I have purchased an Asus DSL-AC52U in the hope that IPv6 will work.

It works well and Wifi is significantly better than the HH5.

All client devices now seem to have a global IPv6 address, but the router does not. I can only see an IPv4 WAN address. test-ipv6.com and other online testers give negative results.

I am pretty sure I've fallen into the trap of the /64 vs /56 thing.

Do you know of any way I can get this working? I am desperate for native IPv6 at home since pretty much all of my work at the moment is on transitioning to IPv6.

Luckily the firmware is open source so I might be able to do a patch myself depending on what language it is written in. Might be getting a bit ahead of myself there though 🙂

Thanks

@smf22

I'm reluctant to disagree with you, given that your knowledge of these matters far exceeds mine, but that doesn't seem to be the way it works on my TP-Link VR600, running the beta firmware that sorts out earlier IPv6 difficulties.

Here, each client has an address beginning 2a00:23c1:XXXX:XX01, while the modem/router itself has an address beginning 2a00:23c1:XXXX:XX00. So there is a distinct IPv6 address on the WAN.

Surely there needs to be one, in case you want to access the modem/router directly from the WAN?

p

I would agree with prinknash, the router should have a WAN facing IPv6 address.  For example here the IPs are:

Router WAN IP    2a00:23c3:63e5:3000:9ec7:a6ff:fee3:59f0

My PC Global        2a00:23c3:63e5:3001:e068:2cc4:dc5f:8c63

Server Global       2a00:23c3:63e5:3001:35a0:d9d6:cee0:806f

Test PC              2a00:23c3:63e5:3001:8d7c:88c6:56fb:3e4c

See the Asus Manual P61 &  72 for setting things up.  IPv4/IPv6 would be a likely selection.

The manual could perhaps be a little more descriptive though.  It would likely be easier with access to the router so you can see what is revealed in the Tabs and dropdown menus.

Each of my clients has an IPv6 address starting with 2001.

I do not have a router WAN IPv6 address though, it is only showing the IPv4 address in the control panel and test-ipv6.com gives 0/10 since I don't have a public IPv6 address.

What should my DHCP/SLAAC settings be on for the router and LAN?

Should MLD Proxy be enabled?

Thanks

@bobfromselby: Impossible to say based on the '2001' IPv6 address you provided, but I don't think the addresses on the clients are from the BT IPv6 address space. In the past when I've looked at this it seems BT use 2a00:2380::/25 (BT-UKIP-IPV6-AS2856) for IPv6 traffic from the UK. I go into the breakdown of this a little more in message 24 of "How do I re-enable IPv6 on my HH6?"

If you paste the IP address from one of the clients into the RIPE Database Query it will tell you who the range is assigned to. Do you have some kind of IPv6 tunnel broker e.g., Hurricane Electric?

For the LAN, as I mentioned previously, unless you want to manage a local DHCPv6 server, then look for an option for SLAAC (Stateless Address Auto Configuration). This works by the router sending an IPv6 Router Advertisement with the IPv6 prefix on the LAN, and the clients generating the 'host' portion of the address. The MLD (Multicast Listener Discovery) is probably not needed so leave that disabled.

And for those interested in the other aspects of this thread raised by @prinknash and @Liam_.... might be an idea to get a warm beverage / cold beer as this might take some reading.

Clearly the TP-Link, the Fritz, and when I look at what I'd grabbed from the Hub 6 when I had it running, they all assign an IPv6 address to the WAN and the LAN. This is from Advanced -> IPv6 -> Status on the Hub 6:

Hub IPv6 status:		Enabled
IPv6 network status:		Enabled

IPv6 WAN details
----------------
Global unicast address:		2a00:23c5:5500:d701:924d:4aff:fe0a:918d
Global unicast prefix/length:	2a00:23c5:5500:d701::/64
Link local address:		fe80::924d:4aff:fe0a:918d
Remote link local address:	fe80::223:3eff:fe6e:e650
DNS:				Not available

And from Advanced -> IPv6 -> Configuration: 

Hub IPv6 LAN details
--------------------
Name:				bthub.home
Global unicast address:		2a00:23c5:5500:d700:924d:4aff:fe0a:918f
 Global unicast prefix/length:	2a00:23c5:5500:d700::/64
 Link local address:		fe80::924d:4aff:fe0a:918f

The Hub 6 behaviour looks to be the same as you're seeing in TP-Link and Fritz in that here the Hub was delegated 2a00:23c5:5500:d7::/56 from which it assigned 2a00:23c5:5500:d700::/64 to the LAN and 2a00:23c5:5500:d701::/64 to the WAN.

That said, the 'official' statement from BT is in section 4.4.4 of SIN 472 BT Wholesale Broadband Connect (WBC) Products where they describe the addresses they assign for IPv6.

