| reply to SimplePanda
Re: IPv6 beta Hello everyone. I was doing some searching but got no results.
I just got TekSavvy service, with a static IPv4, a /28 IPv4 block, a /64 IPv6 block, and a /56 IPv6 block, all on my @wiredhighspeed.com login. NO MLPPP.
I have a Mikrotik Routerboard RB433GL running RouterOS v6.0 release, and I can't for the life of my figure out what I'm supposed to do to get IPv6 connectivity.
I read that I need to assign an address from the /64 to my PPPeE interface. Done. But I can't ping it from my remote server. Why would that be the case? Once I get this up I will be assigning two /64 subnets from my /56 to my two internal interfaces. Is this any harder than using a HE tunnel (what I had before on Bell)?
I'd appreciate any help, especially detailed e-mail help from anyone in the know.
Thanks,
Joshua |
|
rpnc
join:2011-06-08
Markham, ON | said by djbon2113 :Hello everyone. I was doing some searching but got no results.
I just got TekSavvy service, with a static IPv4, a /28 IPv4 block, a /64 IPv6 block, and a /56 IPv6 block, all on my @wiredhighspeed.com login. NO MLPPP.
I have a Mikrotik Routerboard RB433GL running RouterOS v6.0 release, and I can't for the life of my figure out what I'm supposed to do to get IPv6 connectivity.
I read that I need to assign an address from the /64 to my PPPeE interface. Done. But I can't ping it from my remote server. Why would that be the case? Once I get this up I will be assigning two /64 subnets from my /56 to my two internal interfaces. Is this any harder than using a HE tunnel (what I had before on Bell)?
I'd appreciate any help, especially detailed e-mail help from anyone in the know.
Thanks,
Joshua
Teksavvy gives us a /64 and a /56. With the two router types that I tried, the IPv6 version of PPPoE would automatically get an IPv6 addressed assigned from the /64 block for the router’s WAN. I had to configure PPPoE separately for IPv4 and IPv6. I configured my LAN to use one of the blocks within the /56. |
|
| Have you used RouterOS? This seems to be a problem particular to this platform. It does not grab IPv6 information off the PPPoE session. |
|
|
|
rpnc
join:2011-06-08
Markham, ON | No, I haven't used RouterOS. With OpenWRT and D-Link, I had to create a separate PPPoE session for IPv6. Does RouterOS have a separate PPPoE login page specific to IPv6? |
|
| reply to TSI Gabe
Just an FYI to everyone, the new Apple AirPort and AirPort Time Capsule 802.11ac devices still DO NOT support IPv6 over PPPoE. Shame. |
|
| MaxOS X and IPhone do not process RA messages on ppp links at all.
Same for their routers. |
|
| reply to TSI Gabe
Does anyone know how to configure my Dlink wbr 2310 router with IPv6?
I'm at a loss.
Thanks |
|
rpnc
join:2011-06-08
Markham, ON | The WBR 2310 is not on D-Link's list of IPv6 routers. The list is here: »www.dlink.com/us/en/technology/d···olutions |
|
Grokko
join:2013-04-11
Ottawa, ON | reply to djbon2113
I have successfully figured out how to get ipv6 functioning with RouterOS 6.1 on RB2011.
In my case, I only used the /64 block so far. I don't have any use case for the /56 yet, so I've left that out for the moment. This is a work in progress as I explore features.
Confirm your PPPoE connection uses the hsiservice.net credentials provided by TekSavvy.
Assuming your PPPoE interface name is "pppoe-out1", copy this configuration to a winbox terminal:
#This uses DHCPv6 to create an address pool
/ipv6 dhcp-client
add add-default-route=yes interface=pppoe-out1 pool-name=tsi use-peer-dns=yes
# MUST CONFIGURE FILTER! otherwise internal machine ports are exposed to the internet by default.
/ipv6 firewall filter
add chain=input connection-state=established
add chain=input connection-state=related
add action=drop chain=input connection-state=invalid
add chain=input in-interface=!pppoe-out1
add chain=forward comment="Allow any to internet" out-interface=pppoe-out1
add chain=forward comment="Allow established connections" connection-state=established
add chain=input comment="RB-FW: Allow ICMPv6" protocol=icmpv6
# Still want SSH, and TELNET access locally to access router, but not externally
# (could also define FTP, but FTP is disabled)
add action=reject chain=input dst-port=22 in-interface=pppoe-out1 protocol=tcp
add action=reject chain=input dst-port=23 in-interface=pppoe-out1 protocol=tcp
# want internal DNS, but don't want external entities
add action=drop chain=input dst-port=53 in-interface=pppoe-out1 protocol=udp
/ipv6 nd
set [ find default=yes ] advertise-dns=yes interface=bridge-local managed-address-configuration=yes other-configuration=yes
add advertise-dns=yes hop-limit=64 interface=pppoe-out1 managed-address-configuration=yes other-configuration=yes
Now, the final thing to do to make everything work is to add an ipv6 address to the bridge-local interface. Since I specified that the dhcp-client should make a pool called "tsi", I will add an address using winbox for bridge-local and use the from-pool option and set it to "tsi". Thus an ipv6 address will appear in the list of ipv6 addresses.
