a closed test environment. Unfortunately I don't have the required equipment at home.
Where
Client ipv6 address : 2001:470:AAAA:AAAA::2/64
Routed /48 : 2001:470:BBBB:BBBB::/64
Server IPv4 Address : 209.51.161.14
Add this line to administration->commands->firewall to allow ping from HE tunnel server
iptables -I INPUT 2 -s 66.220.2.74 -p icmp -j ACCEPT
Use ddns to update tunnel endpoint.
I haven't had a chance to flash the latest build from yesterday yet. Do the new 6in4 options allow for setting up guest networks with a /48 prefix like the script previously posted did? In other words, if you enter 64 for the prefix length, I'd expect to only enter the router address (for br0). If I enter 48, it'd be nice to have extra lines to add the addresses for each VAP (wl0.1 and wl1.1), or however you guys think would be best to handle something like that.
I get that this is all work-in-progress stuff, and I'm very appreciative to see any 6in4 support at all. So thanks for that! Just want to make sure there isn't something I'm overlooking, or if this is something that should be done in an additional/custom config section. Not even ready to think about things like pushing IPv6 over VPN, etc....
Joined: 13 Mar 2014 Posts: 856 Location: Montreal, QC
Posted: Fri Aug 08, 2014 19:50 Post subject:
twalls wrote:
JAMESMTL wrote:
HE /64 tunnel via webif with ddwrt v24800
Setup->ipv6->static 6in4
Where
Client ipv6 address : 2001:470:AAAA:AAAA::2/64
Routed /48 : 2001:470:BBBB:BBBB::/64
Server IPv4 Address : 209.51.161.14
Add this line to administration->commands->firewall to allow ping from HE tunnel server
iptables -I INPUT 2 -s 66.220.2.74 -p icmp -j ACCEPT
Use ddns to update tunnel endpoint.
I haven't had a chance to flash the latest build from yesterday yet. Do the new 6in4 options allow for setting up guest networks with a /48 prefix like the script previously posted did? In other words, if you enter 64 for the prefix length, I'd expect to only enter the router address (for br0). If I enter 48, it'd be nice to have extra lines to add the addresses for each VAP (wl0.1 and wl1.1), or however you guys think would be best to handle something like that.
I get that this is all work-in-progress stuff, and I'm very appreciative to see any 6in4 support at all. So thanks for that! Just want to make sure there isn't something I'm overlooking, or if this is something that should be done in an additional/custom config section. Not even ready to think about things like pushing IPv6 over VPN, etc....
You should be able to do this by
1. prefix length to /64 in webif
2. Set routed prefix to 2001:470:BBBB:1::
3. Add the following to the firewall startup commands
ip -6 addr add 2001:470:BBBB:2::1/64 dev wl0.1
ip -6 addr add 2001:470:BBBB:3::1/64 dev wl1.1
Where
Client ipv6 address : 2001:470:AAAA:AAAA::2/64
Routed /48 : 2001:470:BBBB:BBBB::/64
Server IPv4 Address : 209.51.161.14
Add this line to administration->commands->firewall to allow ping from HE tunnel server
iptables -I INPUT 2 -s 66.220.2.74 -p icmp -j ACCEPT
Use ddns to update tunnel endpoint.
I haven't had a chance to flash the latest build from yesterday yet. Do the new 6in4 options allow for setting up guest networks with a /48 prefix like the script previously posted did? In other words, if you enter 64 for the prefix length, I'd expect to only enter the router address (for br0). If I enter 48, it'd be nice to have extra lines to add the addresses for each VAP (wl0.1 and wl1.1), or however you guys think would be best to handle something like that.
I get that this is all work-in-progress stuff, and I'm very appreciative to see any 6in4 support at all. So thanks for that! Just want to make sure there isn't something I'm overlooking, or if this is something that should be done in an additional/custom config section. Not even ready to think about things like pushing IPv6 over VPN, etc....
You should be able to do this by
1. prefix length to /64 in webif
2. Set routed prefix to 2001:470:BBBB:1::
3. Add the following to the firewall startup commands
ip -6 addr add 2001:470:BBBB:2::1/64 dev wl0.1
ip -6 addr add 2001:470:BBBB:3::1/64 dev wl1.1
Are you also trying to get ipv6 on br0 when the r7000 is acting as a wireless bridge?
On the bridge I would select native as dhcp-pd will not work unless the upstream device has a dhcpv6 server providing pd.
