O Canada! > Canadian > TekSavvy > IPv6 beta

reply to mactalla

Re: IPv6 beta

Thanks for your reply! I have tried your suggestion, but unfortunately there was no change.

Something I forgot to include in the original post was that when I restart my firewall, I get some errors:

root@DeltaNet:/etc/config# /etc/init.d/firewall restart
Loading defaults
ip6tables: No chain/target/match by that name.
ip6tables: No chain/target/match by that name.
ip6tables: No chain/target/match by that name.
ip6tables: No chain/target/match by that name.
ip6tables: No chain/target/match by that name.
ip6tables: No chain/target/match by that name.
Loading synflood protection
Adding custom chains
Loading zones
Loading forwardings
Loading redirects
Loading rules
Loading includes
Loading interfaces
ip6tables: No chain/target/match by that name.
root@DeltaNet:/etc/config#


reply to isocat
isocat,

I am using OpenWRT successfully. However, I'm running version 10.03.1. Version 10.03.1 uses a new integrated IPv4/IPv6 firewall. I was able to add the iputils-traceroute6 package in 10.03.1 to get traceroute6.

I have kept a record of how I configured OpenWRT. I did a lot with the GUI but some had to be done with config files.

In GUI (better with Firefox):
- System > Administration > Router Password
Password: xxxxxxxx
Confirmation: xxxxxxxx
- System > Administration > SSH Access
Interface: lan
Save & Apply.

- Network > Interfaces > WAN > General Setup
Protocol: PPPoE
PAP/CHAP username: xxxxx@hsiservice.net
PAP/CHAP password: xxxxxxxx
Save & Apply.

From PuTTY:
opkg update
opkg install kmod-ipv6 radvd ip kmod-ip6tables ip6tables wide-dhcpv6-server ntpclient iputils-traceroute6
reboot

- Network > DHCP and DNS > Static Leases > Add
Hostname: CanonPrinter
MAC-Address: xx:xx:xx:xx:xx:xx
IPv4-Address: 192.168.1.xx
Save & Apply.

- Network > Wifi > radio0 > Device Configuration > General Setup
Enable
- Network > Wifi > radio0 > Interface Configuration > General Setup
ESSID: xxxxxx
- Network > Wifi > Interface Configuration > Wireless Security
Encryption: WPA2-PSK
Key: xxxxxxxx
Save & Apply.

- Network > Firewall > Zones
wan/Input: drop
wan/Forward: drop
Save & Apply.

- Network > Interfaces > WAN > Advanced Settings
Enable IPv6 negotiation on the PPP link: yes
Save & Apply.

- Network > Interfaces > LAN > General Setup
IPv6 address: 2607:f2c0:f0xx:xxxx::1/56
- Network > Interfaces > LAN > Advanced Setup
Override MTU: 1492
Save & Apply.

From PuTTY:
vi /etc/config/network
- under config 'interface' 'wan', add
option 'ip6addr' '2607:f2c0:a0xx:xxxx::1/64'

vi /etc/sysctl.conf
- remove comment # from net.ipv6.conf.all.forwarding=1
reboot

- System > Startup > Initscripts
enable radvd

Note: get MTU by pinging an IPv6 computer on the internet with -l size and finding the max size (1444) and add
- 40 bytes for the IPv6 header
- 4 bytes for the ICMPv6 header
- 4 bytes for the ICMPv6 echo request header
From PuTTY:
vi /etc/config/radvd
- under config interface
option AdvLinkMTU 1492
option AdvOtherConfigFlag 1
option ignore 0
- under config prefix (note that prefix is /64 not /56)
list prefix '2607:f2c0:f0xx:xxxx::/64'
option AdvValidLifetime 14400
option AdvPreferredLifetime 14400
option ignore 0

vi /etc/config/dhcp6s
- change to
option 'enabled' '1'

vi /etc/dhcp6s.conf (new file)
option domain-name-servers 2607:f2c0:f0xx:xxxx::1;

vi /etc/hosts
fe80::xxxx:xxxx:xxxx:xxxx xxxxxxx
fe80::xxxx:xxxx:xxxx:xxxx xxxxxxx
fe80::xxxx:xxxx:xxxx:xxxx xxxxxxx
fe80::xxxx:xxxx:xxxx:xxxx xxxxxxx
fe80::xxxx:xxxx:xxxx:xxxx xxxxxxx
fe80::xxxx:xxxx:xxxx:xxxx xxxxxxx

reboot

- System > Backup / Flash Firmware
Download backup: Generate archive
Done.

