Dear all,
I have crated a VLAN, DHCPv4 works fine, because I permit UDP Ports 67-68 (VLAN --> Router).
option ra 'server'
option dhcpv6 'server'
list ra_flags 'managed-config'
list ra_flags 'other-config'
Are there any firewall ports to be opened, so that the VLAN can communicate with the dhcpv6 server?
WAN6 receives a /60 network and hands out a /64 to this VLAN - well... no DHCPv6, yet...
What else did I forget to get this working?
Kind regards,
mk24
November 7, 2024, 4:29pm
2
DHCPv6 uses port 547 UDP client to router, and 546 for router to client.
Ah - lovely!
Adding
config rule
option name 'IOT Allow DHCP'
list proto 'udp'
option src 'iot'
option dest_port '67-68 547'
option target 'ACCEPT'
config rule
list proto 'icmp'
option src 'iot'
option target 'ACCEPT'
option name 'Allow IOT ICMP'
got me DHPCv6
Thank you kindly!
2 Likes
mk24
November 7, 2024, 4:42pm
4
As you have it now, port 547 is needlessly also open for IPv4. You really should write v4 and v6 as separate rules with an option family ipv4 or option family ipv6 restricting each rule to allow only its applicable family.
2 Likes
Agreed. Sometimes, being lazy doesn't pay off.
1 Like