04-17-2018 05:05 AM
I'll try to be concise here so I can get whatever help to get IPv6 going on my net (I am deploying the Unifi USG 3p, before the USG I had only 3 AC-lite APs that were getting right and proper IPv6 addresses with a custom setup, anmely a rasperry pi 3 with dnsmasq for dhcpv4 and a draytek router between my network and the ISP's ONT).
the IPv6 prefix from the ISP is 2001:818:d9d9:ba00::1/56 (as appears in the router GUI). Any attempt I have made at prefix delegation is met with "the finger".
I tried a DHCPv6 prefix delegation with no success. all configurations I've tried with PD have failed.
What I've tried with best success is setting a static IP that I ripped from the Draytek, in which case I get ping6 working... at the USG. I still can't get IPv6 out to the APs. What am I doing wrong here? am I to suppose that i have to set a statig route from "whatever ipv6" from behind the gateway to the IPv6 address that i got to work? Frustrated here, so bear with me. Any pointers would help. Oh and yes I tried killing NAT rules with a json file... I'm not doing that again. What are my options here? I know it's all alpha stuff, but I want my IPv6 working.
04-17-2018 05:31 AM
04-17-2018 08:58 AM
My ISP is Vodafone Portugal. When I connect directly to their ONT I get a perfectly good and working 2001 ip6 address, which suggests to me that there is at least slaac and or dhcpv6 with a properly working subdelegation on their side; on my Draytek which I had after the ISP provided ONT (a Huawei smart router HG8274Q which is at the same time ONT, router and wireless access point) I suffered a bit the same problem as all ipv6 addresses I entered in the dhcpv6 range were refused by the gui as invalid. I copped out (heh) and activated the Draytek's bridge mode and everything was fine and dandy. Now with the unifi i have a bit the same problemas I had on the Draytek: I set up a static IP on the router (will give full IP if needed over PM) and at the router I get a live ping6, but on the LAN side i get no ping response (destination unreachable, but I do get numeric ip6 responses, ie: 2001:818:d9d9:xxxx:xxx:xxxx:fefa:400a (2001:818:d9d9:xxxx:xxx:xxxx:fefa:400a) icmp_seq=6 Destination unreachable: Address unreachable ) so the next question is what am I doing wrong, do I have to keep the same prefix, do I use some kind of subdelegation (ie 2001:818:d9d9:xxxx:xxx:xxxx:fefb:400a/64 instead of 2001:818:d9d9:ba00:xxx:xxxx:fefa:400a/64) as my router in the gui? or do I play an old IPv4 trick and use 2001:818:d9d9:ba00:xxx:xxxx:xxx:4001/64 (one up) as my router address?
04-17-2018 09:00 AM - edited 04-17-2018 09:02 AM
Do wired clients get an IPv6 address?
If so then you've probably got Block LAN to WLAN Multicast and Broadcast Data checked. This breaks ARP broadcasts which I still find mind-bogglingly stupid.
Edit - overlapping replies
04-17-2018 09:10 AM
All clients be it wired or wireless get a live IPv6 address when i use the ISP provided ONT. When i use the USG i can get as far as getting a ping6 at the wan point, but behind it i get network unreachable for both wired and wireless.