IPv6 Routing

[astroroxy]

Hello,

My current network is as follows,

A few ipv4 subnets direct IP addresses to the internet cat6.-->
Layer 3 switch
The switch is also the default gateway for the network
Example from ISP (Fake IP)
CIDR 173.254.215.100/28
Subnet 255.255.255.240
Gateway 173.254.215.101
Primary IP 173.254.215.102
Last Usable IP 173.254.215.116

The primary IP is used as a interface on my l3 switch which then has a default route 173.254.215.101(ISP gateway)
On my hosts I set the default gateway as the IP of the l3 switch.
This way all the data stays on the switch and not bouncing to my ISPs router.

Now for IPv6 I am all confused.
I was assigned a /56
My ISP said I should assign each host a /64
I then attempted to assign the switch a /64 ending in 2607:fcd0:0100:1112::1 and use the gateway IP from my host
2607:fcd0:0100:1111::1
The switch complained that it is not a directly connected router.
I then put it on the same subnet as the gateway so 2607:fcd0:0100:1111::2

This works and I am able to add the gateway to the switch and access it from the internet.

I then attempted to add hosts:
Ubuntu Example config
iface eth0 inet6 static
pre-up /sbin/modprobe -q ipv6 ; /bin/true
address 2607:fcd0:0100:1113::1
netmask 64
gateway 2607:fcd0:100:1111::2(Switch IP)

This does not work, or after a few reboots it works and then stops,
for some reason it lost its route and ubuntu is no longer able to ping.

How would you do this?

Thanks

 

[dreid]

IPv6

What is the IPv6 /56 address your ISP provided?

What is the IPv6 gateway your ISP provided?

 

[astroroxy]

I would rather not give the true ip info, so here is a slightly modified ip address

IPv6 CIDR 2607:fcd0:100:1b00::/56
Network Bits 56
Minimum IP 2607:fcd0:100:1b00::
Gateway 2607:fcd0:100:1b00::1
Primary IP 2607:fcd0:100:1b00::2

 

[dreid]

IPv6

Try the following. I'm interested to see how it works for you.

Make sure you have a default route on your Layer 3 swtich as follows:
ip route ::/0 2607:fcd0:100:1b00::1

Your Layer 3 Switch's outside VLAN interface should be:
Address = 2607:fcd0:100:1b00::2/64

Configure your Layer 3 Switch's inside VLAN interface as follows:
Address = 2607:fcd0:100:1b01::1/64

Configure your hosts as follows:
Address = 2607:fcd0:100:1b01::x/64
Gateway = 2607:fcd0:100:1b01::1/

 

[astroroxy]

Odd my reply got deleted.

I thought of doing it that way too.
The only problem is that it wont work too well with many hosts.
I will have to define them all and that would take awhile on my switch.
I read that its possible to have the default gw outside the subnet. Is that true?
Any other ideas?

 

[dreid]

IPv6

By definition, the default gateway must be in the subnet. The default gateway is the "gateway" for hosts to exit the subnet.

What is the make and model of your L3 switch?

 

[chadster766]

Odd my reply got deleted.

I thought of doing it that way too.
The only problem is that it wont work too well with many hosts.
I will have to define them all and that would take awhile on my switch.
I read that its possible to have the default gw outside the subnet. Is that true?
Any other ideas?

The default gateway in IPv6 should be the local link IPv6 address of the gateway router\switch's interface unless you are configuring a IPv6 transition tunnel (6rd, 6in4,etc...) in a router.

This is typically auto configured on the IPv6 adapter when the router sends it's "ra" (router advertisement).

If your firewall is blocking IPv6 RA then the default gateway won't get configured automatically.

On some embedded Linux systems you might have to enable accept_ra on the adapter.

 

[dreid]

Astroroxy -

Curious how you're doing with IPv6. I have a couple questions if you don't mind.

Did you get IPv6 working? If so, what did you do?
Who is your ISP?
You mention your ISP assigned you a /56. How did your ISP assign the /56? Was the /56 assigned via DHCP or other method such as email?

Thanks in advance!!

 

[sinshiva]

Astroroxy -

Curious how you're doing with IPv6. I have a couple questions if you don't mind.

Did you get IPv6 working? If so, what did you do?
Who is your ISP?
You mention your ISP assigned you a /56. How did your ISP assign the /56? Was the /56 assigned via DHCP or other method such as email?

Thanks in advance!!

centurylink hands out /56 via dhcp. soho routers are generally going to zero out the next 8 bits leaving you running the remaining 64 bits for your lan. ideally, to use the 8 free bits you'd use a router with multiple bridges configured /64 mask, though i'm not certain how that would be handled; haven't yet dealt with such a configuration.

 

[dreid]

sinshiva -

Thank you for the reply!

Two follow up questions:

You mention CenturyLink hands out a /56 via DHCP and "soho routers are generally going to zero out the next 8 bits." Are you saying that the IPv6 address on the soho router WAN interface may appear as a /64?

If your router shows a /64, how do you know CenturyLink has actually assigned you the full /56?

 

[sinshiva]

in my case, I could see that my 6rd interface had /56, but the bridge is running a /64.

so, like the above poster indicated, the bridge gets an IP like;

FFFF:FFFF:FFFF:FF00::1/64 - call it running on WAN network 00 of FF. again, via dhcp or whatever they're using for ipv6 now

(I've actually long since disabled ipv6 because I rely on QoS and I didn't think ip6tables had the appropriate mangle chain rules implemented, etc. I believe this is still the case with AsusWRT, but it's been a while.)

 

[mavack]

You want to avoid assigning IPv6 address's, Just use DHCP and let the hosts determine their address via OUI-64. This will also take care of the router advertising the gateway to the hosts.

When you enable IPv6 on interfaces you will have multiple addresses created link-local, global etc.

Because the addresses are so long you will end up using DNS to resolve your hosts not IPs

From your original post your said the ISP said assign each host a /64, they should have said assign each segment a /64.

You will waste LOTS of IPs, get used to it. It feels wrong compared to IPv4 but thats how it's supposed to work. The only time i think i will ever use less than /64s is within an ISP with lots of core links where we will use /127s (equiv to /31s in ipv4)

 

[mavack]

you need to apply a /64 per network segment which in a home environment is 1 segment

then you let DHCP handle it all

yes you waste LOTS of IPs