1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

Edgerouter Static IPV6 setup help please!

Discussion in 'Routers' started by jasons6930, Nov 21, 2019.

  1. jasons6930

    jasons6930 Regular Contributor

    Joined:
    Aug 25, 2015
    Messages:
    95
    Hi guys,

    New ISP that has static ip's and have got the basic ipv4 up and running, however i am struggling to set up the static IPv6 and Ipv6 gateway.

    I have got the ipv6 set up on the WAN interface and i think, on the Switcho interface as it appears to be giving out IPv6, but non of the clients can see the outside world via ipv6.

    My current config...

    all-ping enable
    broadcast-ping disable
    ipv6-name WANv6_IN {
    default-action drop
    description "WAN inbound traffic forwarded to LAN"
    enable-default-log
    rule 10 {
    action accept
    description "Allow established/related sessions"
    state {
    established enable
    related enable
    }
    }
    rule 20 {
    action drop
    description "Drop invalid state"
    state {
    invalid enable
    }
    }
    rule 30 {
    action accept
    description "Allow IPv6 icmp"
    protocol ipv6-icmp
    }
    }
    ipv6-name WANv6_LOCAL {
    default-action drop
    description "WAN inbound traffic to the router"
    enable-default-log
    rule 10 {
    action accept
    description "Allow established/related sessions"
    state {
    established enable
    related enable
    }
    }
    rule 20 {
    action drop
    description "Drop invalid state"
    state {
    invalid enable
    }
    }
    rule 30 {
    action accept
    description "Allow IPv6 icmp"
    protocol ipv6-icmp
    }
    rule 40 {
    action accept
    description "allow dhcpv6"
    destination {
    port 546
    }
    protocol udp
    source {
    port 547
    }
    }
    }
    ipv6-receive-redirects disable
    ipv6-src-route disable
    ip-src-route disable
    log-martians enable
    name WAN_IN {
    default-action drop
    description "WAN to internal"
    rule 10 {
    action accept
    description "Allow established/related"
    state {
    established enable
    related enable
    }
    }
    rule 20 {
    action drop
    description "Drop invalid state"
    state {
    invalid enable
    }
    }
    }
    name WAN_LOCAL {
    default-action drop
    description "WAN to router"
    rule 10 {
    action accept
    description "Allow established/related"
    state {
    established enable
    related enable
    }
    }
    rule 20 {
    action drop
    description "Drop invalid state"
    state {
    invalid enable
    }
    }
    }
    receive-redirects disable
    send-redirects enable
    source-validation disable
    syn-cookies enable
    }
    interfaces {

    }


    }

    }
    ethernet eth9 {
    address ***.***.***.***/30
    address ****:****:****::2/48
    description Internet
    duplex auto
    firewall {
    in {
    ipv6-name WANv6_IN
    name WAN_IN
    }
    local {
    ipv6-name WANv6_LOCAL
    name WAN_LOCAL
    }
    }
    poe {
    output off
    }
    speed auto
    }
    ethernet eth10 {
    duplex auto
    speed auto
    }
    ethernet eth11 {
    duplex auto
    speed auto
    }
    loopback lo {
    }
    switch switch0 {
    address 192.168.1.1/24
    description Local
    ipv6 {
    dup-addr-detect-transmits 1
    router-advert {
    cur-hop-limit 64
    link-mtu 0
    managed-flag false
    max-interval 600
    name-server 2606:4700:4700::1001
    other-config-flag false
    prefix ****:****:****:1::/64 {
    autonomous-flag true
    on-link-flag true
    valid-lifetime 2592000
    }
    reachable-time 0
    retrans-timer 0
    send-advert true
    }
    }
    mtu 1500
    s
    }
    }
    }
    protocols {
    static {
    route6 ::/0 {
    next-hop ****:****:****::1 {
    interface eth9
    }
    }
    }
    }
    service {
    dhcp-server {
    disabled false
    hostfile-update disable
    shared-network-name LAN2 {
    authoritative enable
    subnet 192.168.1.0/24 {
    default-router 192.168.1.1
    dns-server 192.168.1.1
    lease 86400
    start 192.168.1.38 {
    stop 192.168.1.243
    }

