Great to read that !
how can i do that ?
Interfaces >> LAN >> General Settings >> Procotol is already set to Static Address.
there is no field to set the ipv6 prefix for LAN.
can i add some parameters in a configuration file ?
i don't see a clair option in dhcp
It's a good question. It's not so obvious in the docs... based on this: https://openwrt.org/docs/guide-user/network/ipv6/ipv6.essentials
I think in /etc/config/network you could do things like:
option ip6addr 'abc:123::456/64'
on each interface.
I made some test.
i add ip6addr for each interfaces. but if i made any modification on any interface that require to click on "save & apply", the file /etc/config/network seems to be rewrited and both ip6addr disapears.
because DMZ has 2 gateway, i also try to add ip6gw option without any result.
After reboot, i have the following result
/etc/config/network
Anyway, it seems that my ipv6 network in LAN operate normaly
If you configure in Luci, then you need to edit the lan interface, change IPv6 assignment length from 64 to disabled, and you'll see that new rows will be added.
Now you can configure the static IPv6 for this interface.
Many thank's, it's realy better.
That is strange is i can't ping the gateway :
ping 2www:xxxx:yyyy:zzz6::1 >> icmp_seq=1 Destination unreachable: Address unreachable
ip a don't display 2www:xxxx:yyyy:zzz6::1 address.Where are you pinging from?
from a server (ubuntu) inside the LAN in the same DP.
With all these changes have you restarted the ubuntu networking so it's not using old outdated prefixes etc?
Also are you saying ip a on the router doesn't show the addresses? Or on ubuntu
on the OpenWRT router.
nano /etc/config/network
config interface 'lan'
option type 'bridge'
option ifname 'eth0.1'
option proto 'static'
option netmask '255.255.255.0'
option ipaddr '192.168.12.1'
option ip6gw '2www:xxxx:yyyy:zzz6::1'
list ip6addr '2www:xxxx:yyyy:zzz6::/64'
option ip6prefix '2www:xxxx:yyyy:zzz6::/64'
it is still the case after reboot.
That's not an address it's a network you should have ::1/64 at the end just like in the gw
I'm not sure if you want the gw address it's not clear to me if that's what is advertised on the LAN or if it changes the routers routing tables
that's better. the field was not empty so i didn't change it.
8: br-lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
link/ether 00:00:00:00:ea:10 brd ff:ff:ff:ff:ff:ff
inet 192.168.12.1/24 brd 192.168.12.255 scope global br-lan
valid_lft forever preferred_lft forever
inet6 2www:xxxx:yyyy:zzz6::1/128 scope global
valid_lft forever preferred_lft forever
inet6 fe80::3023:3ff:fedd:ea10/64 scope link
valid_lft forever preferred_lft forever
on the ubuntu server, after reboot, i still have
ping -6 2www:xxxx:yyyy:zzz6::1
ping: connect: Network is unreachable
same issue, under windows.
strange issu, after reboot, on OpenWRT, i can't perform ip r 6
ip: invalid argument '6' to 'ip'Remove these.
Do you know what is this doing or you randomly selected it? (It is advertising only DHCPv6 addresses, no SLAAC)
Restart network and post the following:
uci export network; ip -6 addr; ip -6 ro li table all; ip -6 ru
Does the ubuntu get some ipv6? Does it have a route?
to be honest not fully, but ipv6 was working fine for all my device (ubuntu, windows, nas and apple. i don't have android device) before trying to create the DMZ.
not anymore, the ubuntu don't get ipv6 address
package network
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
config interface 'lan'
option type 'bridge'
option ifname 'eth0.1'
option proto 'static'
option netmask '255.255.255.0'
option ipaddr '192.168.12.1'
option ip6gw '2a00:xxx:yyy:zzz6::1'
option ip6prefix '2a00:xxx:yyy:zzz6::/64'
list ip6addr '2a00:xxx:yyy:zzz6::1'
config interface 'wan'
option ifname 'eth1.2'
option proto 'dhcp'
option peerdns '0'
config interface 'wan6'
option ifname 'eth1.2'
option proto 'dhcpv6'
option reqprefix 'auto'
option reqaddress 'try'
option peerdns '0'
list ip6prefix '2a00:xxx:yyy:zzz6::/64'
list ip6prefix '2a00:xxx:yyy:zzz7::/64'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'switch0'
option vlan '1'
option vid '1'
option ports '1 2 3 5t'
config switch_vlan
option device 'switch0'
option vlan '2'
option ports '4 6t'
option vid '2'
config route6
option interface 'wan6'
option target '2000::/3'
option gateway 'fe80::f6ca:e5ff:fe4c:58fb'
config switch_vlan
option device 'switch0'
option vlan '3'
option ports '0 5t'
option vid '24'
config interface 'DMZ'
option ifname 'eth0.24'
option proto 'static'
option ip6gw '2a00:xxx:yyy:zzz7::1'
option ip6prefix '2a00:xxx:yyy:zzz7::/64'
list ip6addr '2a00:xxx:yyy:zzz7::1'
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 state UNKNOWN qlen 1000
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 532
inet6 fe80::3223:3ff:fedd:ea10/64 scope link
