Guys I need help. I want to run ipv6 only LAN.
Here is my setup...
TG800VAC dhcpv4 disabled, static address, wifi ap enabled, connected to internet
Windows server2012r2 dhcpv4 and dhcpv6 server, dns, domain controller running on a gen8 microserver
The gen is plugged into switch, as well as 2 other pcs, the tg800vac is as well, all other devices use the wifi ap on the tg800vac
I want all devices to request the ipv6 info from the gen8 including dns. Ive set a static ipv6 address for the gen8 server and the tg800vac but cant get internet connectivity on ipv6 alone. Also is it possibly to route wifi ap to use it own ethernet port and the main ethernet port going to the internet seperate?
etc/config/network
config interface 'lan'
option type 'bridge'
option proto 'static'
option netmask '255.255.255.0'
option force_link '0'
option ipaddr '10.40.27.1'
list pppoerelay ''
list pppoerelay ''
list ifname 'eth0'
list ifname 'eth1'
list ifname 'eth2'
list ifname 'eth3'
option ip6addr 'fd10:c65b:f439:4f9a::1/64'
option ip6assign '64'
option ipv6 '1'
etc/config/dhcp
config dnsmasq 'main'
option disabled '0'
option nonwildcard '1'
option domainneeded '1'
option boguspriv '1'
option filterwin2k '0'
option localise_queries '1'
option rebind_protection '0'
option rebind_localhost '1'
option local '/lan/'
option expandhosts '1'
option nonegcache '0'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.auto'
option strictorder '1'
option dhcpscript '/lib/dnsmasq/dhcp-event.sh'
option domain 'gateway'
list hostname 'mygateway'
list hostname 'telstra'
list interface 'lan'
list interface 'Guest1'
list interface 'Guest1_5GHz'
config odhcpd 'odhcpd'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
config dhcp 'lan'
option instance 'main'
option interface 'lan'
option leasetime '1h'
option force '1'
option dhcpv6 'disabled'
option ra_management '0'
option ra_mininterval '200'
option ra_maxinterval '600'
option ra_lifetime '1800'
option ra_hoplimit '64'
option ra_max_mtu '1500'
list dhcp_option 'tag:cpewan-id,vi-encap:3561,6,"Technicolor TG800vac"'
list dhcp_option 'tag:cpewan-id,vi-encap:3561,5,"CP1637SA33V"'
list dhcp_option 'tag:cpewan-id,vi-encap:3561,4,"E0B9E5"'
option start '2'
option limit '136'
option ignore '1'
config dhcp 'Guest1_private'
option instance 'main'
option interface 'Guest1'
option start '1'
option limit '125'
option leasetime '1h'
option force '1'
option dhcpv6 'relay'
option ra 'server'
option ra_management '0'
option ra_mininterval '200'
option ra_maxinterval '600'
option ra_lifetime '1800'
option ra_hoplimit '64'
option ra_max_mtu '1500'
config dhcp 'Guest1_5GHz_private'
option instance 'main'
option interface 'Guest1_5GHz'
option start '129'
option limit '125'
option leasetime '1h'
option force '1'
option dhcpv6 'relay'
option ra 'server'
option ra_management '0'
option ra_mininterval '200'
option ra_maxinterval '600'
option ra_lifetime '1800'
option ra_hoplimit '64'
option ra_max_mtu '1500'
config dhcp 'wan'
option interface 'wan'
option ignore '1'
config dhcp 'ppp'
option interface 'ppp'
option ignore '1'
config dhcp 'ipoe'
option interface 'ipoe'
option ignore '1'
config dhcp 'wwan'
option interface 'wwan'
option ignore '1'
config dhcp 'wan6'
option interface 'wan6'
option ignore '1'
config opassthrud 'opassthrud'
option passthruscript '/lib/dhcpopassthrud/dnsmasq.sh'
option options_needed '0'
config dnsmasq 'hotspot'
option disabled '0'
option nonwildcard '1'
option domainneeded '1'
option boguspriv '1'
option filterwin2k '0'
option localise_queries '1'
option rebind_protection '0'
option rebind_localhost '1'
option local '/hotspot/'
option expandhosts '1'
option nonegcache '0'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases.hotspot'
option strictorder '1'
option dhcpscript '/lib/dhcp/dhcp-event.sh'
option domain 'hotspot'
list interface 'fonopen'
list notinterface 'loopback'
list notinterface 'lan'
list notinterface 'Guest1'
list notinterface 'Guest1_5GHz'
