• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

WRT54G IPv6 help

Started by mcgurrin, December 14, 2010, 12:48:03 PM

Previous topic - Next topic

mcgurrin

Hello, I could use some help setting up IPv6 on a WRT54G with dd-wrt loaded, version is DD-WRT v24-sp2 (10/10/09) vpn.  I can't seem to find half of the settings that are mentioned to use IPv6.  Can anyone walk me through this step by step, I plan on assigning IPv6 IP addresses to clients on the LAN.  I have set up IPv6 with tunnelbroker.net on several systems, a single server, a school security gateway/router and another machine at my home though I will be taking the machine at home out of the equation once I get IPv6 working on the router.

Thanks,
Glenn

cholzhauer

Well, what have you tried so far?  There's a really good posting over at the DDWRT website that I looked at before.

donbushway

What size DDWRT build are you using?
You need the STD build for ipv6 the mini and micro DO NOT support it.
I have it running on my netgear no problem

mcgurrin

Quote from: donbushway on December 14, 2010, 08:05:24 PM
What size DDWRT build are you using?
You need the STD build for ipv6 the mini and micro DO NOT support it.
I have it running on my netgear no problem

Sorry about the delay, other things caught up with me and the email saying replies were posted got buried a hundred emails of so up my inbox.  I've mostly tried looking for documentation and trying to find mentioned settings in my router and have had no luck finding them.  I'm running the full size vpn version I believe "Firmware: DD-WRT v24-sp2 (10/10/09) vpn"  I know I had to flash a smaller build onto the router to get out of standard firmware and then I believe I went for the full size version from there with vpn as that was something I have wanted, though I never got that working.  If it is easier to set it up on a Debian box that is inside the network that is an option though I would prefer the setup be on the router.  I have set up IPv6 with router advertisement before but that was on a very high end very graphical system for a business though I may one day use the free version for personal use at home (Astaro ASG, prices from $1000/yr not including hardware and up except there is a free noncommercial home version available.).  Can you give me the link to the DDWRT website posting so that I can look at it, that might be helpful to me figuring out more myself.
Thanks,
Glenn McGurrin

cholzhauer


mcgurrin

#5
Quote from: cholzhauer on December 18, 2010, 09:08:48 AM
Here's that link

http://www.dd-wrt.com/wiki/index.php/IPv6

Thanks, it took at bit of fiddling and flashing firmware to a different version of dd-wrt but some of it is now working, I get IPv6 addresses internally but they are not in my routed block and so I can't do anything external, I also would like some help making sure that incoming IPv6 is forwarded as part of the goal of this is to be able to get remote access to all of my machines on the standard ports not just one.  This is an issue for me because of a firewall I am often behind which gives IPv6 addresses out but filters outgoing traffic to only allow certain ports and traffic types out which includes every port I need except for one but not enough ports to use a nonstandard port for things like ssh.  Thanks, my configurations as of right now are below though I will be playing with them to try to get them working.

EDIT: ifconfig on the router shows no IPv6 addresses and I forgot to post the configs they are now below

Startup: insmod ipv6
sleep 5
WANIP=$(ip -4 addr show dev vlan1 | awk '/inet / {print $2}' | cut -d/ -f1)
MY_TUNNEL_ADDR="2001:470:1f06:cef::2" # change me (changed)
MY_ROUTED_ADDR="2001:470:1f07:cef::1" # change me (changed)
echo "External IP:" $WANIP > /jffs/startup.debug
if [ -n $WANIP ]
then
echo "configuring tunnel" >> /jffs/startup.debug

# The following commands are straight from HE's website
ip tunnel add he-ipv6 mode sit remote 209.51.161.14 local $WANIP ttl 255 metric 1
ip link set he-ipv6 up metric 1
ip addr add $MY_TUNNEL_ADDR/64 dev he-ipv6 metric 1
ip route add ::/0 dev he-ipv6 metric 1