"An End User Access service on IPv6 will have 2 address types:
- A dynamic WAN address using Link Local. This will be automatically generated by the CPE and does not need to be provided by the CP. This address is not globally routable and not advertised out to the CP;
- A globally routable IPv6 delegated prefix for use on the CPE LAN. The IPv6 addressing for the IPv6 delegated prefixes will be provided by the CP. The CPE will obtain an IPv6 Delegated Prefix from the BRAS by running DHCPv6. The delegated prefixes will be advertised out to the CP."

In the above CP is the 'Comunications Provider' router and CPE is 'Customer Premises Equipment' i.e., the Hub, TP-Link etc. 

So with BT using IPv6 link local on the WAN this is how I see things would work:

- CPE router requests an IPv6 prefix via DHCPv6-PD (Prefix Delegation)
- CP router/BRAS delegates a /56 to the CPE router
- CPE router assigns a default IPv6 route with a 'next hop' of the link local address of the CPE router/BRAS
- CP router/BRAS creates a route to the delegated /56 prefix with a 'next hop' of the link local address of the CPE router, and advertises that address upstream.

The CPE router though is free to assign addresses from the /56 in any way it sees fit and in the case of the TP-Link, Fritz and Hub 6 it assigns a /64 from the delegated /56 to the LAN interface and another /64 to the WAN interface.

Now whilst they each have a global IPv6 address on the WAN I don't think they're really using it.

In an IPv4 world the LAN uses RFC 1918 private addressing and the only globally routable address is the one assigned to the PPPoE/WAN interface of the router. Any traffic from the private IP address assigned to the LAN is source NAT'd with the address assigned to the WAN, and all traffic seen on the Internet originates from that single IPv4 WAN address.

In IPv6 the addresses seen are truly 'end-to-end' i.e., no NAT, and so the IPv6 address seen on the Internet is the address actually assigned to the client. The router is of course a client as well and can send/receive traffic from any IPv6 address assigned to any interface. As the router has an IPv6 address on it's LAN, and IPv6 is end-to-end, this is how we can access a router via IPv6 without a global IPv6 address on it's WAN interface.

As a comparison to the TP-Link, Fritz and Hub 6, and to show a global IPv6 address on the WAN is not needed, here's what I see in my Ubiquiti EdgeRouter. When I look at the addresses assigned to each of the interface I see only an IPv4 address on the 'pppoe0' interface, whereas the LAN (switch0.101, switch0.102 etc.) have both IPv4 and IPv6 addresses.

smf22@erx1:~$ show interfaces
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface    IP Address                        S/L  Description
---------    ----------                        ---  -----------
eth0         192.168.255.1/24                  u/u  WAN via Draytek Vigor 130
[snip]
pppoe0       31.XX.YY.84                       u/u
switch0      -                                 u/u
switch0.101  192.168.1.1/24                    u/u  Home LAN
             2a00:23c5:AABB:a801::1/64
switch0.102  192.168.2.1/24                    u/u  Home WiFi
             2a00:23c5:AABB:a802::1/64
[snip]

And looking at the routing table I see the default route has a next-hop of the upstream link local address: 

smf22@erx1:~$ show ipv6 route
IPv6 Routing Table
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
       IA - OSPF inter area, E1 - OSPF external type 1,
       E2 - OSPF external type 2, N1 - OSPF NSSA external type 1,
       N2 - OSPF NSSA external type 2, B - BGP
Timers: Uptime
IP Route Table for VRF "default"
K      ::/0 [0/1024] via fe80::223:3eff:fe6e:e650, pppoe0, 07:09:11
C      ::1/128 via ::, lo, 1d02h19m
[snip]

So in summary... we can see that routers may have a globally routable IPv6 address on the WAN interface, but don't need it the way that with IPv4 there must be a globally routable address on the WAN interface.

Regards

Hi,

I searched my client IPv6 address on RIPE and it just returned IANA. The address isn't anything to do with BT by the looks of it.

It is a /64 address, so perhaps it's something my router gave out rather than BT?

I am not using a tunnel broker and never have done, but it looks like I might have to go down that route since this just isn't working.

Any further suggestions are much appreciated.

BT support are clueless when it comes to IPv6. Very frustrating.

Can you post a screenshot of the IPv6 configuration from the Asus GUI? Not sure how similar it is to other Asus, but looking around if you have options as below, I'd set as follows:

Basic Config:

- Connection type: Native

- Interface: PPP

- DHCP-PD: Enable

IPv6 LAN settings

- Auto configuration setting: Stateless

DNS

- Can be either disabled or set to OpenDNS (2620:0:ccc::2 and 2620:0:ccd::2) or Google (2001:4860:4860::8888 and 2001:4860:4860::8844)

If there's anything related to 6RD then disable that.

Regards