Hi all,
Thanks for all the config! I can't explain it, but just doing the release/renew
command below managed to make my setup "just work".
Hope everyone has a great week!
Regards,
Alex
On Sun, 8 Sep 2019, at 5:21 PM, Chris Lee wrote:
> Hi Alex,
>
> Yes have ER-X running 2.0.6 working well with ABB.. some snippet of interface
> and firewall stanzas below. I put the dhcpv6-pd on switch0 interface for my
> local LAN. I have a virtual interface on the WAN port as well to manage the
> Netcomm NFV modem from ABB that I put into bridge mode. Also have a Netgear
> 4G ethernet router on the second ethernet port that I use the load-balancing
> features with to failover to 4G automatically if NBN/ABB becomes unavailable
> (but haven't enabled IPv6 on the 4G yet), so far works fairly well.
>
> On occasion when there's been issues with IPv6 I've found I've had to
> manually release/delete the DUID and renew dhcpv6-pd on the edgerouter with
> the commands below.
>
> release dhcpv6-pd interface eth0
> delete dhcpv6-pd duid
> renew dhcpv6-pd interface eth0
>
> other than that just show interfaces and you should see your /128 IA-NA IPv6
> address on the eth0 interface and a /64 from the IA-PD on switch0 interface.
>
> interfaces {
> ethernet eth0 {
> address dhcp
> description "WAN Aussie Broadband FTTN"
> dhcp-options {
> default-route update
> default-route-distance 10
> name-server no-update
> }
> dhcpv6-pd {
> pd 0 {
> interface switch0 {
> host-address ::1
> prefix-id :1
> service slaac
> }
> prefix-length /56
> }
> rapid-commit disable
> }
> duplex auto
> firewall {
> in {
> ipv6-name WANv6_IN
> name WAN_IN
> }
> local {
> ipv6-name WANv6_LOCAL
> name WAN_LOCAL
> }
> }
> speed auto
> vif 3 {
> address 10.1.1.2/24
> description "NetComm Management"
> firewall {
> in {
> name WAN_IN
> }
> local {
> name WAN_LOCAL
> }
> }
> mtu 1500
> }
> }
> }
>
>
> firewall {
> ipv6-name WANv6_IN {
> default-action drop
> description "WAN inbound traffic forwarded to LAN"
> enable-default-log
> rule 10 {
> action accept
> description "Allow established/related sessions"
> protocol all
> state {
> established enable
> related enable
> }
> }
> rule 20 {
> action drop
> description "Drop invalid state"
> protocol all
> state {
> invalid enable
> }
> }
> rule 30 {
> action accept
> description "allow ICMPv6"
> protocol icmpv6
> }
> }
> ipv6-name WANv6_LOCAL {
> default-action drop
> description "WAN inbound traffic to the router"
> enable-default-log
> rule 10 {
> action accept
> description "Allow established/related sessions"
> protocol all
> state {
> established enable
> related enable
> }
> }
> rule 20 {
> action drop
> description "Drop invalid state"
> protocol all
> state {
> invalid enable
> }
> }
> rule 30 {
> action accept
> description "Allow IPv6 icmp"
> protocol ipv6-icmp
> }
> rule 40 {
> action accept
> description "allow dhcpv6"
> destination {
> port 546
> }
> protocol udp
> source {
> port 547
> }
> }
> }
> ipv6-receive-redirects disable
> ipv6-src-route disable
> ip-src-route disable
> log-martians disable
> }
>
> Regards,
> Chris
>
> On Sun, Sep 8, 2019 at 2:14 PM Alex Wakefield <alexwakefi...@fastmail.com.au>
> wrote:
>> Hi,
>>
>> Does anyone have a working IPv6 setup for an EdgeRouter using the AussieBB
>> beta? I'm using an EdgeRouter Lite running v2.0.6.
>>
>> My internal interface manages to get IPs out of the range handed out by
>> Aussie but clients never get an address after that. I'm trying to use SLAAC
>> to hand out IPs. Relevant config on my internet facing port below.
>>
>> ethernet eth0 {
>> address dhcp
>> description AussieBB
>> dhcpv6-pd {
>> pd 1 {
>> interface eth2.20 {
>> host-address ::1
>> no-dns
>> prefix-id 0
>> service slaac
>> }
>> prefix-length 56
>> }
>> rapid-commit enable
>> }
>> duplex auto
>> firewall {
>> in {
>> ipv6-name AussieIn
>> name AussieIn
>> }
>> local {
>> ipv6-name AussieLocal
>> name AussieLocal
>> }
>> out {
>> ipv6-name AussieOut
>> name AussieOut
>> }
>> }
>> ipv6 {
>> address {
>> autoconf
>> }
>> }
>> speed auto
>> }
>>
>> Regards,
>> Alex
>> _______________________________________________
>> AusNOG mailing list
>> AusNOG@lists.ausnog.net
>> http://lists.ausnog.net/mailman/listinfo/ausnog
> _______________________________________________
> AusNOG mailing list
> AusNOG@lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
_______________________________________________
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog
