Hi.
Well, I did follow the tutorial point:
IPv6 - setup with dynamic IPv6
I chose option 3. generate an ULA (Enter wgm command "ipv6 ula" and it generates it for you) then change the 2 first letters to something not used, like aa (proposed).
So I used wgm command 'ipv6 ula' which gave me an IPv6 address, and a suggestion for replacing first two characters with 'aa', so the resultant address, after inserting digit '100' is 'aa65:a7b6:23ff:100::/120', as follows:
Code:
E:Option ==> ipv6 ula
Warning IPv6 ULA generate function requires Entware 'date' module.....')
Installing coreutils-date (9.1-1) to root...
Downloading https://bin.entware.net/aarch64-k3.10/coreutils-date_9.1-1_aarch64-3.10.ipk
Configuring coreutils-date.
Removing package coreutils-date from root...
On Wed Apr 26 15:07:44 2023, Your IPv6 ULA is 'fd65:a7b6:23ff::1/64' (Use 'aa65:a7b6:23ff::1/64' for Dual-stack IPv4+IPv6)
I created my wg22 server with the command:
Code:
peer new ip=10.50.2.1/24 ipv6=aa65:a7b6:23ff:100::1/120
Also I've created /jffs/addons/wireguard/Scripts/wg22-up.sh and /jffs/addons/wireguard/Scripts/wg22-down.sh with the corresponding MASQUARADE rules:
Code:
#!/bin/sh
#Masquarade ipv6 packets from clients to WAN
ip6tables -t nat -I POSTROUTING -s aa65:a7b6:23ff:100::1/120 -o eth0 -j MASQUERADE -m comment --comment "WireGuard 'server'"
and
Code:
#!/bin/sh
#Masquarade ipv6 packets from clients to WAN
ip6tables -t nat -D POSTROUTING -s aa65:a7b6:23ff:100::1/120 -o eth0 -j MASQUERADE -m comment --comment "WireGuard 'server'"
and I passthrued it through my wg11 client, which is IPv6 enabled as is working well with my LAN connected devices.
I'm in doubt whether I should MASQUARADE my wg22 server to eth0 or wg11 client, since I am using passthru, but after trying both, none of them works.
The result is that I'm getting an IPv4 VPN supplier's address on my remote device, but no IPv6 at all.
Am I doing something wrong?
Best regards.