Exetel IPv6

Exetel IPv6 learnings on Unifi…

Login

Blog History

Exetel IPv6 learnings on Unifi UDM

Exetel hands out a /60 by default

Note: The IPv6 addresses below have been tweaked to hide the actual network prefix and host portion.

Exetel by default hands out a prefix designation of /60 (see below on how to view that in the UDM logs) which leaves 4 bits for subnetting mean 64-60 = 4 = 2^4 = 16 subnets.

You can change this to a /56 to get 256 subnets if you need them ... wow!

My Unifi UDM uses the 64-60 = 4 bit subnetting space to assign a unique subnet to each IPv6 enabled VLAN.

I set my UDM Settings => Internet Primary (WAN 1) Interface IPv6 Configuration to DHCPv6 with a Prefix Delegation size of /60

Screen shots of different IPv6 Settings on UDM

The IPv4 Configuration is PPPoE with the Username and Password supplied by Exetels onboarding email.

On the Settings => Networks pages I set the IPv6 options to defaults:

Make sure you have a stateful firewall blocking new inbound IPv6 traffic

As the Exetel onboarding docs mention make sure there is a stateful firewall checking for established and related traffic (i.e. Your clients can connect via IPv6 outbound and recieve reply traffic but the internet cannot connect inbound to your IPv6 clients)

Check that the Settings => Security => Firewall Rules => Internet v6 are all still there. These are the default rules on the UDM:

Watching the DHCPv6 Address and Prefix Delegation Offer

You can see the log entries on the UDM by SSH'ing to it and grepping the daemon.log

cat /var/log/daemon.log| grep odhc

Look for the lines following IA_PD and IA_NA for the Prefix Delegation and WAN Interface IPv6 address

IA_PD = 2406:3400:32g:1bc0::/60

IA_NA = 2406:3400:900:21:abcd:f00d:8cd5:9c43

2024-03-09T14:09:24+11:00 IGW-01 odhcp6c [135161]: IA_PD 0001 T1 302400 T2 483840
2024-03-09T14:09:24+11:00 IGW-01 odhcp6c [135161]: 2406:3400:32g:1bc0::/60 preferred
2024-03-09T14:09:24+11:00 IGW-01 odhcp6c [135161]: IA_NA 0001 T1 302400 T2 483840
2024-03-09T14:09:24+11:00 IGW-01 odhcp6c [135161]: 2406:3400:900:21:abcd:f00d:8cd5:9c43 preferred 604800 valid 604

Example of /64 subnets offered to VLANs on UDM

If you issue the command ip -6 route on the UDM you can see the subnet assignments to each VLAN interface. The VLAN ids are 301,300 and 68 in the following output.

2406:3400:4126:3ac0::/64 dev br301 proto kernel metric 256 expires 569624sec pref medium
2406:3400:4126:3ac1::/64 dev br300 proto kernel metric 256 expires 569624sec pref medium
2406:3400:4126:3ac2::/64 dev br68 proto kernel metric 256 expires 569624sec pref medium

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The reCAPTCHA verification period has expired. Please reload the page.