At that point, Windows Vista clients, linux clients saw the address from neighbor discovery, and properly connected to the internet.
Now, for /ipv6 dhcp-client, i set use-peer-dns=no, and the only reason I do this is because I have some static entries for the local network. If you use-peer-dns=yes, then Teksavvy will act as your dns, not the local DNS in RouterOS.
If you have linux machines, your /etc/network/interfaces should look like this if you want your router to assign the prefix and routing through neighbor discovery:
# The primary network interface
auto eth0
iface eth0 inet dhcp
iface eth0 inet6 auto |
|
| reply to TSI Gabe
Does anyone have this working with PFSense RC2.1 on a MLPPP setup with a @teksavvy.com login? I have a 2x 25M/2M MLPPP setup on PFsense RC2.1 and the WAN setup to accept DHCP6 with the DHCPv6 Prefix Delegation size setup 64 as per Gabe's instruction. But no IPV6 is allocated.
PS. I am located here out West and according to Gabe BC/AB is straight DHCP and /64. Thanks in advance
Jacob |
|
| reply to TSI Gabe
Sorry to followup, for logs I just get a continuous iteration of the following in the PPP Logs:
Jul 5 14:29:22 ppp: [wan] IPV6CP: SendConfigReq #20
Jul 5 14:29:22 ppp: [wan] IPV6CP: rec'd Configure Ack #20 (Req-Sent)
Jul 5 14:29:22 ppp: [wan] IPV6CP: state change Req-Sent --> Ack-Rcvd
Jul 5 14:29:24 ppp: [wan] IPV6CP: state change Ack-Rcvd --> Req-Sent
Jul 5 14:29:24 ppp: [wan] IPV6CP: SendConfigReq #21
Jul 5 14:29:25 ppp: [wan] IPV6CP: rec'd Configure Ack #21 (Req-Sent)
Jul 5 14:29:25 ppp: [wan] IPV6CP: state change Req-Sent --> Ack-Rcvd
Jul 5 14:29:27 ppp: [wan] IPV6CP: state change Ack-Rcvd --> Req-Sent |
|
brad
join:2007-09-06
Etobicoke, ON | reply to Grokko
said by Grokko:In my case, I only used the /64 block so far. I don't have any use case for the /56 yet, so I've left that out for the moment. This is a work in progress as I explore features.
You don't have anything on your inside network? |
|
Grokko
join:2013-04-11
Ottawa, ON
1 edit | said by brad:said by Grokko:In my case, I only used the /64 block so far. I don't have any use case for the /56 yet, so I've left that out for the moment. This is a work in progress as I explore features.
You don't have anything on your inside network? Yes, but they use stateless configuration, and use the prefix from the /64 block to create their own addresses. I use the firewall to protect their ports externally.
Interestingly enough, if you use queue trees for packet shaping, you must copy the mangling rules from the ipv4 configuration, or none of your ipv6 traffic will be shaped and usually take all the bandwidth.
Ie, in a RouterOs winbox terminal:
/ip firewall mangle export
/ipv6 firewall mangle
I found this out because I had just started an apt-get update on a linux box, and my wife mentioned that the voip call became choppy. The linux apt-get was using ipv6 by default, and thus wasn't marking the packets. The operation above solved that problem. |
|
brad
join:2007-09-06
Etobicoke, ON | said by Grokko:Yes, but they use stateless configuration, and use the prefix from the /64 block to create their own addresses. I use the firewall to protect their ports externally.
That's not the point. You know the /56 is for your LAN? The /64 is for your DSL link. |
|
Grokko
join:2013-04-11
Ottawa, ON
1 edit | That's not the point. You know the /56 is for your LAN? The /64 is for your DSL link. Ah, I didn't know that. That /64 block looked like one giant DMZ to me. Thanks for the info. I created the /56 pool and assigned an address from that instead, and it all works. |
|
| reply to brad
said by brad:That's not the point. You know the /56 is for your LAN? The /64 is for your DSL link.
Well, functionally, you can use the /64 for your LAN; there's nothing preventing one from doing so. I haven't touched my /56 since I signed up. |
|
brad
join:2007-09-06
Etobicoke, ON | said by squircle:Well, functionally, you can use the /64 for your LAN; there's nothing preventing one from doing so. I haven't touched my /56 since I signed up.