    }
    }
    static-arp disable
    use-dnsmasq disable
    }
    dns {
    forwarding {
    cache-size 150
    listen-on eth8
    listen-on switch0
    }
    }
    gui {
    http-port 80
    https-port 443
    older-ciphers enable
    }
    nat {
    rule 5010 {
    description "masquerade for WAN"
    outbound-interface eth9
    type masquerade
    }
    }
    ssh {
    port 22
    protocol-version v2
    }
    }
    system {
    gateway-address ***.***.***.***
    host-name ubnt
    login {
    user ********** {
    authentication {
    encrypted-password ****************
    }
    level admin
    }
    }
    name-server *************
    ntp {
    server 0.ubnt.pool.ntp.org {
    }
    server 1.ubnt.pool.ntp.org {
    }
    server 2.ubnt.pool.ntp.org {
    }
    server 3.ubnt.pool.ntp.org {
    }
    }
    syslog {
    global {
    facility all {
    level notice
    }
    facility protocols {
    level debug
    }
    }
    }
    time-zone UTC


    Thanks for any help!
     
  2. ddaenen1

    ddaenen1 Regular Contributor

    Joined:
    Mar 11, 2019
    Messages:
    119
    Location:
    BE
    Well, i don't have any answers for you but what i can tell you is that i have tried getting IPv6 set up on the ERL3 about a year ago and never succeeded despite many efforts. It appears that in some cases, where the ISP gives out a static IPv6, the ERL3 has issues with that. I have switched over in the mean time to a Mikrotik and now it does work BUT i have switched it off. Main reason is that i could not think of a solid argument why i should have IPv6 functionality and maybe you should ask yourself that question too.

    If you can answer it positively, i wish you all the best in finding a solution to your issue.
     
    jasons6930 likes this.
  3. jasons6930

    jasons6930 Regular Contributor

    Joined:
    Aug 25, 2015
    Messages:
    95
    Thanks.

    I understand what you are saying about the absolute need for IPV6 but, i guess it isn't going to go away anytime soon so i just thought i could set it up and be done with it.

    Must admit, i was beginning to wonder about the ER and problems with setting up a static IPV6, however, there really doesn't seem to be much help out there, although there is plenty if the ISP hands them out via dhcpv6.

    I did have one guy helping me out but he has gone a bit quiet now so i cannot proceed any further.

    Which Mikrotik would you recommend as an alternative to the ER12?
     
  4. coxhaus

    coxhaus Part of the Furniture

    Joined:
    Oct 7, 2010
    Messages:
    3,186
    Location:
    texas
    If you really want good IPv6 I sure the Cisco small business gear will work well.
     
  5. ddaenen1

    ddaenen1 Regular Contributor

    Joined:
    Mar 11, 2019
    Messages:
    119
    Location:
    BE
    I found exactly the same when i was look for help. Even posted a couple of messages on their forum but without any solid solution.

    As for which Mikrotik, i guess that largely depends on your budget. I am running a Mikrotik RB3011UiAS-RM of which i am really happy. Throughput is more than sufficient for my 1Gbps connection and once you get the hang of it, RouterOS is easy to work with. A big difference is that with RouterOS, all settings can be done via the GUI whereas with the ERL3, a lot of stuff can only be configured via CLI. Of course, the RB3011 is a 19" rack model but the RB4011 can do both desktop and rack and is significantly faster than the RB3011. Probably one of my next upgrades.
     
  6. jasons6930

    jasons6930 Regular Contributor

    Joined:
    Aug 25, 2015
    Messages:
    95
    Must admit after posting I did steer towards the 3011 as that did seem to compare a little with the ER.

    I like the look of the 4011 and it isn't a huge amount more than the 3011, but would i notice a real difference in performance between the two? (3011 & 4011)?

    Either are much cheaper than the ER12! :D
     
    Last edited: Nov 29, 2019