option resolvfile '/tmp/resolv.conf.hotspot'
config dhcp 'fonopen'
option instance 'hotspot'
option interface 'fonopen'
option start '1'
option limit '37'
option force '1'
option leasetime '20m'
option dhcpv6 'server'
option ra 'server'
option ra_management '0'
option ra_min_interval '200'
option ra_max_interval '600'
option ra_lifetime '1800'
option ra_hoplimit '64'
option ra_max_mtu '1500'
config relay 'relay'
config dnsmasq 'dnsmasq'
etc/config/firewall
config defaults
option syn_flood '1'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
option drop_invalid '1'
config zone
option name 'lan'
list network 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
option mtu_fix '1'
option wan '0'
config zone
option name 'Guest1'
list network 'Guest1'
option input 'DROP'
option output 'ACCEPT'
option forward 'REJECT'
option mtu_fix '1'
option wan '0'
config zone
option name 'Guest1_5GHz'
list network 'Guest1_5GHz'
option input 'DROP'
option output 'ACCEPT'
option forward 'REJECT'
option mtu_fix '1'
option wan '0'
config zone
option name 'wan'
option input 'DROP'
option output 'ACCEPT'
option forward 'DROP'
option masq '1'
option mtu_fix '1'
option wan '1'
list network 'wan'
list network 'wwan'
list network 'wan6'
list network 'wwan_4'
list network 'wwan_6'
config forwarding
option src 'lan'
option dest 'wan'
config forwarding
option src 'Guest1'
option dest 'wan'
config forwarding
option src 'Guest1_5GHz'
option dest 'wan'
config rule
option name 'drop_lan_2_Guest1'
option src 'lan'
option dest 'Guest1'
option proto 'all'
option target 'DROP'
config rule
option name 'drop_Guest1_2_lan'
option src 'Guest1'
option dest 'lan'
option proto 'all'
option target 'DROP'
config rule
option name 'drop_lan_2_Guest1_5GHz'
option src 'lan'
option dest 'Guest1_5GHz'
option proto 'all'
option target 'DROP'
config rule
option name 'drop_Guest1_5GHz_2_lan'
option src 'Guest1_5GHz'
option dest 'lan'
option proto 'all'
option target 'DROP'
config rule
option name 'drop-lan_2_Guest1_GW'
option src 'lan'
option proto 'all'
option target 'DROP'
option family 'ipv4'
option dest_ip '192.168.2.126'
config rule
option name 'drop-lan_2_Guest1_5GHz_GW'
option src 'lan'
option proto 'all'
option target 'DROP'
option family 'ipv4'
option dest_ip '192.168.2.254'
config rule
option name 'drop-lan_2_hotspot'
option src 'lan'
option proto 'all'
option target 'DROP'
option family 'ipv4'
option dest_ip '192.168.20.1'
config rule
option name 'drop-Guest_2_hotspot'
option src 'Guest1'
option proto 'all'
option target 'DROP'
option family 'ipv4'
option dest_ip '192.168.20.1'
config rule
option name 'drop-Guest5G_2_hotspot'
option src 'Guest1_5GHz'
option proto 'all'
option target 'DROP'
option family 'ipv4'
option dest_ip '192.168.20.1'
config rule
option name 'Allow-Guest1_ICMP'
option src 'Guest1'
option proto 'icmp'
option target 'ACCEPT'
option family 'ipv4'
option dest_ip '192.168.2.126'
config rule
option name 'Allow-Guest1_DHCP'
option src 'Guest1'
option proto 'udp'
option dest_port '67'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Guest1_DNS'
option src 'Guest1'
option proto 'udp'
option dest_port '53'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Guest1_ICMPv6'
option src 'Guest1'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-Guest1_5GHz_ICMP'
option src 'Guest1_5GHz'
option proto 'icmp'
option target 'ACCEPT'
option family 'ipv4'
option dest_ip '192.168.2.254'
config rule
option name 'Allow-Guest1_5GHz_DHCP'
option src 'Guest1_5GHz'
option proto 'udp'
option dest_port '67'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Guest1_5GHz_DNS'
option src 'Guest1_5GHz'
option proto 'udp'
option dest_port '53'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Guest1_5GHz_ICMPv6'
option src 'Guest1_5GHz'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
option enabled '0'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option src_ip 'fc00::/6'
