lfventura DD-WRT Novice
Joined: 29 Jun 2022 Posts: 1
|
Posted: Wed Jun 29, 2022 9:36 Post subject: IPV6 Delegation - Made it work on stock, but failing with DD |
|
Hi,
My provider (Oi) enables me for IPv6 prefix delegation (with the modem in routing mode, they block bridge mode).
I tried several ways and read a lot of topics in the past 24h but I did not managed to actually make it work, besides my clients are now receiving IPV6 addressing.
Code: | Router: Netgear R7000
Firmware: DD-WRT v3.0-r49392 std (06/29/22) |
My router gets IPv6 on its WAN interface, from the router terminal I can ping IPV6 addresses and IPs, but nothing for the LAN.
To give some background: I made it work with the Stock Netgear firmware, in the Stock I had to set the IPV6 configuration as "Pass-through" and no extra configuration was needed. Everything worked with the same topology I will show in the next lines.
My network topology is like this:
Provider Router (Oi) -> Netgear R7000 (Router mode) -> Clients
My provider blocks their router when I put it in Bridge mode (Well known problem for Oi users) so my Provider Router has a DMZ configuration that forwards all WAN Ports to Netgear and this avoids Double NAT issues in my internal network.
So for the Netgear (DD-WRT) it gets a private IPV4 along with an IPV6
This is my current situation:
From Netgear DDWRT Router:
Code: | 0;root@R7000: ~root@R7000:~# ping6 www.google.com
PING www.google.com (2800:3f0:4004:80b::2004): 56 data bytes
64 bytes from 2800:3f0:4004:80b::2004: seq=0 ttl=116 time=6.346 ms
64 bytes from 2800:3f0:4004:80b::2004: seq=1 ttl=116 time=4.776 ms
64 bytes from 2800:3f0:4004:80b::2004: seq=2 ttl=116 time=4.686 ms
--- www.google.com ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 4.686/5.269/6.346 ms |
Custom DHCPV6 Client Daemon:
(When I set this up, my clients started to get the Google DNS Server, not my provider DNS, what is kind odd):
Code: | interface vlan2 {
send ia-pd 0;
send rapid-commit;
request domain-name-servers;
script "/sbin/dhcp6c-state";
};
id-assoc pd 0 {
prefix-interface br0 {
sla-id 0;
sla-len 0;
};
};
id-assoc na 0 { }; |
radv custom config:
Ps: My prefix is dynamic, but for now I am putting the one that is currently assigned to me to make it easier to create this setup and troubleshoot it. It should not be an immediate problem, as my provider takes months before switching my IPV4 or IPV6 addresses.
To hide sensitive information I replaced the addresses on al snippets, but I did not messed it up. Everything was replaced by a fake but exact match on each line it appears
Code: | interface br0 {
AdvSendAdvert on;
prefix aaaa:bbb:cccc:dddd::/64 {
AdvOnLink on;
AdvAutonomous on;
AdvRouterAddr on;
};
};
|
Quick note over here: I first tried without setting radv customization (Just enabled) and without enabling dhcpv6 client. Unfortunately, this way I was only getting a local IPv6 in my client. After I made this configuration, my client started to get some IPV6 addressing.
