IPv6 Roll Out

AfriNatic said:
It seems like we are running IPv6 in a bit of an odd way which some routers do not like. We do a /128 for the IA-NA and a /62 for Prefix Delegation. Some routers do not like this and some FNO's and manufacturers suggested we do a /64 for the IA and between a /48 to /60 for the PD. It doesn't make sense to us to waste this much of address space.

The setup is pretty simple depending on the router.

If you are on PPPoE the IPv6 part is DHCPv6 with a /62 PD. Some routers need you to set dual stack PPPoE and not separate wan interfaces for v4 and v6. Some routers like TP-link need to have IPv6 set as a Non-address because we use the /128 for the IA the TP-link wants to allocate addresses from this allocated prefix which is not possible because it's a single address on the WAN so setting non-address it will ask for the /62 pd and delegate that to lan connected devices.

There is no set guide how to configure routers because each manufacturer seems to name and implement it their way that is why support wise we support the routers we supply. We can try to assist with 3rd party routers but since we haven't tested configurations our guess sometimes are as good as yours.
Click to expand...

But surely once you’ve configured it and seen it work once for a customer it’s as simple as adding it to a knowledge base and publishing it?

Just a simple database of basic entries that says for UniFi do X.

The problem is now the data is changing as the thread is evolving and there’s no way of knowing this.
 
Hello there,

Came across this forum now. Trying to setup my Plex remote access and cameras etc.

I know CGNAT and no static Public IP caused issues for me on WebAfrica. I had to request a static IP and this resolved my issues.

Would enabling IPV6 assist me with this issue I’m having, and if so what PD Size do I use for Afrihost/ MetroFibre.

I’m running a UniFi Dream Machine.

Thanks in advance for the help!
 
ace119 said:
Hello there,

Came across this forum now. Trying to setup my Plex remote access and cameras etc.

I know CGNAT and no static Public IP caused issues for me on WebAfrica. I had to request a static IP and this resolved my issues.

Would enabling IPV6 assist me in this sissie I’m having, and if so what PD Size do I use for Afrihost/ MetroFibre.

I’m running a UniFi Dream Machine.

Thanks in advance for the help!
Click to expand...

Sorry I’ve recently just moved to Afrihost from WebAfrica and encountering these issues now.
 
Hi, I may have missed this in one of the previous ~900 posts, but:
  • How set in stone is the /62 prefix? Are you still testing, or do I need to consider other options?
  • What about more persistent prefixes? At this point, it seems I get a new prefix very often.
  • If the above is the default Afrihost has settled on, can I request a more standard /48 or /56 with a long-lived prefix?
  • Failing that, how do I get a non CG-NAT ipv4?
 
User_7578 said:
Hi, I may have missed this in one of the previous ~900 posts, but:
  • How set in stone is the /62 prefix? Are you still testing, or do I need to consider other options?
  • What about more persistent prefixes? At this point, it seems I get a new prefix very often.
  • If the above is the default Afrihost has settled on, can I request a more standard /48 or /56 with a long-lived prefix?
  • Failing that, how do I get a non CG-NAT ipv4?
Click to expand...

Hi,

-For now,/62 is what we are allocating. It's part of the network design but might change; we will update clients if it does.

-DHCPv6 is also part of the rollout for now as we paid license fees to use the software our dhcpv6 server runs. Having prefixes dynamically applied allows unused prefixes to be reclaimed if a subscriber goes away to make sure we don't leave address space unused.

-Not yet but we are exploring options

-You can request a public IPv4 address from support or by emailing any of the reps.
 
Is ipv6 active on all networks now ?

I am on vuma trenched and doesn't seem to obtian an ip.
 
AfriNatic said:
Hi,

-For now,/62 is what we are allocating. It's part of the network design but might change; we will update clients if it does.

-DHCPv6 is also part of the rollout for now as we paid license fees to use the software our dhcpv6 server runs. Having prefixes dynamically applied allows unused prefixes to be reclaimed if a subscriber goes away to make sure we don't leave address space unused.

