Differences

This shows you the differences between two versions of the page.

--- basic-ipv6 [2022/07/22 09:24] – [IPv6 DUID Type] m_ars
+++ basic-ipv6 [2025/01/28 12:39] (current) – pedro
@@ Line 1: / Line 1: @@
-====== IPv6 ======
+====== IPv6 (Configuration) ======
-The IPv6 menu contains setttings for configuring basic IPv6 functionality on FreshTomato.
+This menu has settings for configuring basic IPv6 routing functionality. Settings here affect //only routed packets//. Generally, IPv6 packets always travel through a FreshTomato router's switch on the LAN, regardless of these settings.
-===== IPv6 Service Type =====
+ \\ **IPv6 Service Type**: lets you select the Service Type.
-IPv6 has a number of services, or modes of operation which it can use. Some partly depend on IPv4 services, and others are run entirely independent of IPv4. Please ask your Internet Provider or search the Web to learn which IPv6 service type is used on your your ISP's network.
+IPv6 has several service types, or "modes" it can use. Some service types partly depend on IPv4 services. Others run independently of IPv4. Ask your Internet provider or search the web to find which type your provider uses.
-//Note about MultiWAN setups://
+Depending on the service type you select, various fields may appear, prompting you for appropriate settings.  \\   \\ Options include:  \\
-FreshTomato does not currently support IPv6 in MultiWAN configurations. Only the first WAN interface can/will use IPv6.
+  * Disabled *
+  * DHCP with PD
+  * Static IPv6
+  * 6in4 Anycast Relay
+  * 6in4 Static Tunnel
+  * 6rd Relay
+  * 6rd from DHCPv4
+  * Other (Manual Configuration)
-==== Disabled ====
+ \\
-This is the Default state. IPv6 is disabled by default. (IPv6 traffic will still flow/work if in access point mode, for example.)
+Currently, IPv6 **is not** supported in MultiWAN configurations. Only the first WAN interface can use IPv6.
-[[https://wiki.freshtomato.org/lib/exe/detail.php?id=ipv6&media=2fc0f7d6120da595c3b6b77f52a7f4bf.png|{{:2fc0f7d6120da595c3b6b77f52a7f4bf.png}}]]
+ \\
-==== DHCPv6 with Prefix Delegation ====
+[Disabled]: IPv6 is disabled by default. IPv6 traffic will still flow if in access point mode.
-This configuration method is one of the most commonly used. It provides native IPv6 connectivity for your network. It allows the ability to assign different IPv6 address ranges for bridge 0 (br0) to 3 (br3) if you're given a prefix with length smaller than 64 (for example 60 or 56) from your Internet provider. The option to assign IPv6 address ranges for bridge 1 (br1) to 3 (br3) is only visible if the bridges already exist. Check your configuration in the Basic/[[:network|Network]] menu to learn more.
+ \\
-**Configuration example for German Telekom ISP**
+[DHCPv6 with Prefix Delegation]
-Europe's biggest telecommunications company supports a dual-stack setup (IPv4 & IPv6). By default, German Telekom provides a prefix length of 56 for regular consumers. A prefix length of 64 (the default configuration for FreshTomato) will also work, but eliminates the possibility of assigning different IPv6 address ranges for bridge 1 (br1) to 3 (br3).
+The most commonly-used Service Type, this provides native IPv6 connectivity to your network. If your ISP gives you a prefix with length smaller than 64, this mode lets you assign different IPv6 address ranges to bridges 0 (br0) through bridge 3 (br3). Other common prefixes are 56 or 60. The option to assign IPv6 address ranges for bridge 1 (br1) through 3 (br3) is available only for bridges that already exist. Check your settings in the [[basic-network|Network]] menu to learn more.
-{{https://wiki.freshtomato.org/lib/plugins/ckgedit/fckeditor/userfiles/image/pasted/ft_basic_ipv6_dhcpv6_01.png?1000x906&nolink}}
+ \\
-**Extended options are available for IPv6 DHCPv6 PD - if bridges 1 (br1) to 3 (br3) exist AND if the prefix length is smaller than 64 (for example 60 or 56)**
+//Example Configuration: German Telekom//
