How to properly configure a /128 IPv6?

eduperez · December 18, 2023, 4:55pm

In it's infinite generosity, my ISP has decided to assign a whole /128 (public!) IPv6 address to my LTE connection... well, being LTE, I can understand it is supposed to feed a single mobile phone, instead of a router.

I can reach the router on IPv6 from outside, and I can live not having IPv6 at all, for the other devices in my network. The question is, is there anything else I could/should do, to consider this a proper configuration?

NPeca75 · December 18, 2023, 5:27pm

Hi @eduperez

as you have single v6 addr, you could masquerade private (fc00/fd00) LAN addresses to single WAN v6 address with

config zone
    option name 'wan6'
    option input 'ACCEPT'
    option output 'ACCEPT'
    option forward 'REJECT'
    list network 'wan6'
    option masq6 '1'

and you could make port forward to specific LAN device with

config redirect
    option dest 'vlan202'
    option target 'DNAT'
    option name 'frater80v6'
    list proto 'tcp'
    option src 'wan6'
    option src_dport '80'
    option dest_ip 'fd00:25:202::1004'
    option dest_port '80'

bmork · December 18, 2023, 5:52pm

Are you sure? I believe this is hard to do on a mobile connection. A single /64 is much more likely. But your modem might try to fool you by making up some interface identifier

AndrewZ · December 18, 2023, 6:52pm

If you're using QMI, /128 on the outer interface is hardcoded in the connection script
Highly likely you have /64 as @bmork said.

eduperez · December 18, 2023, 8:28pm

I do not really need IPv6, but I also like to overcomplicate everything, so I will probably end trying this. Thanks!

eduperez · December 18, 2023, 8:32pm

@bmork @NPeca75 : I am sure 'ifconfig' shows only a /128 and nothing else, but I am using QMI. I will try to tinker with the parameters, and see what happens. Many thanks!

eduperez · December 18, 2023, 10:25pm

I just activated option "dhcpv6" on the WAN config, and now I receive a /64 from my ISP; many thanks!

_bernd · December 19, 2023, 7:35am

Maybe play around and request a larger prefix and see what's happening. Because as far as I know LTE 5g and such have no limitations of how the ISP routes to you. It is not uncommon to serve with LTE routers/modems many clients behind it. Then a single address would put us back into the late last millennia.

system · December 29, 2023, 7:36am

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.