option dest_ip 'fc00::/6'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Deny-CUPS-wan'
option src 'wan'
option proto 'tcp'
option dest_port '631'
option family 'ipv4'
option target 'DROP'
config include
option path '/etc/firewall.user'
config include 'tchext_restart'
option type 'script'
option path '/lib/functions/firewall-restart-ext-tch.sh'
config include 'tchext'
option type 'script'
option path '/lib/functions/firewall-ext-tch.sh'
option reload '1'
option family 'IPv4'
config cone
option name 'PS and XBox Live 1'
option src 'wan'
option dest_port '88'
config cone
option name 'PS and XBox Live 2'
option src 'wan'
option dest_port '3074:3658'
config cone
option name 'PS and XBox Live 3'
option src 'wan'
option dest_port '10070'
config include 'tod'
option type 'script'
option path '/lib/functions/tod.sh'
option reload '1'
config include 'intercept'
option type 'script'
option path '/usr/lib/intercept/firewall.sh'
config fwconfig 'fwconfig'
option defaultoutgoing_lax 'ACCEPT'
option defaultoutgoing_normal 'ACCEPT'
option defaultoutgoing_high 'DROP'
option defaultoutgoing_user 'ACCEPT'
option defaultincoming_lax 'REJECT'
option defaultincoming_normal 'DROP'
option defaultincoming_high 'DROP'
option defaultincoming_user 'DROP'
option level 'normal'
config redirectsgroup 'userredirects'
option enabled '1'
option name 'FW redirects defined by the user'
option type 'userredirect'
config redirectsgroup 'dmzredirects'
option enabled '0'
option name 'FW redirects for the DMZ functionality'
option type 'dmzredirect'
config dmzredirect 'dmzredirect'
option name 'DMZ rule'
option src 'wan'
option dest 'lan'
option family 'ipv4'
option target 'DNAT'
option proto '!icmp'
config rulesgroup 'normalrules'
option enabled '1'
option name 'FW rules for normal level'
option type 'normalrule'
config rulesgroup 'laxrules'
option enabled '0'
option name 'FW rules for lax level'
option type 'laxrule'
config rulesgroup 'highrules'
option enabled '0'
option name 'FW rules for high level'
option type 'highrule'
config rulesgroup 'userrules'
option enabled '0'
option name 'FW rules for user level'
option type 'userrule'
config rulesgroup 'userrules_v6'
option enabled '0'
option name 'FW rules for user level IPv6'
option type 'userrule_v6'
config rulesgroup 'defaultrules'
option enabled '1'
option name 'FW rules for default behavior'
option type 'defaultrule'
config highrule
option name 'HTTP'
option src 'lan'
option dest 'wan'
option proto 'tcp'
option dest_port '80'
option target 'ACCEPT'
config highrule
option name 'HTTPS'
option src 'lan'
option dest 'wan'
option proto 'tcp'
option dest_port '443'
option target 'ACCEPT'
config highrule
option name 'SMTP'
option src 'lan'
option dest 'wan'
option proto 'tcp'
option dest_port '25'
option target 'ACCEPT'
config highrule
option name 'POP3'
option src 'lan'
option dest 'wan'
option proto 'tcp'
option dest_port '110'
option target 'ACCEPT'
config highrule
option name 'IMAP'
option src 'lan'
option dest 'wan'
option proto 'tcp'
option dest_port '445'
option target 'ACCEPT'
config highrule
option name 'SSH'
option src 'lan'
option dest 'wan'
option proto 'tcp'
option dest_port '22'
option target 'ACCEPT'
config defaultrule 'defaultoutgoing'
option name 'Default action for outgoing NAT'
option src 'lan'
option dest 'wan'
option proto 'all'
option target 'ACCEPT'
config helper
option helper 'ftp'
option dest_port '21'
option proto 'tcp'
config helper
option helper 'tftp'
option dest_port '69'
option proto 'udp'
config helper
option helper 'snmp'
option family 'ipv4'
option dest_port '161'
option proto 'udp'
config helper
option helper 'pptp'
option family 'ipv4'
option dest_port '1723'
option proto 'tcp'
config helper
option helper 'sip'
option dest_port '5060'
option proto 'udp'
config helper
option helper 'irc'
option family 'ipv4'
option dest_port '6667'
option proto 'tcp'
config helper
option helper 'amanda'
option dest_port '10080'
option proto 'udp'
