[AusNOG] EdgeRouter IPv6 on AussieBB

Matthew Moyle-Croft mmc at mmc.com.au
Mon Sep 9 15:19:51 EST 2019 

If problem persists I've got a script the you can schedule to run and it'll
do this for you.

On Mon, Sep 9, 2019 at 10:40 AM Alex Wakefield <
AlexWakefield at fastmail.com.au> wrote:

> Hi all,
>
> Thanks for all the config! I can't explain it, but just doing the
> release/renew command below managed to make my setup "just work".
>
> Hope everyone has a great week!
>
> Regards,
> Alex
>
>
> On Sun, 8 Sep 2019, at 5:21 PM, Chris Lee wrote:
> > Hi Alex,
> >
> > Yes have ER-X running 2.0.6 working well with ABB.. some snippet of
> interface and firewall stanzas below. I put the dhcpv6-pd on switch0
> interface for my local LAN. I have a virtual interface on the WAN port as
> well to manage the Netcomm NFV modem from ABB that I put into bridge mode.
> Also have a Netgear 4G ethernet router on the second ethernet port that I
> use the load-balancing features with to failover to 4G automatically if
> NBN/ABB becomes unavailable (but haven't enabled IPv6 on the 4G yet), so
> far works fairly well.
> >
> > On occasion when there's been issues with IPv6 I've found I've had to
> manually release/delete the DUID and renew dhcpv6-pd on the edgerouter with
> the commands below.
> >
> > release dhcpv6-pd interface eth0
> > delete dhcpv6-pd duid
> > renew dhcpv6-pd interface eth0
> >
> > other than that just show interfaces and you should see your /128 IA-NA
> IPv6 address on the eth0 interface and a /64 from the IA-PD on switch0
> interface.
> >
> > interfaces {
> >  ethernet eth0 {
> >  address dhcp
> >  description "WAN Aussie Broadband FTTN"
> >  dhcp-options {
> >  default-route update
> >  default-route-distance 10
> >  name-server no-update
> >  }
> >  dhcpv6-pd {
> >  pd 0 {
> >  interface switch0 {
> >  host-address ::1
> >  prefix-id :1
> >  service slaac
> >  }
> >  prefix-length /56
> >  }
> >  rapid-commit disable
> >  }
> >  duplex auto
> >  firewall {
> >  in {
> >  ipv6-name WANv6_IN
> >  name WAN_IN
> >  }
> >  local {
> >  ipv6-name WANv6_LOCAL
> >  name WAN_LOCAL
> >  }
> >  }
> >  speed auto
> >  vif 3 {
> >  address 10.1.1.2/24
> >  description "NetComm Management"
> >  firewall {
> >  in {
> >  name WAN_IN
> >  }
> >  local {
> >  name WAN_LOCAL
> >  }
> >  }
> >  mtu 1500
> >  }
> >  }
> > }
> >
> >
> > firewall {
> >  ipv6-name WANv6_IN {
> >  default-action drop
> >  description "WAN inbound traffic forwarded to LAN"
> >  enable-default-log
> >  rule 10 {
> >  action accept
> >  description "Allow established/related sessions"
> >  protocol all
> >  state {
> >  established enable
> >  related enable
> >  }
> >  }
> >  rule 20 {
> >  action drop
> >  description "Drop invalid state"
> >  protocol all
> >  state {
> >  invalid enable
> >  }
> >  }
> >  rule 30 {
> >  action accept
> >  description "allow ICMPv6"
> >  protocol icmpv6
> >  }
> >  }
> >  ipv6-name WANv6_LOCAL {
> >  default-action drop
> >  description "WAN inbound traffic to the router"
> >  enable-default-log
> >  rule 10 {
> >  action accept
> >  description "Allow established/related sessions"
> >  protocol all
> >  state {
> >  established enable
> >  related enable
> >  }
> >  }
> >  rule 20 {
> >  action drop
> >  description "Drop invalid state"
> >  protocol all
> >  state {
> >  invalid enable
> >  }
> >  }
> >  rule 30 {
> >  action accept
> >  description "Allow IPv6 icmp"
> >  protocol ipv6-icmp
> >  }
> >  rule 40 {
> >  action accept
> >  description "allow dhcpv6"
> >  destination {
> >  port 546
> >  }
> >  protocol udp
> >  source {
> >  port 547
> >  }
> >  }
> >  }
> >  ipv6-receive-redirects disable
> >  ipv6-src-route disable
> >  ip-src-route disable
> >  log-martians disable
> > }
> >
> > Regards,
> > Chris
> >
> > On Sun, Sep 8, 2019 at 2:14 PM Alex Wakefield <
> AlexWakefield at fastmail.com.au> wrote:
> >> Hi,
> >>
> >>  Does anyone have a working IPv6 setup for an EdgeRouter using the
> AussieBB beta? I'm using an EdgeRouter Lite running v2.0.6.
> >>
> >>  My internal interface manages to get IPs out of the range handed out
> by Aussie but clients never get an address after that. I'm trying to use
> SLAAC to hand out IPs. Relevant config on my internet facing port below.
> >>
> >>  ethernet eth0 {
> >>  address dhcp
> >>  description AussieBB
> >>  dhcpv6-pd {
> >>  pd 1 {
> >>  interface eth2.20 {
> >>  host-address ::1
> >>  no-dns
> >>  prefix-id 0
> >>  service slaac
> >>  }
> >>  prefix-length 56
> >>  }
> >>  rapid-commit enable
> >>  }
> >>  duplex auto
> >>  firewall {
> >>  in {
> >>  ipv6-name AussieIn
> >>  name AussieIn
> >>  }
> >>  local {
> >>  ipv6-name AussieLocal
> >>  name AussieLocal
> >>  }
> >>  out {
> >>  ipv6-name AussieOut
> >>  name AussieOut
> >>  }
> >>  }
> >>  ipv6 {
> >>  address {
> >>  autoconf
> >>  }
> >>  }
> >>  speed auto
> >>  }
> >>
> >>  Regards,
> >>  Alex
> >>  _______________________________________________
> >>  AusNOG mailing list
> >> AusNOG at lists.ausnog.net
> >> http://lists.ausnog.net/mailman/listinfo/ausnog
> > _______________________________________________
> > AusNOG mailing list
> > AusNOG at lists.ausnog.net
> > http://lists.ausnog.net/mailman/listinfo/ausnog
> >
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20190909/90f62ebe/attachment.html>

More information about the AusNOG mailing list