valid_lft forever preferred_lft forever
3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 532
inet6 fe80::3023:3ff:fedd:ea10/64 scope link
valid_lft forever preferred_lft forever
8: br-lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 2a00:xxx:yyy:zzz6::1/128 scope global
valid_lft forever preferred_lft forever
inet6 fe80::3023:3ff:fedd:ea10/64 scope link
valid_lft forever preferred_lft forever
10: eth0.24@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 2a00:xxx:yyy:zzz7::1/128 scope global
valid_lft forever preferred_lft forever
inet6 fe80::3023:3ff:fedd:ea10/64 scope link
valid_lft forever preferred_lft forever
11: eth1.2@eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 2a00:xxx:yyy:zzz0:3223:3ff:fedd:ea10/64 scope global dynamic
valid_lft 86178sec preferred_lft 86178sec
inet6 fe80::3223:3ff:fedd:ea10/64 scope link
valid_lft forever preferred_lft forever
12: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 fe80::3223:3ff:fedd:ea12/64 scope link
valid_lft forever preferred_lft forever
default from 2a00:xxx:yyy:zzz0::/64 via fe80::224:d4ff:feae:fc68 dev eth1.2 metric 512
2a00:xxx:yyy:zzz0::/64 dev eth1.2 metric 256
unreachable 2a00:xxx:yyy:zzz0::/64 dev lo metric 2147483647 error -113
2a00:xxx:yyy:zzz6::1 dev br-lan metric 256
unreachable 2a00:xxx:yyy:zzz6::/64 dev lo metric 2147483647 error -113
2a00:xxx:yyy:zzz7::1 dev eth0.24 metric 256
unreachable 2a00:xxx:yyy:zzz7::/64 dev lo metric 2147483647 error -113
2000::/3 via fe80::f6ca:e5ff:fe4c:58fb dev eth1.2 metric 1024
fe80::/64 dev eth0 metric 256
fe80::/64 dev eth0.24 metric 256
fe80::/64 dev eth1 metric 256
fe80::/64 dev eth1.2 metric 256
fe80::/64 dev br-lan metric 256
fe80::/64 dev wlan0 metric 256
local ::1 dev lo table local metric 0
anycast 2a00:xxx:yyy:zzz0:: dev eth1.2 table local metric 0
local 2a00:xxx:yyy:zzz0:3223:3ff:fedd:ea10 dev eth1.2 table local metric 0
local 2a00:xxx:yyy:zzz6::1 dev br-lan table local metric 0
local 2a00:xxx:yyy:zzz7::1 dev eth0.24 table local metric 0
anycast fe80:: dev eth1 table local metric 0
anycast fe80:: dev eth0.24 table local metric 0
anycast fe80:: dev eth0 table local metric 0
anycast fe80:: dev eth1.2 table local metric 0
anycast fe80:: dev br-lan table local metric 0
anycast fe80:: dev wlan0 table local metric 0
local fe80::3023:3ff:fedd:ea10 dev eth0.24 table local metric 0
local fe80::3023:3ff:fedd:ea10 dev eth0 table local metric 0
local fe80::3023:3ff:fedd:ea10 dev br-lan table local metric 0
local fe80::3223:3ff:fedd:ea10 dev eth1 table local metric 0
local fe80::3223:3ff:fedd:ea10 dev eth1.2 table local metric 0
local fe80::3223:3ff:fedd:ea12 dev wlan0 table local metric 0
ff00::/8 dev eth0 table local metric 256
ff00::/8 dev br-lan table local metric 256
ff00::/8 dev eth0.24 table local metric 256
ff00::/8 dev eth1 table local metric 256
ff00::/8 dev eth1.2 table local metric 256
ff00::/8 dev wlan0 table local metric 256
0: from all lookup local
32766: from all lookup main
4200000001: from all iif lo lookup unspec 12
4200000008: from all iif br-lan lookup unspec 12
4200000010: from all iif eth0.24 lookup unspec 12
4200000011: from all iif eth1.2 lookup unspec 12
4200000011: from all iif eth1.2 lookup unspec 12
I asked you to remove these.
The same from DMZ interface. Also fix the prefix length in the ip6address in DMZ interface to /64
indeed, removing ip6gw and ip6prefix and add /64 to ip6address fixe the problem.
So the only change required was to set IPv6 assignment length to disable.
my ubuntu server can get ipv6 address. in fact 3, this should be link to "stateless + statefull" option.
for my understanding, setting ip6gw and ip6prefix disable some automatic stuff ?
many thank's
You cannot use as gateway the address of the interface. It must be the uplink router to the internet. This is already configured in wan6.
You cannot delegate the same prefix you are using on the lan interface. It must be some other prefix.
Thank's, every think, seems to be ok.
i will do a summary with LUCI screenshot and description.
Find bellow a summary of how to settup a DMZ with two prefixs delegations. One for the LAN and the second for the DMZ.
This setup is mainly based on guide-to-set-up-dmz-via-luci 1
First step : create a new VLAN
Open Network -> Switch to setup a VLAN. To understand your default configuration, find the Switch Ports (for VLANs) section for your router in Table of Hardware. I created an VLAN with id 24, on LAN4 ans link to CPU (eth0).
This action will create an interface named eth0.24
Second step : create a new Interface
Open Network -> Interfaces to setup the DMZ. The main setting is to set IPv6 assignement length to disabled
Third step : settup firewall rule for DMZ
Open Network -> Firewall.
This allow the LAN to get onto DMZ and prohibit DMZ to get onto LAN.
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.