config helper
option helper 'rtsp'
option dest_port '554'
option family 'ipv4'
option proto 'tcp'
config include 'wol'
option type 'script'
option path '/lib/functions/firewall-wol.sh'
option reload '1'
config include 'cwmpd'
option type 'script'
option path '/lib/functions/firewall-cwmpd.sh'
option reload '1'
config include 'igmpproxy'
option type 'script'
option path '/lib/functions/firewall-igmpproxy-tch.sh'
option reload '1'
config include 'miniupnpd'
option type 'script'
option path '/usr/share/miniupnpd-tch/firewall.include'
option family 'IPv4'
option reload '1'
config include 'mmpbx'
option type 'script'
option path '/lib/functions/firewall-mmpbx.sh'
option reload '1'
config include 'weburl'
option type 'script'
option path '/lib/functions/weburl-tch.sh'
option reload '1'
config userredirect 'userredirect4932'
option enabled '1'
option src_dport '3659'
list proto 'udp'
option dest_ip '10.40.27.10'
option dest 'lan'
option src 'wan'
option dest_port '3659'
option name 'BF4 1'
option target 'DNAT'
option family 'ipv4'
config userredirect 'userredirect6536'
option enabled '1'
option src_dport '14000'
option src 'wan'
option dest_ip '10.40.27.10'
list proto 'udp'
option family 'ipv4'
option dest_port '14016'
option name 'BF4 2'
option target 'DNAT'
option dest 'lan'
config userredirect 'userredirect7383'
option enabled '1'
option src_dport '22990'
option src 'wan'
option dest_ip '10.40.27.10'
option family 'ipv4'
option target 'DNAT'
option dest_port '23006'
option name 'BF4 3'
list proto 'udp'
option dest 'lan'
config userredirect 'userredirectD8E9'
option enabled '1'
option src_dport '25200'
option src 'wan'
option dest_ip '10.40.27.10'
option dest 'lan'
list proto 'udp'
option dest_port '25300'
option name 'BF4 4'
option family 'ipv4'
option target 'DNAT'
config userredirect 'userredirect0EB4'
option enabled '1'
option src_dport '80'
option src 'wan'
option dest_ip '10.40.27.10'
option family 'ipv4'
list proto 'tcp'
option dest_port '80'
option name 'BF4 5'
option target 'DNAT'
option dest 'lan'
config userredirect 'userredirect76B3'
option enabled '1'
option src_dport '443'
option src 'wan'
option dest_ip '10.40.27.10'
option family 'ipv4'
list proto 'tcp'
option dest_port '443'
option name 'BF4 6'
option target 'DNAT'
option dest 'lan'
config userredirect 'userredirect3468'
option enabled '1'
option src_dport '9988'
option src 'wan'
option dest_ip '10.40.27.10'
option dest 'lan'
option family 'ipv4'
option dest_port '9988'
option name 'BF4 7'
list proto 'tcp'
option target 'DNAT'
config userredirect 'userredirect8EBA'
option src_dport '17502'
option src 'wan'
option dest_ip '10.40.27.10'
option family 'ipv4'
option dest 'lan'
option dest_port '17502'
option name 'BF4 8'
option enabled '1'
option target 'DNAT'
list proto 'tcp'
config userredirect 'userredirect3FF7'
option src_dport '20000'
list proto 'tcp'
option dest_ip '10.40.27.10'
option family 'ipv4'
option dest 'lan'
option dest_port '20100'
option name 'BF4 9'
option enabled '1'
option target 'DNAT'
option src 'wan'
config userredirect 'userredirect3143'
option enabled '1'
option src_dport '22990'
option dest_ip '10.40.27.10'
list proto 'tcp'
option family 'ipv4'
option dest_port '22990'
option name 'BF4 10'
option src 'wan'
option dest 'lan'
option target 'DNAT'
config userredirect 'userredirect64F0'
option enabled '1'
option src_dport '42127'
option dest_ip '10.40.27.10'
list proto 'tcp'
option family 'ipv4'
option dest_port '42127'
option name 'BF4 11'
option src 'wan'
option dest 'lan'
option target 'DNAT'
config userredirect 'userredirect28EB'
option enabled '1'
option src_dport '49152'
option src 'wan'
option dest_ip '10.40.27.10'
option family 'ipv4'
option dest 'lan'
option dest_port '65535'
option name 'Roblox'
list proto 'udp'
option target 'DNAT'
config rule 'SSH_wan'
option src 'wan'
option name 'SSH_wan'
option target 'DROP'
option proto 'tcp'
option dest_port '22'
option family 'ipv4'