-{{https://wiki.freshtomato.org/lib/plugins/ckgedit/fckeditor/userfiles/image/pasted/ft_basic_ipv6_dhcpv6_02.png?855x473&nolink}}
+German Telekom supports a dual-stack setup of IPv4 and IPv6. For most consumers, it provides a default prefix length of 56. A prefix length of 64 (FreshTomato default) also works. However, with a 64 prefix, it's not possible to assign different IPv6 address ranges to bridges 1 (br1) through 3 (br3).
-==== Static IPv6 ====
+ \\
-This mode is similar to the Static IP mode in IPv4. The IP adddess and other info. are set within FreshTomato's configuration menu. As long as they are consistent with the rules of your Internet provider, they should function fine.
+{{::ipv6-service_type-dhcp6_with_pd.png?435}}
-==== 6to4 Anycast Relay ====
+ \\
-tbd.
+ \\
-==== 6in4 Static Tunnel ====
+Other options exist in this mode. If the prefix is smaller than 64, and bridges 1 through 3 exist, you can enable subnets for those bridges.
-tbd.
+See the image below for details: \\ \\ \\ {{::ft_basic_ipv6_dhcpv6_02-2020.7.jpg?731}}
-==== 6rd Relay ====
+ \\
-tbd.
+ \\
-==== 6rd from DHCPv4 (Option 212) ====
+[Static IPv6]
-tbd.
+This mode is similar to Static IP mode in IPv4. You must enter the IP address and other settings into this menu. Your ISP provides these settings.
-==== Other (Manual Configuration) ====
+ \\
-tbd.
+{{::ipv6-config-static.png?624}}
-===== IPv6 DUID Type =====
+ \\
-Every DHCP client and server does have a DUID (DHCP Unique Identifier). The DHCP server uses the DUID to identify the clients for the selection of configuration parameters.
+[6to4 Anycast Relay]
-Options:
+to4 is a transitional protocol for migrating from IPv4 to IPv6.  6to4 acts as a transparent transport layer between IPv6 nodes. It allows IPv6 packets to be transmitted over an IPv4 network, such as the Internet, without having to configure explicit tunnels. 6to4 hosts and networks communicate with native IPv6 networks via Special relay servers, known as "6to4 Anycast Relays".
-  * DUID-LL (default)
+Note that 6to4 //does not support communication between IPv4-only hosts and IPv6-only hosts.//
-  * DUID-LLT
-DUID-LL will use the LAN (eth0) MAC address and will not change (static always) over time. DUID-LLT will in addition include time value, and will change on every reboot or reconnect of the WAN interface. You can see the currently used DUID at the GUI Status Overview.
+ \\
-Support for this option is available starting with release 2022.4
+{{::ipv6-service_type-6to4_anycast_relay.png?499}}
-Note: DUID-EN or DUID-UUID or a custom DUID are currently not supported.
+ \\
-{{:pasted:20220722-092300.png?400}}
+to4 Anycast Relay performs these functions:
+  - Assigns a block of IPv6 address space to any host  \\ or network with a global IPv4 address.
+  - Encapsulates IPv6 packets inside IPv4 packets for  \\ for transmission over an IPv4 network using 6in4.
+  - Routes traffic between 6to4 and "native" IPv6 networks.
-===== Prefix Length =====
+\\
-The network prefix contains the most significant bits of the address. The leading bits of addresses are identical for all hosts in your assigned network.
+[6in4 Static Tunnel]
-(Default: 64 bits). This can be changed to, for example, 56 bits.
+This static VPN tunneling protocol allows IPv6 traffic to be transmitted over IPv4-only infrastructure. It's also known as "proto-41 static". This is because it has been designated IP protocol 41 and because each endpoint must be explicitly configured.
-===== Request PD Only =====
+in4 Static tunnels IPv6 packets inside IPv4 packets. It's a transitional protocol, to help us get through the transition to all IPv6.
-This function should be enabled for ISPs that require only a Prefix Delegation (usually PPPoE-authenticated xDSL or fiber connections).
+Generally, 6in4 static uses a tunnel broker, a third-party service that provides an encrypted tunnel between you and your destination (ISP). Probably the most common tunnel broker is tunnelbroker.net. If you use a tunnel broker, you must set up a free account on their website //before// using 6in4 Static.