Here are some of the resulting configuration files:
root@OpenWrt:/etc/config# cat /etc/config/network

config 'interface' 'loopback'
option 'ifname' 'lo'
option 'proto' 'static'
option 'ipaddr' '127.0.0.1'
option 'netmask' '255.0.0.0'

config 'interface' 'lan'
option 'ifname' 'eth0'
option 'type' 'bridge'
option 'proto' 'static'
option 'ipaddr' '192.168.1.1'
option 'netmask' '255.255.255.0'
option 'ip6addr' '2607:f2c0:f0xx:xxxx::1/56'
option 'mtu' '1492'

config 'interface' 'wan'
option 'ifname' 'eth1'
option '_orig_ifname' 'eth1'
option '_orig_bridge' 'false'
option 'proto' 'pppoe'
option 'password' 'xxxxx'
option 'ipv6' '1'
option 'ip6addr' '2607:f2c0:a0xx:xxxx::1/64'
option 'username' 'xxxxx@hsiservice.net'

config 'switch'
option 'name' 'rtl8366s'
option 'reset' '1'
option 'enable_vlan' '1'

config 'switch_vlan'
option 'device' 'rtl8366s'
option 'vlan' '1'
option 'ports' '0 1 2 3 5'

root@OpenWrt:/etc/config# cat /etc/config/radvd
config interface
option interface 'lan'
option AdvSendAdvert 1
option AdvManagedFlag 0
option AdvLinkMTU 1492
option AdvOtherConfigFlag 1
list client ''
option ignore 0

config prefix
option interface 'lan'
# If not specified, a non-link-local prefix of the interface is used
list prefix '2607:f2c0:f0xx:xxxx::/64'
option AdvOnLink 1
option AdvAutonomous 1
option AdvRouterAddr 0
option AdvValidLifetime 14400
option AdvPreferredLifetime 14400
option ignore 0

config route
option interface 'lan'
list prefix ''
option ignore 1

config rdnss
option interface 'lan'
# If not specified, the link-local address of the interface is used
list addr ''
option ignore 1

config dnssl
option interface 'lan'
list suffix ''
option ignore 1

root@OpenWrt:/etc# cat /etc/dhcp6s.conf
option domain-name-servers 2607:f2c0:f0xx:xxxx::1;

Thanks very much, rpnc! :)

I also have 10.03.1 (r29592). Are you using bcrm-2.4 or brcm47xx? For some reason I am unable to add traceroute6:

root@DeltaNet:/etc# opkg update
Downloading »downloads.openwrt.org/backfire/1···kages.gz.
Inflating »downloads.openwrt.org/backfire/1···kages.gz.
Updated list of available packages in /var/opkg-lists/packages.
root@DeltaNet:/etc# opkg install iputils-traceroute6
Unknown package 'iputils-traceroute6'.
Collected errors:
* opkg_install_cmd: Cannot install package iputils-traceroute6.


Thanks very kindly for your detailed post, I will go through it and see if I can figure out where I went wrong.

I have openwrt-ar71xx-dir-825-b1-squashfs-*.bin running on a D-Link DIR-825.

My list of packages are at:
»downloads.openwrt.org/backfire/1···ackages/

Yours are at:
»downloads.openwrt.org/backfire/1···ackages/

In my packages, I see iputils-traceroute6_20101006-1_ar71xx.ipk but I don't see it in yours. Yours has tcptraceroute6_1.0.1-1_brcm-2.4.ipk but I can't get tcptraceroute6 to work - apparently due to bug #8153.