-Not yet but we are exploring options

-You can request a public IPv4 address from support or by emailing any of the reps.
Click to expand...
Fixed IPv6 /56 prefix is the way to go. Why has it not yet been introduced? And you can manage/re-assign unused prefixes another way. It is not as if you have limited prefixes.
 
I've had to disable ipv6 on my router because of random dropouts on various services. Once I turned it off the dropouts went away entirely, pity I had to spend nearly 4 hours of troubleshooting to discover this was the cause of the issue.
 
Isengard said:
I've had to disable ipv6 on my router because of random dropouts on various services. Once I turned it off the dropouts went away entirely, pity I had to spend nearly 4 hours of troubleshooting to discover this was the cause of the issue.
Click to expand...
same. Tiktok would frequently cut connection and couldn't figure the issue until I turned IPv6 off. seems gone now
 
Is IPv6 down today? Devices can get 2c0f:f4c0:1191:: addresses but IPv6 does not seen to be routing e.g can't ping Afrihost DNS at 2c0f:f4c0::b.

Does fiber have a bras.afrihost.com equivalent?
 
Last edited:
I am struggling to get IPv6 working on a Edgerouter EdgeRouter X SFP
I have followed a variety of posts
https://nurblieh.medium.com/ipv6-on-the-edgerouter-lite-c95e3cc8d49d
https://benjaminreich.de/posts/configure-ipv6-on-a-edgerouter/
https://washburn.at/howtos/edgeos-dhcpv6-pd
https://community.ui.com/questions/IPv6-Setup/b3693114-bada-4b80-b980-7543a0073f5f (suggested by @AfriNatic)

This is what I have tried, albeit unsuccessfully.
Used the Basic setup wizard and enable DHCPv6 PD
After rebooting via the cli add/amend with the following commands

Code: 
#Amend the prefix-length to 62
set interfaces ethernet eth0 dhcpv6-pd pd 0 prefix-length /62

#add the following (not added by wizard)
set interfaces ethernet eth0 ipv6 address autoconf
set interfaces ethernet eth0 ipv6 dup-addr-detect-transmits 1

#Add and extra firewall rule to allow ICPMv6
set firewall ipv6-name WANv6_IN rule 30 action accept
set firewall ipv6-name WANv6_IN rule 30 description 'Allow ICPMv6'
set firewall ipv6-name WANv6_IN rule 30 protocol icmpv6

#enable RA
set interfaces switch switch0 ipv6 router-advert prefix ::/62  
set interfaces switch switch0 ipv6 router-advert managed-flag true

But I still can't get an assigned IPV6 address.

Code: 
ubnt@ubnt:~$ show interfaces
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface    IP Address                        S/L  Description
---------    ----------                        ---  -----------
eth0         100.98.?.?/24                 u/u  Internet
eth1         -                                 u/D  Local
eth2         -                                 u/u  Local
eth3         -                                 u/D  Local
eth4         -                                 u/u  Local
eth5         -                                 u/D
lo           127.0.0.1/8                       u/u
             ::1/128
switch0      192.168.88.1/24                   u/u  Local

my full config (of ipv6 related items)