-===== Add default route ::/0 =====
+ \\
-IPv6 Router Advertisements (via the WAN interface, through IPv6 ICMP) will add the default route, so this option should not be enabled/required. However, some ISPs, such as Snap (NZ), or Internode (AU) may require that you specify the default route / workaround..
+//Example Configuration through Tunnelbroker.net//
-see also [[https://www.linksysinfo.org/index.php?threads/ipv6-and-comcast.38006/|https://www.linksysinfo.org/index.php?threads/ipv6-and-comcast.38006/]]
+This example uses tunnelbroker.net to create a standard tunnel.
-===== Static DNS =====
+ \\
-Tomato users can add or specify DNS server addresses. For example, If you are using DHCPv6 with PD on the ISP German Telekom, DHCP will automatically provide two IPv6 DNS server addresses. However, you can still manually add static DNS addresses if you wish.
+  - Login to tunnelbroker.net and click "Create a Regular Tunnel". \\  \\
+  - On the "Create New Tunnel" page, enter your router's current IPv4 WAN address \\ into the "IPv4 Endpoint (Your Side)" field. \\  \\
+  - Tunnelbroker.net tries to detect your current IPv4 WAN address, and displays it\\ after the words: “You are viewing from:”. If it's correct, copy and paste it into the \\ “IPv4 Endpoint address” field. \\ \\ \\ {{::basic-ipv6-6in4_example-tunnelbroker.net-create_a_new_tunnel_2-redacted.png?467}} \\  \\
+    - The bar under IPv4 endpoint should display: "Checking...", then turn green. \\ It should then display: "IP is a potential tunnel endpoint."  An ICMP reachability \\ test passed. If it doesn't, and reports ICMP is blocked to that address, you must \\ go to FreshTomato's Firewall menu, and enable //WAN interfaces respond to ping //\\ //and traceroute//. This will allow FreshTomato to respond to tunnelbroker.net's \\ ICMP test to check\\ its connection to your router.
+    - Select the closest city to your router from the list.
+    - Click Create Tunnel.
-**Examples:**
+ \\
+ \\
+You should now see the Tunnel Details webpage shown below:
+{{::basic-ipv6-6in4_example-tunnelbroker.net-tunnel_details-ipv6_tunnel_2-redacted.png?526}}
+ \\
+By default, tunnelbroker.net assigns your routed endpoint a routed IPv6 prefix of /64. This lets your endpoint act as the router for your netblock, and use RA/SLAAC or DHCPv6 to assign IP addresses from this allocation to your LAN.
+ \\
+Now, enter the corresponding data from Tunnel Details into FreshTomato:
+ \\
+  - Select the 6in4 Static Tunnel IPv6 Service Type. \\  \\
+  - Copy the Routed /64 address from Tunnel details and paste it in the\\ FreshTomato Assigned/Routed Prefix field. \\  \\
+  - Select a Prefix Length of 64. You can sign up for other prefix lengths. \\ \\ \\ {{::basic-ipv6-6in4_example-tunnelbroker.net-tunnel_details-ipv6_tunnelpng-redacted.png?584}} \\  \\  \\
+  - Leave the IPv6 Router LAN Address at the Default. \\  \\
+  - In the first Static DNS field, enter the Anycast IPv6 Caching Nameserver address in Tunnel Details. \\  \\
+  - In the second Static DNS field, you can (optionally) enter an external DNS server address. \\  \\
+  - If you want clients on your LAN to be able to autoconfigure IPv6 addresses, check that \\ IPv6 Router Advertisements are enabled in [[advanced-dhcpdns|DHCP/DNS/TFTP]]. \\ These configuration options only appear when IPv6 is enabled. \\  \\
+  - From Tunnel Details, copy the Server IP4 address and paste it the Tunnel Remote Endpoint field. \\  \\
+  - From Tunnel Details, copy the Client IPv6 address and paste it the Tunnel Client IPv6 address field. \\  \\
+  - Leave Tunnel MTU and Tunnel TTL at their defaults. Click Save. \\  \\
+  - If your IP address is dynamic, you must use DDNS to update the "Client IPv4 Address" automatically when it changes. For an example, see this thread: [[https://www.linksysinfo.org/index.php?threads/setting-up-ipv6-for-he-tunnelbroker.35297/]]
+ \\
