Anyone using IPv6 with a /60?

Discussion in 'Tomato Firmware' started by blah123, Mar 16, 2014.

  blah123

    blah123

    I'm trying to use both additional virtual wireless networks and IPv6 so I need something more than a /64. I'm on Comcast so I can get a /60 with DHCPv6 with Prefix Delegation. I'm using Toastman v1.28.7503.7 and I haven't tried any other Tomato variants. So I'm not sure if this is just an issue with Toastman builds or Tomato in general. When I set the prefix to 60 instead of 64 it doesn't seem to make the necessary changes to some of the configuration files. I was able to get the router working by making changes to the /tmp/etc/dhcp6c.conf file and restarting dhcp6c and removing an ip6tables rule.

    Here is the modified dhcp6c.conf file. I added the lines with that start with *.

    interface vlan2 {
    * send ia-na 0;
    send ia-pd 0;
    send rapid-commit;
    request domain-name-servers;
    * request domain-name;
    script "/sbin/dhcp6c-state";
    id-assoc pd 0 {
    * prefix ::/60 infinity;

    prefix-interface br0 {
    sla-id 0;
    sla-len 4;

    * prefix-interface br1 {
    * sla-id 1;
    * sla-len 4;
    * };
    id-assoc na 0 { };

    I also had to remove this ip6tables rule from the FORWARD chain. I assigned the virtual wireless network to br1 so without removing this rule the virtual wireless network couldn't get out to the wan.

    ip6tables -A FORWARD -o vlan2 ! -i br0 -j logdrop

    Has anyone else tried to do something similar to this and if so were you able to get it work just from the web GUI?
  misterC

    misterC

    I could not get this to work. Whenever i restart dhcp6c, the file is overwritten. Am I missing a step? I tried both the config file in /tmp/etc and /etc.
  darkknight93

    darkknight93

    Dnsmasq itself follows RFC roules and specifications - so /64 is what he expects and this address range enables autoconfig Feature. not /65 or less than /63..
    so this might be an issue caused by IPv6 Design

    you could seperate 2 /64 - using /63 of your prefix on 2 lan ports -> mapped to vlans.
    your router will be Gateway for poth subnets, Routing packets locally although Internet adresses are supplied in the packets travelling across your 2 subnets.
  darkknight93

    darkknight93

    EDIT: I'm on shibby mod but toastman Firmware also uses dnsmasq for router adv in ipv6 right?
    so you Need to edit the advanced -> DNSmasq page i think

    for logging Details check /var/log/messages , restart the Service and check what Settings are compiled out of your config
  Spyros

    Spyros

    My ISPs router gives a /56 delegated prefix fine but it uses radvd and dhcpv6, not dnsmasq.
  misterC

    misterC

    Comcast currently gives a /60 instead of a /56 delegated prefix. But I have not been able to get Toastman's firmware to pull the /60.
  misterC

    misterC

    Comcast uses prefix delegation. Since i have multiple VLAN's, I expected Toastman firmware dhcpv6 client to be able to request a /60 prefix. http://www.ietf.org/rfc/rfc3633.txt . I assumed whatever Toastman is using for a dhcpv6 client would send the hint to my ISP's DHCP server to get the /60. I thought DNSMasq's role was handling DHCP on my lan side. So dnsmasq would assign /64's to my configured vlan's out of the /60 the dhcpv6 client picked up.

    While I have used Toastman for a over a year, I never bother looking under the hood. Apologies if I am misunderstanding the role of dnsmasq.
  Spyros

    Spyros

    Check your dhcp6c.conf in /etc, if sla-len 4; then dhcpv6 requests a /60 then dnsmasq will provide a /64 to each LAN interface (br0,br1 etc). That's how it works.
  misterC

    misterC

    Problem I'm having is that dhcp6c.conf is being overwritten when I restart dchp6c. Have not found what is causing that. I don't see a /etc/init.d directory so not sure where else to look. Hopefully I have time this weekend to do more digging.
  Spyros

    Spyros

    Why you want to edit dhcpc.conf? If there is no ipv6 in the second lan interface you have to add a line in advanced->dhcp/dns like

    dhcp-range=::1, ::FFFF:FFFF, constructor:br1, ra-names, 12h
    you may have to change br1 accordingly
  blah123

    blah123

    misterC are you using a Toastman version or something else and which version specifically? Mine has been running just fine since I made that original post. /etc is just a link to /tmp/etc so that should have been the same file.
  misterC

    misterC

    I'm using toastman. Have not had time to try modifying the file again.

    Tomato Firmware v1.28.7505 MIPSR2Toastman-RT K26 USB VLAN-VPN

