IPv6: Difference between revisions

From Bondix Wiki
No edit summary
No edit summary
Line 5: Line 5:


==Option 1: Double Masquerading==
==Option 1: Double Masquerading==
We can enable masquerading on the server by specifying a masquerading IP in the environment settings. Also ensure that the tunnel has a default client route for IPv6 (::/0),found in tunnel routing settings.   
We can enable masquerading on the server by specifying a masquerading IP in the environment settings. Ensure that the tunnel has a default client route for IPv6 (::/0),found in tunnel routing settings. Your must change the environment IPv6 transport network to a private (e.g. fdXX::..), link-local IPv6 networks will not be masqueraded.   


Client-side, the following requirements must be met:  
Client-side, the following requirements must be met:  

Revision as of 20:26, 30 September 2024

IPv6 Setup

By default, Bondix uses a randomized link-local IPv6 address range (fe80::/3) as a transport network between the server and client router. This allows basic IPv6 communication, but additional setup is required to achieve full IPv6 internet connectivity for the router and its clients.

Option 1: Double Masquerading

We can enable masquerading on the server by specifying a masquerading IP in the environment settings. Ensure that the tunnel has a default client route for IPv6 (::/0),found in tunnel routing settings. Your must change the environment IPv6 transport network to a private (e.g. fdXX::..), link-local IPv6 networks will not be masqueraded.

Client-side, the following requirements must be met:

  • the router LAN must have a private IPv6 network configured
  • the router must masquerade IPv6 traffic using its transport IP.

Option 2: Use a Public IPv6 Transport Network

Using a public IPv6 network as a transport network

Using a public IPv6 transport network allows omitting server-side masquerading. A small subnet is sufficient (e.g. /112 or /120). Each tunnel in the environment will be assigned a single IP from that subnet. Again, a default IPv6 client route (::/0) must be configured.

Client-side, the same requirements as Option 1 must be met:

  • the router LAN must have a private IPv6 network configured
  • the router must masquerade IPv6 traffic using its transport IP.

Option 3: Route a Public IPv6 Network Through the Tunnel

Public IPv6 routing

Server-side, add a public IPv6 network as a server route, and add a default IPv6 client route (::/0).

Client-side, the following requirements must be met:

  • the router LAN must have the routed IPv6 network assigned
  • Firewall settings must allow IP forwarding from/to the bondix interface

Client Settings

this is work in progress

Teltonika

  • Teltonika does not allow setting a static IPv6 address for the LAN interface in the web interface
  • Use these commands instead:
uci add_list network.lan.ip6addr='2a01:XXXXXXXXXX::1/96'
uci commit
/etc/init.d/network restart
  • to remove the configured IP address, do
uci del_list network.lan.ip6addr='2a01:XXXXXXXX::1/96'
uci commit
/etc/init.d/network restart
Manual IPv6 configuration in OpenWr

OpenWrt

  • Manually assign an IPv6 address to the LAN interface, no gateway

Connected Devices

  • You can manually assign IPv6 addresses to any connected device using the IPv6 address configured on the router as the gateway.
  • You'll also need a IPv6 DNS server.

Todo:

  • how to set up dhcpv6