Hi,
I recently switched to a new ISP that supports IPv6, so I thought I would give it a go, they do however recognize there could be some issues getting IPv6 working on customers own router.
They say I need SLAAC and DHCPv6 prefix delegation - which I think my CCR supports.
I set up below Ipv6 configuration, with the options I found worked for another guy at the same ISP - however he was using an OpenBSD router
# model = CCR1009-7G-1C
# serial number = 915708151278
/ipv6 dhcp-client option
add code=94 name=OPTION_S46_CONT_MAPE
add code=96 name=OPTION_S46_CONT_LW
add code=95 name=OPTION_S46_CONT_MAPT
add code=21 name=OPTION_SIP_SERVER_D
add code=22 name=OPTION_SIP_SERVER_A
add code=23 name=OPTION_DNS_SERVERS
add code=24 name=OPTION_DOMAIN_LIST
add code=31 name=OPTION_SNTP_SERVERS
add code=56 name=OPTION_NTP_SERVER
add code=64 name=OPTION_AFTR_NAME
add code=67 name=OPTION_PD_EXCLUDE
add code=82 name=OPTION_SOL_MAX_RT
add code=83 name=OPTION_INF_MAX_RT
/ipv6 dhcp-client
add add-default-route=yes dhcp-options="OPTION_AFTR_NAME,OPTION_DNS_SERVERS,OPTI\
ON_DOMAIN_LIST,OPTION_INF_MAX_RT,OPTION_NTP_SERVER,OPTION_PD_EXCLUDE,OPTION_\
S46_CONT_LW,OPTION_S46_CONT_MAPE,OPTION_S46_CONT_MAPT,OPTION_SIP_SERVER_A,OP\
TION_SIP_SERVER_D,OPTION_SNTP_SERVERS,OPTION_SOL_MAX_RT" interface=ether1 \
pool-name=general-pool pool-prefix-length=48 rapid-commit=no request=prefix
/ipv6 firewall filter
add action=log chain=forward log=yes log-prefix=IPvv6log
add action=drop chain=input comment="Drop (invalid)" connection-state=invalid
add action=accept chain=input comment="Accept (established, related)" \
connection-state=established,related
add action=accept chain=input comment="DHCPv6 server reply" disabled=yes port=\
547 protocol=udp src-address=fe80::/10
add action=accept chain=input comment="Accept DHCP (10/sec)" in-interface=\
ether1 limit=10,20:packet log=yes log-prefix=IPV6_dhcp protocol=udp \
src-port=547
add action=drop chain=input comment="Drop DHCP (>10/sec)" in-interface=ether1 \
protocol=udp src-port=547
add action=accept chain=input comment="Accept external ICMP (10/sec)" \
in-interface=ether1 limit=10,20:packet protocol=icmpv6
add action=drop chain=input comment="Drop external ICMP (>10/sec)" \
in-interface=ether1 protocol=icmpv6
add action=accept chain=input comment="Accept internal ICMP" in-interface=\
!ether1 protocol=icmpv6
add action=drop chain=input comment="Drop external" in-interface=ether1
add action=reject chain=input comment="Reject everything else"
add action=accept chain=output comment="Accept all"
add action=drop chain=forward comment="Drop (invalid)" connection-state=invalid
add action=accept chain=forward comment="Accept (established, related)" \
connection-state=established,related
add action=accept chain=forward comment="Accept external ICMP (20/sec)" \
in-interface=ether1 limit=20,50:packet protocol=icmpv6
add action=drop chain=forward comment="Drop external ICMP (>20/sec)" \
in-interface=ether1 protocol=icmpv6
add action=accept chain=forward comment="Accept internal" in-interface=!ether1
add action=accept chain=forward comment="Accept outgoing" out-interface=ether1
add action=drop chain=forward comment="Drop external" in-interface=ether1
add action=reject chain=forward comment="Reject everything else"
/ipv6 nd
set [ find default=yes ] disabled=yes
add advertise-dns=no hop-limit=64 interface=ether1
But I still do not get a prefix - I tried packet sniffing and can see I don’t get any Advertise packet back.
In my Solicit package I have 2 errors, maybe I am not setting the options up correct ? I am only entering the Option name and then the number in code but nothing is value - is that the correct way ?
