IPV6 First Time

Gents,
I received for the first time an IPV6 Prefix with DNS, from my ISP from a dhcpV6…
But the Wan6 interface do not have an IPV6 …
What I need to do to force my Turris to pick up an adress on the prefix ?
Regards,

In fact, even I do not have an IPV6 on the WAN interface everything is working well.
I can ping6 addresses from the router and from a host on the lan and join IPV6 site …
I found in my ISP Forum that there are using RFC6603 Prefix Exclude Option for DHCPv6-based Prefix Delegation. May be it’s an explanation to do not have ip on WAN6 …

This is very common. There is no need to have some global IPv6 address on the WAN interface. The IPv6 address from delegated prefix that is used on LAN side is as good as any other address. Some providers prefer to have WAN link using only Link-local addressing so one customer uses only one network prefix, not a network prefix + 1 address from WAN prefix.

1 Like

I’m also quite new to ipv6. Does this mean there is a NAT on the provider side? If not, how could a link-local WAN address work?

No, there is no NAT. IP addressing is preserved end-to-end: source field is your computer’s address, destination is somewhere on the Internet. IP addressing of intermediate routers does not affect the way the packet looks, it is only used for determining next hop link layer address if the medium happens to be multipoint network like Ethernet.

For instance: you send a datagram from 2001:db8:aaaa::1 to 2001:db8:bbbb::2. Your computer’s routing table says this:

default via fe80::aaaa:bbbb:cccc:dddd dev eth0

Notice the link local address of your router. Your computer will resolve the link layer address of your router by means of NDP protocol and figures out that the MAC address is 02:12:34:56:78:aa, so it sends the original IPv6 datagram to that MAC address. Router receives it and consults it’s own routing table:

default from 2001:db8:aaaa::/48 via fe80::bbbb:cccc:dddd:eeee dev eth2 

So it will do an NDP discovery of the address fe80::bbbb:cccc:dddd:eeee on the link eth2 to find out that it should be delivered to MAC address 02:34:56:78:9a:bc it just sends the very same IPv6 datagram there. You see, there is no need to have public IPv6 everywhere as long as endpoints have global IPv6 address and the whole path is capable of forwarding IPv6 traffic.

4 Likes

Thanks a lot for your explanation. Your right every thing is working well without any NAT or IP on WAN.
I found the link below very interesting to understand IPV6 :

I’m sorry for taking this a bit off-topic - I promise this is the last message in this thread :slight_smile:

But this means the router itself is inaccessible from the Internet, while the LAN computers can be, right (if the firewall permits)? I’m just thinking why the router would not assign itself an address from the delegated prefix, too, if it gives addresses to the LAN clients (or permits them to have them via SLAAC).

In theory, router could be indeed inaccessible from the internet. In practice, it will very likely assign one global IPv6 address to (each) LAN interface. And you can of course use it to reach the router from the internet as it is not relevant on which interface the address is sitting.

Regarding OpenWRT, this is hardcoded that each interface with IPv6 will get assigned PREFIX::1 so you cannot get rid of the global address on your LAN interface(s). So set up your firewall properly. :slight_smile:

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.