FYI dhcp6c can solicit on any interface and assign IPs to any interface. I suspect the current webif is hard coded to send solicits on the wanif. When I want to do quick dhcp-pd tests I setup a dhcpv6 server on a VM and setup the r7000 to solicit on br0 and assign to another interface.
Now I do not use a wireless bridge so I can't give a definitive answer but I suspect setting up the r7000 to do forwarding and accept RAs on the wireless bridge interface along with setting an ip and RAs on br0 should do the trick.
If I have time next week I will try a wireless bridge in a closed test environment. Unfortunately I don't have the required equipment at home.
I've not gotten to try your other suggestion yet but it doesn't seem to be that the bridge itself has issues with IPv6 working, it's just that in bridge mode the device seems to advertise everything behind it out as the same MAC and thus only 1 device can get a v6 address, which if I remember correct ends up being the router itself.
My provider does DHCP-PD and my main router gets a /64 from them assigned to the LAN.
I just want the bridge clients to get addresses from the main routers pool.
Hopefully some others will get to mess with bridge mode. It's a pain for me to go back and forth but I'd love to keep it on the dd-wrt.
I think I got really lucky: I just purchased the R7000 yesterday, and it looks like IPv6 support was very recently added to this build of DD-WRT. Nice
Kong, there's no paypal donation link on my version of DD-WRT (Firmware: DD-WRT v24-sp2 (08/07/14) kongac)
Not being familiar with the various IPv6 related utilities, I was wondering if anyone could tell me how I could use the current web interface to request a prefix delegation of 60 from comcast (instead of the 64 they assign by default.) Just changing the "Prefix Length" on the IPv6 page doesn't seem to have any impact on the /tmp/dhcp6c.conf file. I expected a prefix hint to be added there...
(Honestly, I don't _need_ the extra multi-millions of IP addresses, but I want to play around some and see what kind of mess I could make on my local network.)
Just use the paypal button, that is integrated in dd-wrt webif. If you want to hide the donation button just run:
nvram set donate=1
nvram commit
However, I can't seem to find the paypal button, and I don't want to hide it. That was why I asked the question.
Have you looked on the Sys-info tab? If it is truly missing, how does that command in the link provided not help you? Are you looking for someone to spell it out for you?
I've read it, I know what it says, and I also am able to figure out that if that command turns it off, something similar must turn it on. _________________ R7000 Nighthawk - DD-WRT v3.0-r50308
R7000 Nighthawk - DD-WRT v3.0-r50308
~~~~~~~~~~Dismantled for learning opportunities~~~~~~~~~~
WRT54Gv2
WRT54Gv8.2
~~~~~~~~~~Other Settings~~~~~~~~~
https://nextdns.io/?from=2d3sq39x https://pi-hole.net/ https://github.com/DNSCrypt/dnscrypt-proxy
Ah, so THAT's where it is. Wasn't that easier than that sarcasm, snide remarks, etc?
Have a nice day
Gary
It all depends on how you react to the help/direction you are given. There was no sarcasm, snide remarks in my original reply to you. Think about that...as you are having a nice day. _________________ R7000 Nighthawk - DD-WRT v3.0-r50308
R7000 Nighthawk - DD-WRT v3.0-r50308
~~~~~~~~~~Dismantled for learning opportunities~~~~~~~~~~
WRT54Gv2
WRT54Gv8.2
~~~~~~~~~~Other Settings~~~~~~~~~
https://nextdns.io/?from=2d3sq39x https://pi-hole.net/ https://github.com/DNSCrypt/dnscrypt-proxy
Joined: 13 Mar 2014 Posts: 856 Location: Montreal, QC
Posted: Sun Aug 10, 2014 21:50 Post subject:
garyd9 wrote:
I think I got really lucky: I just purchased the R7000 yesterday, and it looks like IPv6 support was very recently added to this build of DD-WRT. Nice
Kong, there's no paypal donation link on my version of DD-WRT (Firmware: DD-WRT v24-sp2 (08/07/14) kongac)
Not being familiar with the various IPv6 related utilities, I was wondering if anyone could tell me how I could use the current web interface to request a prefix delegation of 60 from comcast (instead of the 64 they assign by default.) Just changing the "Prefix Length" on the IPv6 page doesn't seem to have any impact on the /tmp/dhcp6c.conf file. I expected a prefix hint to be added there...
(Honestly, I don't _need_ the extra multi-millions of IP addresses, but I want to play around some and see what kind of mess I could make on my local network.)
Thanks
Gary
Are you trying to setup multiple /64s on multiple interfaces or one big /60 on br0