Zaheer DD-WRT Novice
Joined: 28 Apr 2022 Posts: 3
|
Posted: Thu May 05, 2022 17:29 Post subject: How to route - IPv6 Unique Local Unicast Addresses ( ULA ) |
|
Hi
I setup LAN side IPv6 as a IPv6 Unique Local Unicast Addresses ( ULA ).
IPv6 Unique Local Unicast Addresses ( ULA )
Prefix/L: fd
Global ID: 08ad4f6305
Subnet ID: acf8
Combined/CID: fd08:ad4f:6305:acf8::/64
1. I can see the packets being send from PC to DD-WRT router at br0 and eth0 but no reply coming back from internet.
PC>ping -6 google.com
Pinging google.com [2607:f8b0:400b:807::200e] with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 2607:f8b0:400b:807::200e:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
# tcpdump -nni br0 "icmp6 && ip6[40] == 128"
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on br0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
13:13:08.494213 IP6 fd08:ad4f:6305:acf8:bc74:5fc5:f561:4f73 > 2607:f8b0:400b:807::200e: ICMP6, echo request, id 1, seq 1, length 40
13:13:13.270713 IP6 fd08:ad4f:6305:acf8:bc74:5fc5:f561:4f73 > 2607:f8b0:400b:807::200e: ICMP6, echo request, id 1, seq 2, length 40
13:13:18.328235 IP6 fd08:ad4f:6305:acf8:bc74:5fc5:f561:4f73 > 2607:f8b0:400b:807::200e: ICMP6, echo request, id 1, seq 3, length 40
13:13:23.272964 IP6 fd08:ad4f:6305:acf8:bc74:5fc5:f561:4f73 > 2607:f8b0:400b:807::200e: ICMP6, echo request, id 1, seq 4, length 40
2. I can ping from DD-WRT directly without any issue.
# ping6 google.com
PING google.com (2607:f8b0:400b:807::200e): 56 data bytes
64 bytes from 2607:f8b0:400b:807::200e: seq=0 ttl=116 time=14.143 ms
64 bytes from 2607:f8b0:400b:807::200e: seq=1 ttl=116 time=15.893 ms
64 bytes from 2607:f8b0:400b:807::200e: seq=2 ttl=116 time=12.457 ms
My DD-WRT is behind the ISP router, DD-WRT getting ISP IPv6 address fine on eth0 (WAN side)
But there is no IPv6 on br0 (LAN side), it has only link local address.
inet6 addr: fe80::6238:e0ff:fec7:a589/64 Scope:Link
# ip6tables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all anywhere anywhere state RELATED,ESTABLISHED
ACCEPT ipv6-icmp anywhere anywhere
ACCEPT all fe80::/64 anywhere
ACCEPT all anywhere anywhere
DROP all anywhere anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all anywhere anywhere
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp echo-request limit: avg 2/sec burst 5
DROP all anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
I read about the IPv6-to-IPv6 Network Prefix Translation ( NPTv6 ) , but could find any material how to implement it on DD-WRT.
Any help in this regard will be highly appreciated.
DD-WRT v3.0-r48786 std (c) 2022 NewMedia-NET GmbH
Release: 05/03/22
Board: Linksys WRT32X
Thanks. |
|
Wildlion DD-WRT Guru
Joined: 24 May 2016 Posts: 1416
|
Posted: Fri May 06, 2022 1:32 Post subject: |
|
DD-WRT does not have the full ip6tables in it, unless you are using the x86 version. Essentially what you will have to do is NAT and without the total ip6tables rules present this is not possible.
DD-WRT only supports regular IPv6, ie every machine has a global address and the router routes.
If you have the full ip6tables all you would have to do is:
Code: | ip6tables -t nat -A POSTROUTING -o eth0 -j MASQUERADE |
This would set up the NATing needed, as long as you ahve the routes enabled.
I have done this in the Virtual network lab with x86 machines. |
|