Code: 
set firewall ipv6-name WANv6_IN default-action drop
set firewall ipv6-name WANv6_IN description 'WAN inbound traffic forwarded to LAN'
set firewall ipv6-name WANv6_IN enable-default-log
set firewall ipv6-name WANv6_IN rule 10 action accept
set firewall ipv6-name WANv6_IN rule 10 description 'Allow established/related sessions'
set firewall ipv6-name WANv6_IN rule 10 state established enable
set firewall ipv6-name WANv6_IN rule 10 state related enable
set firewall ipv6-name WANv6_IN rule 20 action drop
set firewall ipv6-name WANv6_IN rule 20 description 'Drop invalid state'
set firewall ipv6-name WANv6_IN rule 20 state invalid enable
set firewall ipv6-name WANv6_IN rule 30 action accept
set firewall ipv6-name WANv6_IN rule 30 description 'Allow ICPMv6'
set firewall ipv6-name WANv6_IN rule 30 protocol icmpv6
set firewall ipv6-name WANv6_LOCAL default-action drop
set firewall ipv6-name WANv6_LOCAL description 'WAN inbound traffic to the router'
set firewall ipv6-name WANv6_LOCAL enable-default-log
set firewall ipv6-name WANv6_LOCAL rule 10 action accept
set firewall ipv6-name WANv6_LOCAL rule 10 description 'Allow established/related sessions'
set firewall ipv6-name WANv6_LOCAL rule 10 state established enable
set firewall ipv6-name WANv6_LOCAL rule 10 state related enable
set firewall ipv6-name WANv6_LOCAL rule 20 action drop
set firewall ipv6-name WANv6_LOCAL rule 20 description 'Drop invalid state'
set firewall ipv6-name WANv6_LOCAL rule 20 state invalid enable
set firewall ipv6-name WANv6_LOCAL rule 30 action accept
set firewall ipv6-name WANv6_LOCAL rule 30 description 'Allow IPv6 icmp'
set firewall ipv6-name WANv6_LOCAL rule 30 protocol ipv6-icmp
set firewall ipv6-name WANv6_LOCAL rule 40 action accept
set firewall ipv6-name WANv6_LOCAL rule 40 description 'allow dhcpv6'
set firewall ipv6-name WANv6_LOCAL rule 40 destination port 546
set firewall ipv6-name WANv6_LOCAL rule 40 protocol udp
set firewall ipv6-name WANv6_LOCAL rule 40 source port 547
set firewall ipv6-receive-redirects disable
set firewall ipv6-src-route disable

set interfaces ethernet eth0 dhcpv6-pd pd 0 interface switch0 host-address '::1'
set interfaces ethernet eth0 dhcpv6-pd pd 0 interface switch0 prefix-id ':1'
set interfaces ethernet eth0 dhcpv6-pd pd 0 interface switch0 service slaac
set interfaces ethernet eth0 dhcpv6-pd pd 0 prefix-length /62
set interfaces ethernet eth0 dhcpv6-pd rapid-commit enable

set interfaces ethernet eth0 firewall in ipv6-name WANv6_IN
set interfaces ethernet eth0 firewall in name WAN_IN
set interfaces ethernet eth0 firewall local ipv6-name WANv6_LOCAL
set interfaces ethernet eth0 firewall local name WAN_LOCAL

set interfaces ethernet eth0 ipv6 address autoconf
set interfaces ethernet eth0 ipv6 dup-addr-detect-transmits 1
 
Last edited:
@AfriNatic Any Plans for ipv6 on PureLTE?

This would be a gamechanger because I don't know of any mobile network (custom APN or otherwise) - offering ipv6
 
R3d3mpt10n said:
@AfriNatic Any Plans for ipv6 on PureLTE?

This would be a gamechanger because I don't know of any mobile network (custom APN or otherwise) - offering ipv6
Click to expand...

It's actually insane that not a single mobile network in South Africa is using IPv6 yet, as far as I know. It's literally the perfect use-case for IPv6 and would eliminate all the crap with CG-NAT. Does anyone know why the mobile networks are so reluctant to roll it out?
 
AfriNatic said:
In my opinion it does hence we are not looking to rollout IPv6 like that.

We want dual stack IPv6 and IPv4. The primary will be IPv6 and then you also get a natted IPv4 address to fall back to if there is any services that does not support IPv6.
Click to expand...
Agreed here - it's mind boggling. I would have thought mobile newtosk would be the first to implement ipv6 as they were the first to implement CGN
 
 
grantduke said:
Anyone been able to get IPv6 working on Mikrotik?

All I get is "searching"
View attachment 1559329
Click to expand...

Yes, I've got Openserve/Afrihost and my Mikrotik works perfectly with IPv6. Assuming you're the same, make sure that:

info = unchecked
address = unchecked
prefix = checked
Pool Prefix Length = 64
Prefix Hint = ::/60
Add Default Route = checked
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X