# These commands aren't on HE's website, but they're necessary for the tunnel to work
ip -6 addr add $MY_ROUTED_ADDR/64 dev he-ipv6 metric 1
ip -6 addr add $MY_ROUTED_ADDR/64 dev br0 metric 1
ip route add 2000::/3 dev he-ipv6 metric 1

echo "starting radvd" >> /jffs/startup.debug
radvd -C /tmp/radvd.conf &
fi


ravd:

interface br0 {
  MinRtrAdvInterval 3;
  MaxRtrAdvInterval 10;
  AdvLinkMTU 1280;
  AdvSendAdvert on;
  prefix 0:0:0:1::/64 {
   AdvOnLink on;
   AdvAutonomous on;
   AdvValidLifetime 86400;
   AdvPreferredLifetime 86400;
   Base6to4Interface vlan1;
   AdvRouterAddr on;
  };
};


EDIT2:

I forgot to post one address a machine got for itself as it is not in the same area of addresses at all:
2002:62a9:20c6:1:5ab0:35ff:fef8:5fb

donbushway

These are the corrections that I see

MY_ROUTED_ADDR="2001:470:1f07:cef::1" # change me (changed)
Should be
MY_ROUTED_ADDR="2001:470:1f06:cef::1" # change me (changed)


ip -6 addr add $MY_ROUTED_ADDR/64 dev br0 metric 1
Should be
ip -6 addr add 2001:470:1f07:cef::1/64 dev br0 metric 1


In radvd
prefix 0:0:0:1::/64 {
Should be
prefix 2001:470:1f07:cef::/64 {

Don

mcgurrin

Quote from: donbushway on December 21, 2010, 03:08:26 PM
These are the corrections that I see

MY_ROUTED_ADDR="2001:470:1f07:cef::1" # change me (changed)
Should be
MY_ROUTED_ADDR="2001:470:1f06:cef::1" # change me (changed)


ip -6 addr add $MY_ROUTED_ADDR/64 dev br0 metric 1
Should be
ip -6 addr add 2001:470:1f07:cef::1/64 dev br0 metric 1


In radvd
prefix 0:0:0:1::/64 {
Should be
prefix 2001:470:1f07:cef::/64 {

Don

Thanks, I have now tried that but it is still not working  The ravd I had already tried and I have left it changed, on the startup script I am more unsure because I am using sp1 as there is no mega build for my router and my new startup script is below and I am wondering if the insmod is one issue.

insmod ipv6
#insmod sit
#insmod /lib/modules/`uname -r`/ipv6.o


sleep 5
WANIP=$(ip -4 addr show dev vlan1 | awk '/inet / {print $2}' | cut -d/ -f1)
MY_TUNNEL_ADDR="2001:470:1f06:cef::2" # change me (changed)
MY_ROUTED_ADDR="2001:470:1f06:cef::1" # change me (changed)
echo "External IP:" $WANIP > /jffs/startup.debug
if [ -n $WANIP ]
then
echo "configuring tunnel" >> /jffs/startup.debug

# The following commands are straight from HE's website
ip tunnel add he-ipv6 mode sit remote 209.51.161.14 local $WANIP ttl 255 metric 1
ip link set he-ipv6 up metric 1
ip addr add $MY_TUNNEL_ADDR/64 dev he-ipv6 metric 1
ip route add ::/0 dev he-ipv6 metric 1

# These commands aren't on HE's website, but they're necessary for the tunnel to work
ip -6 addr add $MY_ROUTED_ADDR/64 dev he-ipv6 metric 1
ip -6 addr add 2001:470:1f07:cef::1/64 dev br0 metric 1
ip route add 2000::/3 dev he-ipv6 metric 1

echo "starting radvd" >> /jffs/startup.debug
radvd -C /tmp/radvd.conf &
fi

donbushway

With the radvd change you should now have valid ip's assigned to your computers within your /64.

You also need to add firewall rules this will allow everything through.

iptables -I INPUT 2 -p ipv6 -i vlan1 -j ACCEPT