Hi all, need assistance with 21.02.1. I've updated my R7800 router from 19.07.08 to 21.02.1 and started from scratch - I did NOT KEEP settings. Everything is working ok except I cant forward IPv6 to my security cameras on 21.02, which was working fine on 19.07. For some reason my cameras dont hold IPv6 address if I set them to DHCP - they get IPv6 address ok but then in about an hour, reset to local IPv6 - I "fixed" that issue by manually assigning IPv6 to the cameras (would be great if someone can recommend how to fix this, but that's not the issue for this post).
So, I have 4 cameras with IPv6 manually assigned to them:
CAM1: 2835:865:c840:e4a4::60
CAM2: 2835:865:c840:e4a4::61
CAM3: 2835:865:c840:e4a4::62
CAM4: 2835:865:c840:e4a4::63
(those IP numbers are random, for the sake of the demonstration)
In 19.07 I had these Traffic Rules that allowed me to connect to these cameras from outside:
config rule
option src '*'
option name 'Allow WAN to Front 1 Cam IPv6'
option target 'ACCEPT'
option family 'ipv6'
option dest 'lan'
option proto 'tcp'
option dest_port '44550'
list dest_ip '2835:865:c840:e4a4::60'
config rule
option src '*'
option name 'Allow WAN to Front 2 Cam IPv6'
option target 'ACCEPT'
option family 'ipv6'
option dest 'lan'
option dest_port '44551'
option proto 'tcp'
list dest_ip '2835:865:c840:e4a4::61'
config rule
option src '*'
option name 'Allow WAN to Back 1 Cam IPv6'
option target 'ACCEPT'
option family 'ipv6'
option dest 'lan'
option dest_port '44552'
option proto 'tcp'
list dest_ip '2835:865:c840:e4a4::62'
config rule
option src '*'
option name 'Allow WAN to Back 2 Cam IPv6'
option target 'ACCEPT'
option family 'ipv6'
option dest 'lan'
option dest_port '44553'
option proto 'tcp'
list dest_ip '2835:865:c840:e4a4::63'
After installing 21.02 and configuring IPv6 the same (I think) as 19.07, I can get IPv6 from my provider OK and can delegate to my local devices OK too.
I've installed IPSET
package with related dependencies but still cant connect to my cameras from outside.
Firewall is as follows:
config defaults
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
option synflood_protect '1'
option drop_invalid '1'
option flow_offloading '1'
config zone
option name 'lan'
list network 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
config zone
option name 'wan'
list network 'wan'
list network 'wan6'
option output 'ACCEPT'
option masq '1'
option mtu_fix '1'
option input 'DROP'
option forward 'DROP'
config forwarding
option src 'lan'
option dest 'wan'
DHCP is as follows:
config dnsmasq
option domainneeded '1'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
option localservice '1'
option ednspacket_max '1232'
option nohosts '1'
option quietdhcp '1'
option filterwin2k '1'
option nonegcache '1'
config dhcp 'lan'
option interface 'lan'
option limit '150'
option dhcpv4 'server'
option dhcpv6 'server'
option ra 'server'
list ra_flags 'managed-config'
list ra_flags 'other-config'
option start '50'
option leasetime '24h'
config dhcp 'wan'
option interface 'wan'
option ignore '1'
list ra_flags 'none'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '3'
Network:
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fd46:3417:c587::/48'
option packet_steering '1'
config device
option name 'br-lan'
option type 'bridge'
list ports 'eth1.1'
option igmp_snooping '1'
config interface 'lan'
option device 'br-lan'
option proto 'static'
option netmask '255.255.255.0'
option ipaddr '192.168.xxx.1'
list dns '1.1.1.2'
list dns '1.0.0.2'
option ip6assign '64'
config interface 'wan'
option device 'eth0.2'
option proto 'dhcp'
option peerdns '0'
list dns '1.1.1.2'
list dns '1.0.0.2'
config interface 'wan6'
option device 'eth0.2'
option proto 'dhcpv6'
option reqaddress 'try'
option peerdns '0'
list dns '2606:4700:4700::1112'
list dns '2606:4700:4700::1002'
option reqprefix '60'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'switch0'
option vlan '1'
option ports '1 2 3 4 6t'
config switch_vlan
option device 'switch0'
option vlan '2'
option ports '5 0t'
I would appreciate any assistance. Thank you