Customizing Tomato with IPv6 bridge

Discussion in 'Tomato Firmware' started by AeN0, Jan 4, 2008.

  1. AeN0

    AeN0 Network Guru Member


    I just got native ipv6 connection through my modem (a /64 address) and I'm trying to use Tomato as a software bridge for ipv6 (not tunnel !) and still leave the NAT IPv4 working. How ? By compiling the kernel with IPv6 support and the tool "ebtables".

    So far, I have managed to compile the kernel with IPv6 support except this tool ebtables. I have this enabled in the .config (just a small part) by using make menuconfig:


    and after make modules but this does NOT build anything related to ebtables (means no ebtables.o nor ebtable_broute.o) ...

    nb : I have also tried to build the whole firmware with this .config but still not working. ebtables: command not found, lsmod does not list ebtables nor ebtable_broute.

    Tomato uses the 2.4.20 kernel from linksys (sources can be found here) and it already have ebtables sources in ...

    Do I have forgot something ?

    Thanks !
  2. AeN0

    AeN0 Network Guru Member

    Quick reply to say I have successively compiled the ebtable_broute module. The problem was that the original maintainer "half-patched" the kernel to support ebtables. I did the patching process again and It compiled.

    Next, I have compiled the ebtables userspace configuration tool in the old way (means by hand) because I don't know how to include the tool directly when the makefile builds the firmware.

    For the meantime, I use a script to wget ebtables and configure the ipv6 bridge with these two commands

    brctl addif br0 vlan1
    ebtables -t broute -A BROUTING -i vlan1 -p ! ipv6 -j DROP

    IPv6 is now working on my XP comp and my mac with ipv4 NAT.
  3. mstombs

    mstombs Network Guru Member

    I'm curious about the brctl command. You seem to join the WAN port directly to the LAN bridge - doesn't this just bypass the router functionality?
  4. AeN0

    AeN0 Network Guru Member

    It's the point. Thanks to ebroute, only IPv6 traffic is allowed directly between the WAN and the LAN (IPv4 traffic can't cross the bridge and uses the usual path for NAT routing). The WRT does not know anything about the IPv6 traffic since it's only a bridge and thanks to IPv6 Stateless Autoconfiguration, there is no need for routing since each computer have its own public IP address.

    My modem is designed by my ISP and it's actually running Linux with radvd [Linux IPv6 Router Advertisement Daemon]).
  5. mstombs

    mstombs Network Guru Member

  6. Raedwulf

    Raedwulf Guest

    Am I correct that this bridging will enable ipv6 support for computers connected to the router if there is a native ipv6 connection from the modem?
  7. yanfox

    yanfox Connected Client Member

    @AeN0 Hi/salut ;)

    I think we have the same operator. I have the same pb but with the shibby's ARM release (

    I don't know if sources are available for this version... but maybe if you explain your solution in the main topic, shibby will can help ?

    I'm almost sure that brouting implementation is the problem because when I type in terminal the second command :
    ebtables -t broute -A BROUTING -i vlan1 -p ! ipv6 -j DROP

    I've this :
    The kernel doesn't support a certain ebtables extension, consider recompiling your kernel or insmod the extension.

    Thanks/Merci ;-)
    qinyq likes this.
  8. qinyq

    qinyq Reformed Router Member

    @yanfox Hand shake...I encountered excatly the same problem with you and the thread owner... Did you find any solution to make the ebtables -t broute -A BROUTING -i vlan1 -p ! ipv6 -j DROP work?

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice