Posted: Sun Jul 31, 2016 1:43 Post subject: IPv6 behind double NAT
Hello, I'm looking on how to set up IPv6 when my router is behind a double NAT. I read the IPv6 wiki article, but there's a ton of conflicting advice. I'm using a WNDR3700v3 r27147 big, so no space for jffs. (I'm not really interested in upgrading because this router has been running a very stable for more than a year now and I don't want to go and copy all the settings one by one again.)
All the other wired/wireless clients connected to the modem have an IPv6 address, but not the router. I tested one of those clients connected directly to the modem and thanks to some major ISP work, it seems to have almost full IPv6 support. However, clients connected to the router don't get any IPv6 at all except obviously for a link-local address.
I tried using the Native IPv6 from ISP option, but that doesn't seem to work. I set the prefix length to 64, two static DNS IPv6 addresses, but I did not set a router address or MTU in hopes that the router would figure this out on its own. Conveniently enough, the in-router help section for IPv6 is completely blank.
Is there a definitive guide to setting up IPv6 when my router is behind a double NAT?
Thanks.
EDIT: Tried changing it to DHCPv6 with prefix delegation, per IRC, no dice yet. QoS is off.
Joined: 13 Mar 2014 Posts: 856 Location: Montreal, QC
Posted: Sun Jul 31, 2016 3:03 Post subject:
my first question is why are you configured with double nat? if your ISP modem is actually a modem / gateway combo unit and your not running it in bridge mode, configuring your ddwrt device as an AP would resolve the ipv6 issue. If the ISP CPE can be run in bridge mode then most likely you could configure your ddwrt device as a gateway with dhcpv6-pd and resolve your issue.
if neither of those scenarios are possible or desired then your options become more limited as what your describing is ipv6 passthrough which is not supported natively by ddwrt. not saying it's impossible to do but it requires some scripting. the method i've used in the past involved modifying settings for accept_ra_pinfo, accept_ra, proxy_ndp and and have dnsmasq assign device ip's via ip -6 neigh proxy add which i'm not sure is supported in MIPS builds.
now if you have full control of CPE static routes could be an option.
I use a double NAT to separate wireless clients from wired clients. The modem has a much better wireless coverage in parts of my house that would only get spotty reception if I were using the router as the main AP.
I have full control of CPE but I am not able to do static routes (TG1672G). Would using Tunnel Broker also be an acceptable alternative? I will try and see if either are possible.
UPDATE: Tunnel Broker seems to be working fine for now.