IPv6 through WLAN access point revisited
Wednesday, August 28. 2013
This is a follow-up for my previous article about running IPv6 and WLAN access point. There I said "This was actually very easy to do into DD-WRT" and now I'd like to take that back. 
It seemed to be easy, but ... Here are my settings in detail. Btw. I'm running DD-WRT v24-sp2 big
Release: 07/24/13 (SVN revision: 22118)
1. disable the autoconfiguration from the WLAN access-point and manually define a static IPv6-address
This is the part which I struggled the most. Sure it is easy to remove the manually assigned IPv6-address from an interface, just run:
ip -6 addr delete 2001::-da-IP-here-/64 dev br0
on a shell. It will drop the autoconfigured address and it will stay away. For a while. It surely won't survive a reboot.
To make this stick, go to web GUI Administration --> Commands and add a startup command:
echo 1 > /proc/sys/net/ipv6/conf/all/forwarding
echo 0 > /proc/sys/net/ipv6/conf/all/autoconf
echo 0 > /proc/sys/net/ipv6/conf/all/accept_ra
echo 0 > /proc/sys/net/ipv6/conf/all/accept_ra_pinfo
/usr/sbin/ip -6 addr add 2001:-da-IP-here-/64 dev br0
That makes the settings stick. Autoconfiguration will be gone and a static address will be assigned instead. I attempted at least 20 different combinations while looking the sysctl-settings list, but that was the 1st one I found to be actually functional for deactivating the autoconfig.
2. use a static default route from the WLAN access-point and confirm that it has proper IPv6-connectivity
4. make sure, that any incoming traffic from the mobile clients is
properly routed to the real IPv6-router, and confirm that traffic flows
both ways
Yet again, go to web GUI Administration --> Commands and add a startup command:
/usr/sbin/ip -6 route add default via 2001:-da-router-IP-here-::1 metric 1
That creates a static route which will work and fulfill the 2). To achieve 4) make sure to have the metric 1 at the end.
3. run router advertisement daemon (RADVD) to advertise the WLAN access-point as a proper router for any wireless clients
In the DD-WRT IPv6 article it said that RADVD configuration should be like this:
interface br0 {
AdvSendAdvert on;
prefix 0:0:0:1::/64 {
AdvOnLink on;
AdvAutonomous off;
};
};
Don't do that! DON'T! It will royally fuck up your LAN. Nothing in IPv6-land will work if you literally copy/paste that like they suggest. The problem is with the prefix of 0:0:0:1::/64, it will assume that your network has that /64-prefix and assign route and IP-address for any IPv6-host with that prefix. I can bet you $1.000.000 dollars, that it will not be your IPv6-prefix.
... and win.
Just put the exactly same prefix your real IPv6-router has. The WLAN access point's RADVD should be configured pretty much exactly alike. For the configuration directives see radvd.conf manual-page. It literally says:
- AdvSendAdvert: do send advertisements, default is off
- AdvOnLink: use the prefix for link determination (meaning: yes you can get to The Net via this), it is on by default, you really don't need this line at all
- AdvAutonomous: do distribute new the IP-addresses from this RADVD to your wireless (and wired) clients, yet again it is on by default and you really don't need this
With these settings I succeeded a reboot and still had my wireless and wired clients working using either of the two IPv6-routers. On Windows the setup will display two default routes, like this:
PS C:\Windows\system32> netsh interface ipv6 show route
Publish Type Met Prefix Idx Gatewa
------- -------- --- ------------------------ --- ------
No Manual 256 ::/0 18 fe80::
No Manual 256 ::/0 18 fe80::
On Linux:
# ip -6 route show | fgrep default
default via fe80:: dev eth0 metric 1024 expires 0sec mtu 1280 hoplimit 64
default via fe80:: dev eth0 metric 1024 expires 0sec mtu 1280 hoplimit 64
That's ok. IPv6 will support that ok. Just be aware, that your traffic may route either way.
