IPv6 NAT over wlan1 possible?

Installing and Using OpenWrt Network and Wireless Configuration
1

I know my needs seem a bit weird... but I am in a college that only provides Wi-Fi network and I want to make a subnet for all my devices for file sharing.
I set up my OpenWrt router and connected to my WPA2-EAP school Wi-Fi and abtain both ipv4 and ipv6 addr.
My router's ip addr is like 10.136.88.88 and 2001:xxxxxxx:1/64(ipv6)
and my pc can get a ip addr and it is like 192.168.1.190 and fdxxxxxx(ipv6)
I found my pc connected to the internet through v4 but not v6.
I searched a lot and guess the ipv6 in my school network is not complete so is there any method like ipv6 nat through wlan1?
(and can my router send out another wifi for my phones to join under ipv6 nat?)

2

Basically, 'NAT" for IPv6 is reserved for some very specific, typically enterprise-related purposes (changing ISPs, for example).

You need to see if you can get a "prefix delegation" (IA_PD) for your devices on your subnet if you want them to have access to the rest of the world over IPv6.

If it's just among themselves, then the "ULA" will cover that (if not just link-local addresses).

2 Likes
3

I am newbee to ipv6. How could I know whether the "IA_PD" is available?
Here is my router config I hope them help

Snipaste_2019-11-20_10-41-43
Snipaste_2019-11-20_10-41-43478×636 65.8 KB
Snipaste_2019-11-20_03-06-32
Snipaste_2019-11-20_03-06-322560×1262 255 KB
Snipaste_2019-11-20_03-06-12
Snipaste_2019-11-20_03-06-121273×372 50.5 KB

4

Snipaste_2019-11-20_10-45-59
Snipaste_2019-11-20_10-45-591315×893 174 KB

here is my result of command "ip -4 route" and "ip -6 route"
I found there is a "from 2001xxxxxx" before "via fe80xxxxxxx"
which is diffrent from that of ipv4. Is it the wrong thing here?

5

Please post the output of uci show network

6

I perform a reset and simply connect to my school Wi-Fi again(I manually add a wwan6) and here is the output

network.loopback=interface
network.loopback.ifname='lo'
network.loopback.proto='static'
network.loopback.ipaddr='127.0.0.1'
network.loopback.netmask='255.0.0.0'
network.globals=globals
network.globals.ula_prefix='fdf0:b080:74ef::/48'
network.lan=interface
network.lan.type='bridge'
network.lan.ifname='eth0.1'
network.lan.proto='static'
network.lan.ipaddr='192.168.1.1'
network.lan.netmask='255.255.255.0'
network.lan.ip6assign='60'
network.lan_dev=device
network.lan_dev.name='eth0.1'
network.lan_dev.macaddr='20:76:93:46:1c:0f'
network.wan=interface
network.wan.ifname='eth0.2'
network.wan.proto='dhcp'
network.wan_dev=device
network.wan_dev.name='eth0.2'
network.wan_dev.macaddr='20:76:93:46:1c:10'
network.wan6=interface
network.wan6.ifname='eth0.2'
network.wan6.proto='dhcpv6'
network.@switch[0]=switch
network.@switch[0].name='switch0'
network.@switch[0].reset='1'
network.@switch[0].enable_vlan='1'
network.@switch_vlan[0]=switch_vlan
network.@switch_vlan[0].device='switch0'
network.@switch_vlan[0].vlan='1'
network.@switch_vlan[0].ports='0 1 2 3 6t'
network.@switch_vlan[1]=switch_vlan
network.@switch_vlan[1].device='switch0'
network.@switch_vlan[1].vlan='2'
network.@switch_vlan[1].ports='4 6t'
network.wwan=interface
network.wwan.proto='dhcp'
network.wwan6=interface
network.wwan6.proto='dhcpv6'
network.wwan6.reqaddress='try'
network.wwan6.reqprefix='no'
7

Try to change this to 'auto'

8

now my network looks like

network.wwan6.reqprefix='auto'

and it can obtain ipv6 addr successfully but my pc cannot still connect to Internet
Here is my pc network config
Snipaste_2019-11-20_18-18-54

9

Please post here the output of ifstatus wwan6

10 
root@OpenWrt:~# ifstatus wwan6
{
	"up": true,
	"pending": false,
	"available": true,
	"autostart": true,
	"dynamic": false,
	"uptime": 819,
	"l3_device": "wlan0",
	"proto": "dhcpv6",
	"device": "wlan0",
	"metric": 0,
	"dns_metric": 0,
	"delegation": true,
	"ipv4-address": [
		
	],
	"ipv6-address": [
		{
			"address": "2001:da8:bc:****:****:93ff:fe46:1c0e",
			"mask": 64,
			"preferred": 172080,
			"valid": 258480
		}
	],
	"ipv6-prefix": [
		
