On 4/28/2020 4:22 PM, Chris Adams wrote:
What's in /etc/sysconfig/network-scripts/ifcfg-<name>? I wonder if you have IPv6 disabled.
Pasted below. V6 definitely works. I have a second server and gave it a WAN address and I can connect between them using their WAN addresses. That's what told me that my ip6tables weren't screwed up and that the problem lay elsewhere. That's when I hit on looking at the route table and seeing no default IPv6 route.
I'm not using a "regular" (CentOS, Fedora, etc.) Linux as a gateway; I have OpenWRT on a dedicated box. I couldn't find a way to handle the prefix delegation with the typical desktop/server tools (but it has been a while since I looked). OpenWRT has their own daemon for that.
However, my local systems are all sending RA solicitations and getting DHCPv6-assigned addresses with NetworkManager (which matches the first steps of what you need on the WAN, just not the prefix delegation).
I'm using OpenWrt at home and it's working mostly fine there. Except with my Android phone. I'm not getting a DNS setting for V6, but I do have the setting in the router's config file. The Win10 clients work fine, though. Apparently Android has issues with DHCPv6, and I'm betting it's interfering with my SLAAC config.
LAN config, ifcfg-em1:
TYPE=Ethernet PROXY_METHOD=none BROWSER_ONLY=no BOOTPROTO=none DEFROUTE=yes IPV4_FAILURE_FATAL=no IPV6INIT=yes IPV6_AUTOCONF=no IPV6_DEFROUTE=no IPV6_FAILURE_FATAL=no IPV6_ADDR_GEN_MODE=stable-privacy NAME=em1 UUID=fbf59f72-2d60-4dd3-8870-c14a1acb4337 DEVICE=em1 ONBOOT=yes DHCP_CLIENT_ID=saruman IPV6_PRIVACY=no ZONE=internal IPADDR=10.169.1.128 PREFIX=9 IPV6ADDR=2001:1890:1837:5B11::100/60
WAN config, ifcfg-em2:
TYPE=Ethernet PROXY_METHOD=none BROWSER_ONLY=no BOOTPROTO=none DEFROUTE=yes IPV4_FAILURE_FATAL=no IPV6INIT=yes IPV6_AUTOCONF=yes IPV6_DEFROUTE=yes IPV6_FAILURE_FATAL=no IPV6_ADDR_GEN_MODE=stable-privacy NAME=em2 UUID=fe08c9df-9913-47f5-be8b-47dad168bcc4 DEVICE=em2 ONBOOT=yes IPADDR=12.3.140.156 PREFIX=29 GATEWAY=12.3.140.153 DNS1=127.0.0.1 DOMAIN="mpa.lan dhcp.mpa.lan microprecisionautomation.com" ZONE=external IPV6FORWARDING=yes IPV6_PEERDNS=no # AT&T assigns us 2001:1890:1837:5B00::/56 # we use the 2nd /64 for our DMZ IPV6ADDR_SECONDARIES=2001:1890:1837:5B01::100/64