On 09/17/2016 01:01 PM, Lew Wolfgang wrote:
Hi Folks,
I finally started to fiddle with my router's IPv6 configuration. My ISP (Cox cable modem) advertises v6 compatibility, so things should work if all my stars line up, right?
The router is a ZyXEL USG 20W, but I'm not using the Wifi radio portion.
I click the /system/IPv6 "Enable IPv6" check box and it then enables v6 configuration options.
Under /Network/Interface/Ethernet I now get options to configure the logical interfaces. (the USG 20W allows individual RJ45 Ethernet ports to be assigned to logical interfaces. I've got switches connected to the various ports to segment the lan appropriately.) IPv6 is disabled for all interfaces at this point. So I click on wan1 to edit it's config and am presented with these interesting options, among others:
Yes/No: Enable SLACC V6 Address/Prefix Length (optional) Gateway (optional) Metric: 0-15 Address from DHCPv6 Delegation (add entries) DHCPv6: Server/Client/Relay Yes/No: Enable Router Advertisement Yes/No: Advertised Hosts get Network Config from DHCP6 Yes/No: Advertised Hosts get Other Config from DHCP6 MTU: 1480 default Router Preference: Low/Medium/High Advertised Prefix Table: Add IPv6 address/prefix length Advertised Prefix from DHCPv6 Prefix Delegation (add entries) Egress bandwidth: for load balancing Ingress bandwidth: for load balancing
LAN1, LAN2, and DMZ have similar configuration screens.
Certainly not plug-and-play!
The modem/router provided by my ISP certainly was. Just plug it in and it works. On the otherhand, the firewall I use, pfSense, has more options.
I'm sure that many of the config choices have reasonable defaults, but above that I haven't the foggiest notion how to configure this, and also how to test the configs for proper security. I'm sure I could figure it all out, but at this point in time, why bother? Maybe sometime if I've got a long weekend when no one else is using the network I'll fiddle with it again.
Regards, Lew
You want SLAAC on and it will automagically set your prefix and network address. BTW, the local LAN prefix is normally a /64, providing 64 bits for the network address and 64 for the host. The prefix serves the exact same function as the subnet mask in IPv4. Gateway and metric work the same as IPv4. Address from DHCPv6 Delegation (add entries) DHCPv6: Server/Client/Relay You generally don't need DHCPv6, though it can be used to hand out things like NTP server addresses etc. Yes/No: Enable Router Advertisement Yes, as that's how your devices normally get their prefix. MTU depends on your Internet connection, just as with IPv4 Many of the others are not relevant to small networks as, for example, I doubt you're using load balancing. Yours is more complex because you have a router that's more intended for business use, where they'd have more complex networks, than for home, small office use. Many of those settings would also apply to IPv4. As I mentioned, I'm running pfSense and it has a lot of options that I don't worry about, as they don't apply to me. I also have a Cisco router here, which I could certainly configure for my Internet connection, but it has far more options than I'd ever need for my home network. Incidentally, a company I set up a VoIP system for, week before last, has the same ISP and cable modem as I do. They had IPv6 up & running even though the didn't even know anything about it. The ISP's modem/router was all ready to go with IPv6, right out of the box. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org