+For more details, see tunnelbroker.net's tutorial for creating tunnels: [[https://ipv6.he.net/presentations.php]] \\   \\ [6rd Relay]
+ \\ FIXME  \\
+ \\   \\ [6rd from DHCPv4 (Option 212)]
+ \\ FIXME  \\
+ \\   \\ [Other (Manual Configuration) ]
+ \\
+{{::ipv6-service_type-other_manual_configuration.png?544}}
+ \\  \\
+**Debug**
+Enabling this sets the Logging Detail level to to Debug Level. All messages of debug level or higher will be logged.\\  \\
+ \\  \\ **IPv6 DUID Type**
+Every DHCP client/server has a DHCP Unique Identifier. The DHCP server uses it to identify clients for selection of configuration parameters.
+Options:
+  * DUID-LL (default) - uses the LAN (eth0) MAC address and will not \\ change over time.
+  * DUID-LLT - uses the LAN MAC address, but in addition, will include \\ time value, and will change on every reboot/reconnection of the WAN interface.
+ \\ You can see the DUID type currently used in the [[status-overview|Overview]] menu.
+Support for DUID Type started in release 2022.4. Fixed DUID types and custom DUIDS are not supported.
+ \\ {{ipv6-config.png?471}}
+ \\
+ \\
+**Prefix Length**  \\ The network prefix is analogous to an IPv4 subnet mask. It represents the network portion (most significant bits) of the address. The leading bits are identical on all assigned network hosts.
+Other options commonly used include 56 bits. (Default: 64).
+ \\ **Request PD Only**  \\ This setting should be enabled for ISPs that require only a Prefix Delegation. This is usually PPPoE-authenticated DSL/fiber connections.
+ \\ **Do not allow PD/Address release**
+Enabling this prevents disconnecting DHCP6 clients disconnecting from the ISP from sending a release message. Enabling it makes the client more likely to receive the same allocation on subsequent requests. Support for this option started in release 2022.4.
+ \\
+**Add default route ::/0**  \\ IPv6 Router Advertisements (through IPv6 ICMP on the WAN interface) will add the default route. As a result, this option is usually required. However, some ISPs, such as Snap (NZ), or Internode (AU) may require you to specify the default route / workaround.
+See also [[https://www.linksysinfo.org/index.php?threads/ipv6-and-comcast.38006/|Linksysinfo.org: IPv6 and Comcast]]
+ \\ **Static DNS**  \\ FreshTomato users can specify DNS server addresses. For example, if you are using DHCPv6 with PD on the ISP German Telekom, DHCP will automatically provide two IPv6 DNS server addresses. However, you can still manually add static DNS addresses if you wish.  \\
+Examples:
   * 2001:4860:4860::8888 (Google public IPv6 DNS Server)
   * 2001:4860:4860::8844 (Google public IPv6 DNS Server)
-===== Accept RA from =====
+ \\ **Accept RA from**
 This function will cause Tomato to accept IPv6 Router Advertisements.
-Options:
+Options:  \\
+  * WAN - FreshTomato will accept IPv6 router advertisements \\ on the WAN interface.
+  * LAN - FreshTomato will accept IPv6 router advertisements \\ on the LAN interface.
+ \\
+When using DHCPv6 with Prefix Delegation, this option is enabled on the WAN interface. It can't be disabled, as it is necessary for that service type.
+\\
+===== IPv6 Notes and Troubleshooting =====
+IPv6 is still new to many people and can be quite different from IPv4. Here are some good sources for learning IPv6 basics:
+Network Lessons: Introduction to IPv6
+[[https://networklessons.com/ipv6|https://networklessons.com/ipv6]]
+ \\
+Professor Messer: Assigning IPv6 addresses
-  * WAN - Tomato will accept IPv6 Router Advertisements on the WAN interface.
+[[https://www.professormesser.com/network-plus/n10-009/n10-009-video/ipv6-addressing-n10-009/|Professor Messer: Network Plus-IPv6 Addressing]]
-  * LAN - Tomato will accept IPv6 Router Advertisements on the LAN interface.
-Note: When using DHCPv6 with Prefix Delegation, this option will always be enabled for the WAN interface. It cannot be disabled, since it is a necessity for this mode.
+ \\

FreshTomato Wiki

User Tools

Site Tools

Differences

Page Tools