[AusNOG] Any Telstra Internet Direct contacts out there?
Damien Gardner Jnr
rendrag at rendrag.net
Tue Feb 25 20:57:35 EST 2014
On 25 Feb 2014, at 6:07 pm, Jeremy Visser <jeremy at visser.name> wrote:
> On 24/02/14 20:16, Damien Gardner Jnr wrote:
>> If you need help with an 877 config that works with TID (the
>> internode config doesn’t quite work), let me know
>
> Can you post it here? I can't be the only one curious as to the actual line-by-line differences from the Internode config.
>
> There are only so many ways you can configure DHCPv6-PD on a Cisco…
Funny, now that I compare what ended up working with what Internode gave as a config, there’s not a lot of difference.. Looks like two commands was the entire difference. From memory, the ipv6 dhcp-server made no real difference (Clients get their v6 IP from autoconf, not dhcp), the magic thing seemed to be the ‘ipv6 nd ra interval 60’. If it’s not set, the 877 does no router advertisements, and so clients either wouldn’t get an address at all, or would get one but then loose it within a few seconds.
Also note, If you put IPV6 on a BVI on 12.4, things go horridly wrong. Better to put your IPV4 on the BVI, and IPV6 on the Vlan, and do without v6 on wireless. Or as I did, put it all on the Vlan, and then do your wireless from a second 877, as cisco is happy to pass v6 THROUGH the BVI on the second 877, it just doesn’t do v6 ON the BVI. Note: this only works if you happen to have a spare 877 after having bought one because you got hit with the won’t-reconnect bug in 12.4T5 which appeared after an electrical storm, and thought it was a hardware fault) :-p
Anyway, the config:
! Enable IPv6
ipv6 unicast-routing
ipv6 cef
ipv6 route ::/0 Dialer0
! Clients get IP’s via autoconf, but need DHCPv6 for DNS
ipv6 dhcp pool HOMEV6
dns-server 2001:8000:101::1
dns-server 2001:8000:101::2
!
! IPv6 portions of Dialer0 - note: it doesn’t actually NEED an ipv6 address for internal services to work.
! But the router can’t talk to the interwebzV6 without it
interface Dialer0
ipv6 address tid-ipv6-prefix ::1/128
ipv6 enable
ipv6 traffic-filter INTERNET-IN-ACL6 in
ipv6 verify unicast reverse-path
ipv6 dhcp client pd tid-ipv6-prefix rapid-commit
!
! Internal network interface, v6 portions
interface Vlan1
ipv6 address tid-ipv6-prefix ::1:0:0:0:1/64
ipv6 enable
ipv6 nd ra interval 60
ipv6 verify unicast reverse-path
!
! DMZ Interface
interface Vlan101, v6 portions
ipv6 address tid-ipv6-prefix ::2:0:0:0:1/64
!
! allows to DMZ hosts removed for sanitisation. udp 546 is the dhcp packets to get our PD
ipv6 access-list INTERNET-IN-ACL6
permit tcp any any established
permit icmp any any
permit udp any any eq 546
deny ipv6 any any
!
event manager applet MONITOR-IPV6-DHCP-APP
event syslog pattern "DIALER-6-BIND"
action 1.0 cli command "enable"
action 1.1 cli command "clear ipv6 dhcp client Dialer0"
action 2.0 syslog priority debugging msg "Refreshed IPv6 DHCP PD lease (Dialer rebind)"
!
Cheers,
DG
Damien Gardner Jnr
VK2TDG. Dip EE. GradIEAust
rendrag at rendrag.net - http://www.rendrag.net/
--
We rode on the winds of the rising storm,
We ran to the sounds of thunder.
We danced among the lightning bolts,
and tore the world asunder
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20140225/5db429e6/attachment.html>
More information about the AusNOG
mailing list