Hi everyone,
after spending most of my day reading up on the topic and trying it for myself (and with the help of my friends), it's time to ask the masters before this is driving me nuts.
I'm a AT&T client, specifically I got AT&T Gigapower/1000. This provides me the infamous Pace 5268AC as residential gateway. With said connection I get a more or less static IPv4 and IPv6 through a 6rd connection.
As you all can imagine, it's not joy having to deal with a modem where you can't even change the DNS server and where the wifi is ... well ...let's not make this ugly.
To optimize my situation, I added a few Unifi AP AC Pros and a Edgerouter X to my network gear. The Edgerouter X is sitting right behind my RG and is configured as DMZplus device, cascaded router and gets the public WAN address. Here's a screenshot of the setup on my RG:
Image may be NSFW.
Clik here to view.
IPv4 wise everything works great, Port Forwarding works and I couldn't really complain about it. IPv6 ... not so much ...
From what I've read up, I need to establish a 6rd tunnel on the Edgerouter and assign my addresses from there. I tried doing as described in this Thread and the support page described there. Unfortunately that didn't work for many different reasons. I spare you the details for now as they are might results from some misconfiguration on the tunnel.
My RG shows me the following info for the 6rd connection:
Image may be NSFW.
Clik here to view.
And eth0 (which I designated as my WAN0) gets an IPv6 address from the RG.
My configuration steps so far (that always end up failing when trying to commit) are:
set interfaces tunnel tun0 set interfaces tunnel tun0 6rd-default-gw 2602:300:c533:1510::1 set interfaces tunnel tun0 6rd-prefix 2602:300::/28 set interfaces tunnel tun0 address 2602:302:d14c:91f0:822a:x:fe9c:x/64 #my ipv6 as shown for eth0 on the erx set interfaces tunnel tun0 local-ip 45.2xx.xxx.xxx #my public ip set interfaces tunnel tun0 encapsulation sit set interfaces tunnel tun0 ttl 255 set interfaces tunnel tun0 multicast disable
This always fails with either "No router to host" or some other failure when commiting.
ping6 to google.com work on the ERX
For the sake of completing all information, here's my firewall setup
all-ping enable
broadcast-ping disable
ipv6-name WAN6_IN {
default-action drop
rule 10 {
action accept
description "allow established"
protocol all
state {
established enable
related enable
}
}
rule 20 {
action drop
description "drop invalid packets"
protocol all
state {
invalid enable
}
}
rule 30 {
action accept
description "allow ICMPv6"
protocol icmpv6
}
}
ipv6-name WAN6_LOCAL {
default-action drop
rule 10 {
action accept
description "allow established"
protocol all
state {
established enable
related enable
}
}
rule 20 {
action drop
description "drop invalid packets"
protocol all
state {
invalid enable
}
}
rule 30 {
action accept
description "allow ICMPv6"
protocol icmpv6
}
rule 40 {
action accept
description "allow DHCPv6 client/server"
destination {
port 547
}
protocol udp
source {
port 547
}
}
}
ipv6-receive-redirects disable
ipv6-src-route disable
ip-src-route disable
log-martians enable
I don't know exactly what I'm doing wrong, I feel like I have all information but having trouble connection the 6rd BR and 6rd Default Gateway to the correct parameters.
Please help me connecting these dots so that my clients on the ERX will receive a IPv6 that they can make use of.
Any help is highly appreciated and will be used to help others in the future Image may be NSFW.
Clik here to view.