True, but that's not really the intent and if the proper auto configuration mechanisms were in place on TSIs side you wouldn't be manually configuring everything. It would just be doing what its supposed to. |
|
| You're absolutely right. I personally find it hard to get out of the address space conservation mindset (why use a /56 when we can use a /64) but I understand the point you're making. I have to come to accept that assigning 18,446,744,073,709,551,616 addresses to a point-to-point link is accepted practice. |
|
brad
join:2007-09-06
Etobicoke, ON | said by squircle:You're absolutely right. I personally find it hard to get out of the address space conservation mindset (why use a /56 when we can use a /64) but I understand the point you're making. I have to come to accept that assigning 18,446,744,073,709,551,616 addresses to a point-to-point link is accepted practice.
A lot of people are just used to the way they've done things with IPv4 and try to transfer those practices over to IPv6 but things don't work in the same manner. Things were designed to be more flexible. A lot of poor choices have been made for network design based simply on the fact we live in an IPv4 world and there was limited address space that would not have existed if the address space was not so limited. |
|
| reply to squircle
I have to come to accept that assigning 18,446,744,073,709,551,616 addresses to a point-to-point link is accepted practice. Actually for inter-router links, you can use a /127 per RFC 6164:
On inter-router point-to-point links, it is useful, for security and
other reasons, to use 127-bit IPv6 prefixes. Such a practice
parallels the use of 31-bit prefixes in IPv4. This document
specifies the motivation for, and usages of, 127-bit IPv6 prefix
lengths on inter-router point-to-point links.
|
|
| reply to TSI Gabe
Any news on when IPV6 is coming to cable? I know I can use one of those tunnels, but I would prefer to have native support instead. |
|
brad
join:2007-09-06
Etobicoke, ON | said by dmitry_tek:Any news on when IPV6 is coming to cable? I know I can use one of those tunnels, but I would prefer to have native support instead.
Rogers will have to roll out v6 before the ATPIA providers can even consider doing so. |
|
| Rogers's IPv6 website doesn't seem to have been updated recently and Google doesn't bring up anything of interest for the past year or so. Any idea how things are progressing on their end? |
|
brad
join:2007-09-06
Etobicoke, ON
1 edit | said by tross:Rogers's IPv6 website doesn't seem to have been updated recently and Google doesn't bring up anything of interest for the past year or so. Any idea how things are progressing on their end?
From the Rogers forum it would appear they are doing some forms of field trials in some areas with their business customers first. They are more than likely also doing internal testing with employees only as well; which I've heard of from some other MSOs as well. On the surface you're not hearing much but most of the North American MSOs are doing field trials/testing whether its consumer or business side first varies and/or internal employees. From the looks of it some of these MSOs will be making full on production roll outs within the next 6 months just as Comcast has and are very close to completing. |
|
| That's interesting, thanks for that. So there's something to look forward to. |
|
Reviews:
 ·TekSavvy DSL
| reply to TSI Gabe
Before I go and read all 33 pages of this thread. 
Are there any drawbacks in switching to IPv6 for your home LAN (other than the obvious need for some re-configuration? Things like known services breaking (Netflix, VoIP come to mind).
I'm connecting on VDSL (PPPoE) in the GVA. I have a pfSense router - do I need to update from 2.0.3 firmware?
Is this actually still a beta?
Thanks,
Luca |
|
Reviews:
·TekSavvy DSL
| said by Ternerito:Before I go and read all 33 pages of this thread.
Are there any drawbacks in switching to IPv6 for your home LAN (other than the obvious need for some re-configuration? Things like known services breaking (Netflix, VoIP come to mind).
I'm connecting on VDSL (PPPoE) in the GVA. I have a pfSense router - do I need to update from 2.0.3 firmware?
Is this actually still a beta?
Thanks,
Luca
- Yes it's still a beta.
- I don't think it works at all in Vancouver anyways (Ontario/Quebec only as far as I know).
- It's unusably latent during peak periods and it's generally faster to tunnel if you NEED IPv6 access for something. |
|
Reviews:
·TekSavvy DSL
| Thanks for replying SimplePanda. Where does the extra latency come from, compared to ipv4? I'm taking a course, and the instructor was explaining that ipv6 as the best thing since sliced bread. He also mentioned that teksavvy is one provider who offers it, so I thought maybe time to try it. If it's not available in GVA, then that simplifies things a lot.  |
|
Reviews:
·TekSavvy DSL
| said by Ternerito:Where does the extra latency come from, compared to ipv4? The PPPoE sessions for the IPv6/IPv4 combined login terminate on a different set of equipment from the PPPoE sessions for the pure IPv4 sessions. This equipment or the lines to it is congested during peak periods. It's nothing to do with it being IPv6, just to do with it being in beta so they aren't throwing tons of resources at it. Once it comes out of beta and ends up on the main equipment it should be fine. |
|
| Does anyone know when ipv6 is coming out of beta, and extended to the whole TS customer base? |
|
