Zen and IPv6
I’ve run IPv6 at home for a while now using a tunneled connection provided by SIXXS. However, my ISP (Zen) recently announced that they are trialing native IPv6. Naturally, I signed up as soon as I could – tunneled IPv6 is good, but native IPv6 is better! I was activated on the trial today and i’m currently writing this post using a fully native IPv6 connection.
My router runs OpenWRT, so I was expecting setup to be reasonably simple. In the end, it wasn’t as simple as I was expecting but that was due to a lack of knowledge anywhere on how to get this going. The simple configuration is below, with an explanation afterwards. Don’t start applying this configuration until;
- Zen has confirmed you’re on the IPv6 trial, and has sent you an email with your IPv6 addresses.
- You have rebooted your FTTC modem. IPv6 isn’t enabled until your PPPoE session has restarted!
First, you’ll need to edit your /etc/config/network file so that it has the following entries;
config interface 'wan' option ifname 'eth0' option _orig_ifname 'eth0' option _orig_bridge 'false' option proto 'pppoe' option username 'username@zen' option password 'password' option peerdns '0' option dns '184.108.40.206 220.127.116.11 2001:4860:4860::8888 2001:4860:4860::8844' option ipv6 'auto' config interface 'wan6' option proto 'dhcpv6' option ifname '@wan' option reqaddress 'try' option reqprefix 'auto'
Then, make sure the new wan6 interface is present in your firewall zone configuration;
config zone option name 'wan' option input 'REJECT' option output 'ACCEPT' option masq '1' option mtu_fix '1' option network 'wan wan6' option forward 'REJECT'
Finally, commit the configuration changes using uci commit and then reload the network configuration by running the command /etc/init.d/network reload . If you run ifconfig pppoe-wan, you should see that you have a shiny new /64 IPv6 address as well as your existing IPv4 address, hurrah!
The easiest test is to run a ping test against Google using ping6 ;
root@router:~# ping6 google.com PING google.com (2a00:1450:4009:801::200e): 56 data bytes 64 bytes from 2a00:1450:4009:801::200e: seq=0 ttl=59 time=12.705 ms 64 bytes from 2a00:1450:4009:801::200e: seq=1 ttl=59 time=11.588 ms 64 bytes from 2a00:1450:4009:801::200e: seq=2 ttl=59 time=11.159 ms 64 bytes from 2a00:1450:4009:801::200e: seq=3 ttl=59 time=11.725 ms ^C --- google.com ping statistics --- 4 packets transmitted, 4 packets received, 0% packet loss round-trip min/avg/max = 11.159/11.794/12.705 ms
Zen give you two prefixes;
- /64 Neighbour Discovery – This is the address assigned to your WAN interface, for communication with Zen’s upstream network.
- /48 Delegation Prefix – This is assigned to hosts on your LAN network.
OpenWRT’s DHCPv6 implementation will automatically grab both prefixes, assign them to the appropriate interfaces and act as a DHCPv6 server on the LAN interface using the delegated prefix. Any LAN devices that use automatic address assignment for IPv6 should quickly pick up an address from the delegated prefix.
So, why do two interfaces need to be configured when the existing WAN connection has an IPv6 option? The existing PPPoE WAN connection is a virtual point-to-point (hint: PPP!) connection that runs over your physical (e.g. eth0) ethernet connection (hint: oE). Therefore, we need to create a separate virtual interface that will use DHCPv6 over the existing PPPoE connection, which is where the wan6 connection comes in. It is absolutely vital that the ifname configuration for the wan6 interface uses @wan (a variable that refers to the virtual PPPoE connection) instead of the physical connection, otherwise an IPv6 address won’t be obtained.
So far, i’ve only had this up and running for a number of hours, but everything seems rock solid so far. Latency is a few milliseconds lower compared to the tunneled connection, and being able to run at a “native” MTU rather than a reduced one for tunneling is also advantageous.
Hopefully this helps if you’re also getting started on Zen’s IPv6 trial. Good luck!