Configure DHCPv6c on WAN for multiple PD requests for AT&T fiber?

Installing and Using OpenWrt Network and Wireless Configuration
61

Maybe try some rules like this in your /etc/config/firewall file?

config rule
	option name 'Allow-GUEST-DHCP6'
	option family 'ipv6'
	list proto 'udp'
	option src 'guest'
	option dest_port '547'
	option target 'ACCEPT'

config rule
	option name 'Allow-GUEST-ICMP-Input'
	option src 'guest'
	option proto 'icmp'
	option target 'ACCEPT'
	option family 'ipv6'

Obviously tailor the src to your actual interface names, but basically allow those two types of traffic from each of your lan/guest/iot zones to your openwrt device.

I would think you would want to put your WAN6* interfaces back into your WAN zone for security, though.

1 Like
62

Thanks so much, I'll play around and report back. Hopefully with useful config items to share

1 Like
63

And progress/success? :slight_smile:

64

success! All I basically needed was to put all the WAN6* interfaces on the wan firewall zone. The link-local gateway does work on my lan subnet, but isn't returning pings for some unknown reason I can't figure out yet

1 Like
65

When pinging the gateway LL address, make sure you include % + the interface by which you intend to reach that LL gateway. For example, when pinging my LL gateway I have to append %en0 to the gateway's address, where en0 is my MacBook's WiFi interface that connects me to my gateway:

❯ ping6 fe80::92e2:baff:fexx:yyzz%en0
PING6(56=40+8+8 bytes) fe80::cf4:7aff:45c7:2690%en0 --> fe80::92e2:baff:fexx:yyzz%en0
16 bytes from fe80::92e2:baff:fexx:yyzz%en0, icmp_seq=0 hlim=64 time=43.681 ms
16 bytes from fe80::92e2:baff:fexx:yyzz%en0, icmp_seq=1 hlim=64 time=103.636 ms
16 bytes from fe80::92e2:baff:fexx:yyzz%en0, icmp_seq=2 hlim=64 time=1.738 ms
16 bytes from fe80::92e2:baff:fexx:yyzz%en0, icmp_seq=3 hlim=64 time=1.751 ms
16 bytes from fe80::92e2:baff:fexx:yyzz%en0, icmp_seq=4 hlim=64 time=1.515 ms
16 bytes from fe80::92e2:baff:fexx:yyzz%en0, icmp_seq=5 hlim=64 time=8.265 ms
16 bytes from fe80::92e2:baff:fexx:yyzz%en0, icmp_seq=6 hlim=64 time=1.761 ms
...

Alternately, if your ping6 command includes the -I option, you can use it instead:

❯ ping6 -I en0 fe80::92e2:baff:fexx:yyzz
PING6(56=40+8+8 bytes) fe80::cf4:7aff:45c7:2690%en0 --> fe80::92e2:baff:fexx:yyzz
16 bytes from fe80::92e2:baff:fexx:yyzz%en0, icmp_seq=0 hlim=64 time=1.572 ms
16 bytes from fe80::92e2:baff:fexx:yyzz%en0, icmp_seq=1 hlim=64 time=1.825 ms
16 bytes from fe80::92e2:baff:fexx:yyzz%en0, icmp_seq=2 hlim=64 time=2.402 ms
16 bytes from fe80::92e2:baff:fexx:yyzz%en0, icmp_seq=3 hlim=64 time=2.746 ms
16 bytes from fe80::92e2:baff:fexx:yyzz%en0, icmp_seq=4 hlim=64 time=2.132 ms
16 bytes from fe80::92e2:baff:fexx:yyzz%en0, icmp_seq=5 hlim=64 time=2.907 ms
...
66

Everything still working okay for you?

67

I feel dumb.

davygrvy@puukukui:~$ ping fe80::6238:e0ff:feca:e009%enp3s0
PING fe80::6238:e0ff:feca:e009%enp3s0(fe80::6238:e0ff:feca:e009%enp3s0) 56 data bytes
64 bytes from fe80::6238:e0ff:feca:e009%enp3s0: icmp_seq=1 ttl=64 time=0.215 ms
64 bytes from fe80::6238:e0ff:feca:e009%enp3s0: icmp_seq=2 ttl=64 time=0.206 ms
64 bytes from fe80::6238:e0ff:feca:e009%enp3s0: icmp_seq=3 ttl=64 time=0.210 ms
^C
--- fe80::6238:e0ff:feca:e009%enp3s0 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2031ms
rtt min/avg/max/mdev = 0.206/0.210/0.215/0.003 ms
68

Don't feel dumb! When I don't get into the lower levels of IPv6 often I forget about that aspect of the link-local address.

So glad it's working for you! Are there any outstanding issues with this that you are still working through or have we just reached a fully working solution?

69

I'm good. I'm off and running fixing Transmission's lacking UPnP/IGD IPv6 support

1 Like
70

Awesome! :+1:

71

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.