IPv6 in v24

Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware
Goto page Previous  1, 2, 3, 4, 5, 6, 7  Next
Author Message
HolyRoses
DD-WRT User


Joined: 01 Oct 2007
Posts: 138

PostPosted: Tue Apr 28, 2009 18:29    Post subject: Reply with quote
I follow this guide right above and it appears to work fine from the router, but my windows xp and vista machines do not receive a default ipv6 route. On the vista machine I can manually add routers ipv6 address as a default route, but I cannot do it on xp because they dont give you the controls.

Shouldn't it be getting autoconf'ed with a correct default route?

All it is getting configured with is some automagic ipv6 route and the ipv4 route.

after carefully reading through every post on this thread it seems like this is a common problem. The clients aren't receiving an ipv6 default route auto assigned. What is the solution to this?


EDIT:

fixed, i wasn't using the correct routed /64 line. I didn't notice there was any difference between it and my client ipv6. Now it is working with the above instructions from kunk.


-HR
Sponsor
HolyRoses
DD-WRT User


Joined: 01 Oct 2007
Posts: 138

PostPosted: Thu Apr 30, 2009 20:09    Post subject: Reply with quote
If you use crushedhats firewall rules and you like to use torrents and such then you will need to modify one of his lines to one like below:


I have utorrent set to have incoming listen port of 59748 and not to randomize it at start up. So I modifed this line here:

ip6tables -A FORWARD -p tcp -i he-ipv6 --syn -m multiport --dports ftp-data,ftp,ssh,smtp,http,https,ntp,domain,59748 -j ACCEPT

And am now able to accept incoming connections. I hope I did it right. I don't know anything about iptables...

I wonder how many darn people are using this firewall configuration. One of the points of ipv6 is not limit connections due to nats and stuff. But if everyone is blocking incoming ports... well that doesn't help in this situation. I notice soon as I allowed incoming connections I got a ton of connections that I didn't previously have. So it looks like most people are following a firewall rule like this.

-HR
richard4339
DD-WRT Novice


Joined: 15 Mar 2009
Posts: 3

PostPosted: Wed May 06, 2009 23:31    Post subject: Reply with quote
richard4339 wrote:
I have a WRT54G v2 that currently is running the regular, plain, DD-WRT v24 standard generic. Since no one else has really tried to run crushedhat's firmware on one of these, I'm going to give it a go tonight. I'll post how it runs. If anyone has any tips before I do, or has tried it and had problems, I'd love to know beforehand though!


I haven't finished setting up ipv6 yet, but I can confirm that I flashed the WRT54G v2 with crushedhat's build and it works.
UncleCharlie63
DD-WRT Novice


Joined: 25 Apr 2008
Posts: 2

PostPosted: Thu May 07, 2009 20:16    Post subject: Any build for wrt54g-tm? Reply with quote
Support for this router using IPV6 tunnel? Using SIXXS
jroysdon
DD-WRT Novice


Joined: 07 May 2009
Posts: 5

PostPosted: Thu May 07, 2009 20:23    Post subject: ASUS WL-520GU Reply with quote
I've got the custom crushedhat (Release: 2008-07-31 14:52 (SVN revision: 10070M) running successfully on my ASUS WL-520GU.

I run Fedora so I used the tftp method to put dd-wrt.v24_mini_asus.trx on first (tftp -v -m binary 192.168.1.1 -c put dd-wrt.v24_mini_asus.trx). Once it was on I used the dd-wrt web interface to do a firmware upload of dd-wrt.v24-10070_crushedhat_4MB.bin.

I've got IPv6 working to HE. I'd originally tried to get it working with SixXs and AICCU, but I could not get it to install. It's probably for the better since I've not got much space and I need to load some USB Printer stuff.

I couldn't get radvd working last night when I was there, but it appears to be working (I'm remote so I cannot test on the LAN side just yet).
smbh
DD-WRT Novice


Joined: 08 May 2009
Posts: 1

PostPosted: Fri May 08, 2009 5:52    Post subject: Reply with quote
Would it be possible to include support for CIFS in the next version?
jroysdon
DD-WRT Novice


Joined: 07 May 2009
Posts: 5

PostPosted: Sun May 10, 2009 1:16    Post subject: usb + ipv6 support requested Reply with quote
As I posted a few back, I have an ASUS WL-520GU. It works good with the latest crushedhat mini version, except it has no USB support.

