Joined: 01 Dec 2021 Posts: 289 Location: Maryland, United States
Posted: Fri Jan 27, 2023 16:32 Post subject:
It appears the IPv6 changes to DD-WRT disabled compatibly with Comcast IPv6. EGC I tried your firewall commands but it did not enable WAN IPv6. The following commands did get me a WAN IPv6 address:
Fix (added this to startup Firewall Commands):
ip6tables -F
ip6tables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
ip6tables -A INPUT -p icmpv6 -j ACCEPT
ip6tables -A INPUT -s fe80::/64 -j ACCEPT
ip6tables -A INPUT -p udp --dport 546 -j ACCEPT
ip6tables -A INPUT -i lo -j ACCEPT
ip6tables -A INPUT -i br0 -j ACCEPT
ip6tables -A INPUT -j DROP
But no LAN IPv6 address. I did try all the previous solutions to get a LAN Ipv6 address, but they do not work.
Joined: 18 Mar 2014 Posts: 12884 Location: Netherlands
Posted: Fri Jan 27, 2023 18:30 Post subject:
PaulGo wrote:
It appears the IPv6 changes to DD-WRT disabled compatibly with Comcast IPv6. EGC I tried your firewall commands but it did not enable WAN IPv6. The following commands did get me a WAN IPv6 address:
Fix (added this to startup Firewall Commands):
ip6tables -F
ip6tables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
ip6tables -A INPUT -p icmpv6 -j ACCEPT
ip6tables -A INPUT -s fe80::/64 -j ACCEPT
ip6tables -A INPUT -p udp --dport 546 -j ACCEPT
ip6tables -A INPUT -i lo -j ACCEPT
ip6tables -A INPUT -i br0 -j ACCEPT
ip6tables -A INPUT -j DROP
But no LAN IPv6 address. I did try all the previous solutions to get a LAN Ipv6 address, but they do not work.
As far as I can see all those rules are already present, besides it looks like your rules are appended so probably are not hit at all, you can view it with : ip6tables -vnL
It appears the IPv6 changes to DD-WRT disabled compatibly with Comcast IPv6. EGC I tried your firewall commands but it did not enable WAN IPv6. The following commands did get me a WAN IPv6 address:
Fix (added this to startup Firewall Commands):
ip6tables -F
ip6tables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
ip6tables -A INPUT -p icmpv6 -j ACCEPT
ip6tables -A INPUT -s fe80::/64 -j ACCEPT
ip6tables -A INPUT -p udp --dport 546 -j ACCEPT
ip6tables -A INPUT -i lo -j ACCEPT
ip6tables -A INPUT -i br0 -j ACCEPT
ip6tables -A INPUT -j DROP
But no LAN IPv6 address. I did try all the previous solutions to get a LAN Ipv6 address, but they do not work.
As far as I can see all those rules are already present, besides it looks like your rules are appended so probably are not hit at all, you can view it with : ip6tables -vnL
You are using a recent build?
Check with ifconfig if br0 has got an IPv6 address
This is what I get using the above firewall commands:
Joined: 24 Feb 2013 Posts: 1634 Location: Belgrade
Posted: Sat Jan 28, 2023 10:07 Post subject:
on the first page Per Ingve Berg allready told him to post output of ifconfig but I supose he missundetood him and posted output from windows client machine (ipconfig /all)...
@PaulGo
you need to post output of ifconfig from router itself... I you cannot ssh you can use GUI
http://192.168.1.1/Diagnostics.asp and in the Commands field type ifconfig and hit green "Run commands" button ath the bottom... and post output so we can see if you get Global unicast adress... it could be routing problem... then post ip6tables -S and ip6tables -vnL
Joined: 01 Dec 2021 Posts: 289 Location: Maryland, United States
Posted: Sat Jan 28, 2023 19:16 Post subject:
Mile-Lile wrote:
on the first page Per Ingve Berg allready told him to post output of ifconfig but I supose he missundetood him and posted output from windows client machine (ipconfig /all)...
@PaulGo
you need to post output of ifconfig from router itself... I you cannot ssh you can use GUI
http://192.168.1.1/Diagnostics.asp and in the Commands field type ifconfig and hit green "Run commands" button ath the bottom... and post output so we can see if you get Global unicast adress... it could be routing problem... then post ip6tables -S and ip6tables -vnL
we will help you but please do this first...
As you can see, I am not familiar with how to use these commands. I did try what you suggested with the DD-WRT GUI with the Verizon FiOS which works with IPv6, and after I entered ifconfig and did run commands I did not get any response or error message.
Joined: 01 Dec 2021 Posts: 289 Location: Maryland, United States
Posted: Sun Jan 29, 2023 17:35 Post subject:
After some research for putty I found the username is now "root" and I needed to use telnet (I changed the username in the GUI). What appears obvious to someone familiar with this is not unfortunately obvious to me. Anyway, here is the output of ifconfig connected to Comcast getting a WAN nut no LAN using the script shown above:
root@DD-WRT:~# ifconfig
aux0 Link encap:Ethernet HWaddr 10:0C:6B:5D:B3:EA
inet6 addr: fe80::120c:6bff:fe5d:b3ea/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:9 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:838 (838.0 B)
Interrupt:179 Base address:0x4000