How do I achieve this? Only ULAs are delegated, I have to assign an address manually to make it work.
If I change prefix filter to wan_6 I'll have no address at all.
I have a /60 prefix from a PPPoE interface and it's confirmed to be functional.
I also tried IPv6 port forward, which is not working for some reason(perhaps it's related to NAT6 or something?).
But I have not tested this.
Myself and regarding to the Internet many folks are using NPT (network prefix translation) and translate (static) ULA to a dynamic GUA prefix.
Wireguard is a layer-3 device and the original author has some rejections why IPv6 is not being treated well with Wireguard.
I'm trying to delegate an address/prefix to the interface, so I can connect to the vpn through an ipv6 address.
Ah. Address assignment to the WG interface on the router is possible using ip6hint and ip6ifaceid.
You need them to connect to the router via WG from the client what do you want to do?
Connection TO the router (the WG peer or endpoint) is normally just done via the wan6 IP of the router.
Well I thought since IPv6 doesn't have NAT, each interface will need it's own address to be reachable.
I'll try opening the port directly.
If you connect via Wireguard you will establish the connection on the wan IP of the router.
But the address of the tunnel comes into play later.
To avoid a (masquerade) nat for the WG clients, you either needed (static) GUA addresses for the WG Interfaces on the router and the client or prefix translation, which is not really a "classical" nat.
In case you are not aware of it, Linux usually can be addressed via all addresses on all interfaces regarding if the address is assigned on the incoming interface or not. To simplify the behavior. Devil is in the details but usually if you throw a packet to a Linux box and it has the address somewhere assigned the packet gets processed...
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.