[AusNOG] EdgeRouter IPv6 on AussieBB

Alex Wakefield AlexWakefield at fastmail.com.au
Mon Sep 9 11:09:14 EST 2019


Hi all,

Thanks for all the config! I can't explain it, but just doing the release/renew command below managed to make my setup "just work".

Hope everyone has a great week!

Regards,
Alex


On Sun, 8 Sep 2019, at 5:21 PM, Chris Lee wrote:
> Hi Alex,
> 
> Yes have ER-X running 2.0.6 working well with ABB.. some snippet of interface and firewall stanzas below. I put the dhcpv6-pd on switch0 interface for my local LAN. I have a virtual interface on the WAN port as well to manage the Netcomm NFV modem from ABB that I put into bridge mode. Also have a Netgear 4G ethernet router on the second ethernet port that I use the load-balancing features with to failover to 4G automatically if NBN/ABB becomes unavailable (but haven't enabled IPv6 on the 4G yet), so far works fairly well. 
> 
> On occasion when there's been issues with IPv6 I've found I've had to manually release/delete the DUID and renew dhcpv6-pd on the edgerouter with the commands below. 
> 
> release dhcpv6-pd interface eth0
> delete dhcpv6-pd duid
> renew dhcpv6-pd interface eth0
> 
> other than that just show interfaces and you should see your /128 IA-NA IPv6 address on the eth0 interface and a /64 from the IA-PD on switch0 interface. 
> 
> interfaces {
>  ethernet eth0 {
>  address dhcp
>  description "WAN Aussie Broadband FTTN"
>  dhcp-options {
>  default-route update
>  default-route-distance 10
>  name-server no-update
>  }
>  dhcpv6-pd {
>  pd 0 {
>  interface switch0 {
>  host-address ::1
>  prefix-id :1
>  service slaac
>  }
>  prefix-length /56
>  }
>  rapid-commit disable
>  }
>  duplex auto
>  firewall {
>  in {
>  ipv6-name WANv6_IN
>  name WAN_IN
>  }
>  local {
>  ipv6-name WANv6_LOCAL
>  name WAN_LOCAL
>  }
>  }
>  speed auto
>  vif 3 {
>  address 10.1.1.2/24
>  description "NetComm Management"
>  firewall {
>  in {
>  name WAN_IN
>  }
>  local {
>  name WAN_LOCAL
>  }
>  }
>  mtu 1500
>  }
>  }
> }
> 
> 
> firewall {
>  ipv6-name WANv6_IN {
>  default-action drop
>  description "WAN inbound traffic forwarded to LAN"
>  enable-default-log
>  rule 10 {
>  action accept
>  description "Allow established/related sessions"
>  protocol all
>  state {
>  established enable
>  related enable
>  }
>  }
>  rule 20 {
>  action drop
>  description "Drop invalid state"
>  protocol all
>  state {
>  invalid enable
>  }
>  }
>  rule 30 {
>  action accept
>  description "allow ICMPv6"
>  protocol icmpv6
>  }
>  }
>  ipv6-name WANv6_LOCAL {
>  default-action drop
>  description "WAN inbound traffic to the router"
>  enable-default-log
>  rule 10 {
>  action accept
>  description "Allow established/related sessions"
>  protocol all
>  state {
>  established enable
>  related enable
>  }
>  }
>  rule 20 {
>  action drop
>  description "Drop invalid state"
>  protocol all
>  state {
>  invalid enable
>  }
>  }
>  rule 30 {
>  action accept
>  description "Allow IPv6 icmp"
>  protocol ipv6-icmp
>  }
>  rule 40 {
>  action accept
>  description "allow dhcpv6"
>  destination {
>  port 546
>  }
>  protocol udp
>  source {
>  port 547
>  }
>  }
>  }
>  ipv6-receive-redirects disable
>  ipv6-src-route disable
>  ip-src-route disable
>  log-martians disable
> }
> 
> Regards,
> Chris
> 
> On Sun, Sep 8, 2019 at 2:14 PM Alex Wakefield <AlexWakefield at fastmail.com.au> wrote:
>> Hi,
>> 
>>  Does anyone have a working IPv6 setup for an EdgeRouter using the AussieBB beta? I'm using an EdgeRouter Lite running v2.0.6.
>> 
>>  My internal interface manages to get IPs out of the range handed out by Aussie but clients never get an address after that. I'm trying to use SLAAC to hand out IPs. Relevant config on my internet facing port below.
>> 
>>  ethernet eth0 { 
>>  address dhcp 
>>  description AussieBB 
>>  dhcpv6-pd { 
>>  pd 1 { 
>>  interface eth2.20 { 
>>  host-address ::1
>>  no-dns 
>>  prefix-id 0 
>>  service slaac 
>>  } 
>>  prefix-length 56 
>>  } 
>>  rapid-commit enable 
>>  } 
>>  duplex auto 
>>  firewall { 
>>  in { 
>>  ipv6-name AussieIn 
>>  name AussieIn
>>  } 
>>  local { 
>>  ipv6-name AussieLocal
>>  name AussieLocal
>>  } 
>>  out { 
>>  ipv6-name AussieOut
>>  name AussieOut
>>  } 
>>  } 
>>  ipv6 { 
>>  address { 
>>  autoconf 
>>  } 
>>  } 
>>  speed auto
>>  }
>> 
>>  Regards,
>>  Alex
>>  _______________________________________________
>>  AusNOG mailing list
>> AusNOG at lists.ausnog.net
>> http://lists.ausnog.net/mailman/listinfo/ausnog
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
> 


More information about the AusNOG mailing list