Comments
Display comments as
(Linear | Threaded)
Add Comment
This is a follow-up for my previous article about running IPv6 and WLAN access point. There I said "This was actually very easy to do into DD-WRT" and now I'd like to take that back.
It seemed to be easy, but ... Here are my settings in detail. Btw. I'm running DD-WRT v24-sp2 big
Release: 07/24/13 (SVN revision: 22118)
1. disable the autoconfiguration from the WLAN access-point and manually define a static IPv6-address
This is the part which I struggled the most. Sure it is easy to remove the manually assigned IPv6-address from an interface, just run:
ip -6 addr delete 2001::-da-IP-here-/64 dev br0
on a shell. It will drop the autoconfigured address and it will stay away. For a while. It surely won't survive a reboot.
To make this stick, go to web GUI Administration --> Commands and add a startup command:
echo 1 > /proc/sys/net/ipv6/conf/all/forwarding
echo 0 > /proc/sys/net/ipv6/conf/all/autoconf
echo 0 > /proc/sys/net/ipv6/conf/all/accept_ra
echo 0 > /proc/sys/net/ipv6/conf/all/accept_ra_pinfo
/usr/sbin/ip -6 addr add 2001:-da-IP-here-/64 dev br0
That makes the settings stick. Autoconfiguration will be gone and a static address will be assigned instead. I attempted at least 20 different combinations while looking the sysctl-settings list, but that was the 1st one I found to be actually functional for deactivating the autoconfig.
2. use a static default route from the WLAN access-point and confirm that it has proper IPv6-connectivity
4. make sure, that any incoming traffic from the mobile clients is
properly routed to the real IPv6-router, and confirm that traffic flows
both ways
Yet again, go to web GUI Administration --> Commands and add a startup command:
/usr/sbin/ip -6 route add default via 2001:-da-router-IP-here-::1 metric 1
That creates a static route which will work and fulfill the 2). To achieve 4) make sure to have the metric 1 at the end.
3. run router advertisement daemon (RADVD) to advertise the WLAN access-point as a proper router for any wireless clients
In the DD-WRT IPv6 article it said that RADVD configuration should be like this:
interface br0 {
AdvSendAdvert on;
prefix 0:0:0:1::/64 {
AdvOnLink on;
AdvAutonomous off;
};
};
Don't do that! DON'T! It will royally fuck up your LAN. Nothing in IPv6-land will work if you literally copy/paste that like they suggest. The problem is with the prefix of 0:0:0:1::/64, it will assume that your network has that /64-prefix and assign route and IP-address for any IPv6-host with that prefix. I can bet you $1.000.000 dollars, that it will not be your IPv6-prefix. ... and win.
Just put the exactly same prefix your real IPv6-router has. The WLAN access point's RADVD should be configured pretty much exactly alike. For the configuration directives see radvd.conf manual-page. It literally says:
- AdvSendAdvert: do send advertisements, default is off
- AdvOnLink: use the prefix for link determination (meaning: yes you can get to The Net via this), it is on by default, you really don't need this line at all
- AdvAutonomous: do distribute new the IP-addresses from this RADVD to your wireless (and wired) clients, yet again it is on by default and you really don't need this
With these settings I succeeded a reboot and still had my wireless and wired clients working using either of the two IPv6-routers. On Windows the setup will display two default routes, like this:
PS C:\Windows\system32> netsh interface ipv6 show route
Publish Type Met Prefix Idx Gatewa
------- -------- --- ------------------------ --- ------
No Manual 256 ::/0 18 fe80::
No Manual 256 ::/0 18 fe80::
On Linux:
# ip -6 route show | fgrep default
default via fe80:: dev eth0 metric 1024 expires 0sec mtu 1280 hoplimit 64
default via fe80:: dev eth0 metric 1024 expires 0sec mtu 1280 hoplimit 64
That's ok. IPv6 will support that ok. Just be aware, that your traffic may route either way.