In my provider router, under IPV6 this is the info I have:
Code: | IPv6 address
aaaa:bbb:31e:19c9::1
IPv6 Prefix
aaaa:bbb:cccc:dddd::/56
IPv6 Gateway
fe80::ea4:2ff:fed4:395b
Primary DNS
2804:d41::4
Second DNS
2804:d45:400::7 |
And this is what I get in my client:
Code: | IPAddress : fe80::84e6:f7de:e7ec:1051%13
InterfaceIndex : 13
InterfaceAlias : Wi-Fi
AddressFamily : IPv6
Type : Unicast
PrefixLength : 64
PrefixOrigin : WellKnown
SuffixOrigin : Link
AddressState : Preferred
ValidLifetime : Infinite ([TimeSpan]::MaxValue)
PreferredLifetime : Infinite ([TimeSpan]::MaxValue)
SkipAsSource : False
PolicyStore : ActiveStore
IPAddress : aaaa:bbb:cccc:dddd:f0f1:e153:107a:b126
InterfaceIndex : 13
InterfaceAlias : Wi-Fi
AddressFamily : IPv6
Type : Unicast
PrefixLength : 128
PrefixOrigin : RouterAdvertisement
SuffixOrigin : Random
AddressState : Preferred
ValidLifetime : 23:55:30
PreferredLifetime : 03:55:30
SkipAsSource : False
PolicyStore : ActiveStore
IPAddress : aaaa:bbb:cccc:dddd:84a1:a1ba:b3bd:2162
InterfaceIndex : 13
InterfaceAlias : Wi-Fi
AddressFamily : IPv6
Type : Unicast
PrefixLength : 64
PrefixOrigin : RouterAdvertisement
SuffixOrigin : Link
AddressState : Preferred
ValidLifetime : 23:55:30
PreferredLifetime : 03:55:30
SkipAsSource : False
PolicyStore : ActiveStore
|
And from this client I can't ping any IPV6 address or tracepath to any IPV6 address, it fails without any line in the traceroute.
Code: | C:\Users\lfven>tracert -6 www.google.com
Rastreando a rota para www.google.com [2800:3f0:4004:80b::2004]
com no máximo 30 saltos:
1 * * * Esgotado o tempo limite do pedido.
2 ^C
|
In this same client, if I connect it directly to the provider router, the IPV6 connection works, and this is the output of the very same command with this computer connected directly to the provider router:
Code: | IPAddress : fe80::84e6:f7de:e7ec:1051%13
InterfaceIndex : 13
InterfaceAlias : Wi-Fi
AddressFamily : IPv6
Type : Unicast
PrefixLength : 64
PrefixOrigin : WellKnown
SuffixOrigin : Link
AddressState : Preferred
ValidLifetime : Infinite ([TimeSpan]::MaxValue)
PreferredLifetime : Infinite ([TimeSpan]::MaxValue)
SkipAsSource : False
PolicyStore : ActiveStore
IPAddress : aaaa:bbb:cccc:dddd:9cf0:a473:bd9b:b1db
InterfaceIndex : 13
InterfaceAlias : Wi-Fi
AddressFamily : IPv6
Type : Unicast
PrefixLength : 128
PrefixOrigin : RouterAdvertisement
SuffixOrigin : Random
AddressState : Preferred
ValidLifetime : 00:59:54
PreferredLifetime : 00:59:54
SkipAsSource : False
PolicyStore : ActiveStore
IPAddress : aaaa:bbb:cccc:dddd:84a1:a1ba:b3bd:2162
InterfaceIndex : 13
InterfaceAlias : Wi-Fi
AddressFamily : IPv6
Type : Unicast
PrefixLength : 64
PrefixOrigin : RouterAdvertisement
SuffixOrigin : Link
AddressState : Preferred
ValidLifetime : 00:59:54
PreferredLifetime : 00:59:54
SkipAsSource : False
PolicyStore : ActiveStore |
And as I am connected to the provider router directly, it does ping and traceroute
Code: | C:\Users\lfven>tracert -6 www.google.com
Rastreando a rota para www.google.com [2800:3f0:4004:80a::2004]
com no máximo 30 saltos:
1 1 ms 1 ms 1 ms aaaa:bbb:cccc:dddd::1
2 3 ms 11 ms 9 ms aaa:bbc:0:8000::6
3 * * * Esgotado o tempo limite do pedido.
4 4 ms 4 ms 8 ms 2001:4860:1:1:0:1e3a:0:16
5 23 ms 10 ms 12 ms 2001:4860:0:75::1
6 5 ms 4 ms 5 ms 2001:4860:0:1::5171
7 4 ms 4 ms 4 ms 2800:3f0:4004:80a::2004
Rastreamento concluído. |
Any hints would be highly appreciated. Thank you in advance. I am on this for the past 2 days and I do not understand where is my mistake. |
|