	],
	"ipv6-prefix-assignment": [
		
	],
	"route": [
		{
			"target": "2001:da8:bc:8f4b::",
			"mask": 64,
			"nexthop": "::",
			"metric": 256,
			"valid": 258480,
			"source": "::\/0"
		},
		{
			"target": "::",
			"mask": 0,
			"nexthop": "fe80::be3f:8fff:fe92:aa2a",
			"metric": 512,
			"valid": 1080,
			"source": "2001:da8:bc:****:****:93ff:fe46:1c0e\/64"
		}
	],
	"dns-server": [
		
	],
	"dns-search": [
		
	],
	"inactive": {
		"ipv4-address": [
			
		],
		"ipv6-address": [
			
		],
		"route": [
			
		],
		"dns-server": [
			
		],
		"dns-search": [
			
		]
	},
	"data": {
		
	}
}
11

I found something strange:
In openwrt I ping gateway(fe80::be3f:8fff:fe92:aa2a) there is no response.
But in my laptop directly connected to Wi-Fi the ping has response.

12

Install tcpdump on the router and run the following command:
tcpdump -i wlan0 -vv -n ip6 and udp port 546 & ; ifup wwan6
Collect the output and then stop tcpdump
kill $(pidof tcpdump)

13

I got

-ash: syntax error: unexpected ";"
14

Sorry

tcpdump -i wlan0 -vv -n ip6 and udp port 546 &
ifup wwan6
15

image
image1238×432 95.3 KB

16

Maybe my operation is wrong?
I open two ssh console and run ifup wwan6 on the other console I got

image
image1235×272 44.7 KB

17

Reverse the commands, that is give:
ifup wwan6 ; tcpdump -i wlan0 -vv -n ip6 and udp port 546
And please paste text in preformatted style </> instead of screeshots.

18 
root@OpenWrt:~# ifup wwan6
[1]+  Done(1)                    tcpdump -i wlan0 -vv -n ip6 and udp port 546
root@OpenWrt:~# tcpdump -i wlan0 -vv -n ip6 and udp port 546 &
root@OpenWrt:~# tcpdump: listening on wlan0, link-type EN10MB (Ethernet), capture size 262144 bytes
10:54:13.725626 IP6 (flowlabel 0x41435, hlim 1, next-header UDP (17) payload length: 114) fe80::2276:93ff:fe46:1c0e.546 > ff02::1:2.547: [udp sum ok] dhcp6 solicit (xid=c11ca2 (elapsed-time 723) (option-request SIP-servers-domain SIP-servers-address DNS-server DNS-search-list SNTP-servers NTP-server AFTR-Name opt_67 opt_82 opt_83 opt_94 opt_95 opt_96 server-unicast) (client-ID hwaddr type 1 207693461c0e) (reconfigure-accept) (Client-FQDN) (IA_NA IAID:1 T1:0 T2:0) (IA_PD IAID:1 T1:0 T2:0))
10:54:22.815639 IP6 (flowlabel 0x41435, hlim 1, next-header UDP (17) payload length: 114) fe80::2276:93ff:fe46:1c0e.546 > ff02::1:2.547: [udp sum ok] dhcp6 solicit (xid=c11ca2 (elapsed-time 1632) (option-request SIP-servers-domain SIP-servers-address DNS-server DNS-search-list SNTP-servers NTP-server AFTR-Name opt_67 opt_82 opt_83 opt_94 opt_95 opt_96 server-unicast) (client-ID hwaddr type 1 207693461c0e) (reconfigure-accept) (Client-FQDN) (IA_NA IAID:1 T1:0 T2:0) (IA_PD IAID:1 T1:0 T2:0))
10:54:39.455575 IP6 (flowlabel 0x41435, hlim 1, next-header UDP (17) payload length: 114) fe80::2276:93ff:fe46:1c0e.546 > ff02::1:2.547: [udp sum ok] dhcp6 solicit (xid=c11ca2 (elapsed-time 3296) (option-request SIP-servers-domain SIP-servers-address DNS-server DNS-search-list SNTP-servers NTP-server AFTR-Name opt_67 opt_82 opt_83 opt_94 opt_95 opt_96 server-unicast) (client-ID hwaddr type 1 207693461c0e) (reconfigure-accept) (Client-FQDN) (IA_NA IAID:1 T1:0 T2:0) (IA_PD IAID:1 T1:0 T2:0))
19

Put it in one line as I gave it to you and let it run for a minute or so. You didn't capture any interesting packets.

20

There doesn't seem to be running any DHCPv6 server.
Hence the only viable solution would be to relay the Router Advertisements and Router Solicitations

Example configuration section for relaying

# cat /etc/config/dhcp
config dhcp wan
    option dhcpv6 relay
    option ra relay
    option ndp relay
    option master 1
 
config dhcp lan
    option dhcpv6 relay
    option ra relay
    option ndp relay

https://openwrt.org/docs/guide-user/network/ipv6/start#router_advertisement_dhcpv6

1 Like