The latest SVN mini+usb works fine with USB support for printing, but IPv6 support.

Any chance I could get an image with both? Actually, I suspect I may be game to learn how to roll my own and get the maximum featureset for my router, but need to get pointed in the right direction.

Thanks,
joewein
DD-WRT Novice


Joined: 24 May 2009
Posts: 6

PostPosted: Mon May 25, 2009 7:26    Post subject: Reply with quote
I installed crushedhat's build 10070 on my Buffalo WHR-HP-G54 with a Hurricane Electric IPv6 tunnel. It was very painless:

http://www.joewein.net/blog/2009/05/25/ipv6-with-dd-wrt-router-and-hurricane-electric/

I am lucky to have the same router model as crushedhat, so there was little to worry about when flashing the firmware.

Any chance this build will become available across the wider set of DD-WRT-supported routers?
digixmax
DD-WRT User


Joined: 23 Jul 2007
Posts: 114

PostPosted: Mon Jun 08, 2009 20:00    Post subject: Reply with quote
crushedhat wrote:
I was expecting to post a new version of my modified firmware soon, but it looks like I won’t be able to work on it again for another couple of weeks.

I’d rather do it right in a couple of weeks than post something rushed that doesn’t work right.

Do you still have any plan to release another version of your FW based on a more recent v24 build?

_________________
2x WRT54G v2
1x F5D7230 v1444
1x WHR-HP-G54
1x WHR-G300N v1
1x WRT300N v1.1
1x RT-N16
1x WNR3500L
jroysdon
DD-WRT Novice


Joined: 07 May 2009
Posts: 5

PostPosted: Mon Jun 08, 2009 21:12    Post subject: Re: usb + ipv6 support requested Reply with quote
jroysdon wrote:
As I posted a few back, I have an ASUS WL-520GU. It works good with the latest crushedhat mini version, except it has no USB support.

The latest SVN mini+usb works fine with USB support for printing, but IPv6 support.

Any chance I could get an image with both? Actually, I suspect I may be game to learn how to roll my own and get the maximum featureset for my router, but need to get pointed in the right direction.

Thanks,


Ok, disregard the request for USB support. I don't think you could fit it into the same image for 4mb flash routers. I ended up needing a connection downstairs for a fixed PC and I wasn't able to cable it without going outside the house (ick). So I ended up re-purposing the ASUS WL-520GU as a client-bridge downstairs. This worked out better anyway as having our printer/copier downstairs is more central for everyone.

So as to not fight with things, I bought a Buffalo WHR-HP-G54 just like what Crushedhat has and of course the image just worked. I loaded the latest mini v24-sp1 build 10020 (dd-wrt.v24_mini_generic.bin 2008-07-27) first via tftp, and then once it booted uploaded the latest Crushedhat 4mb version (dd-wrt.v24-10070_crushedhat_4MB.bin) and configured everything per his notes with a HE.net tunnel. IPv6 works great.

Hey, one request I have is for IPv6 DNS server support with DHCP. If I use HE.net's IPv6 DNS server then I get all of my Google services over IPv6 automagically. I can do this if I run my own DHCP server or configure it manually on each host - but that's defeats the whole purpose of DHCPd on a small low-energy router that I have to have on anyway vs. any PCs/servers which don't have to be on.
bkennelly
DD-WRT Novice


Joined: 20 Jun 2009
Posts: 2

PostPosted: Sun Jun 21, 2009 3:10    Post subject: Re: usb + ipv6 support requested Reply with quote
jroysdon wrote:
Hey, one request I have is for IPv6 DNS server support with DHCP. If I use HE.net's IPv6 DNS server then I get all of my Google services over IPv6 automagically.


Make sure DNSMasq is enabled, then add
server=/#/2001:470:20::2
in the additional options box.
That will send all DNS requests to the HE IPv6 server. ('#' matches all domains.)

Of course, you could just use their IPv4 DNS server, 74.82.42.42; it gives the same answers.
gplnpsb
DD-WRT Novice


Joined: 23 Jun 2009
Posts: 1

PostPosted: Tue Jun 23, 2009 6:25    Post subject: Reply with quote
Hi there, I just got IPv6 working using crushedhat's build with the help of this thread. I noticed that I was able to access the router system information page via the router's ipv6 address - and realized that it might be visible to the ipv6 internet. Despite having a secure router password I'd rather this page not be visible to the outside world. Is there a way to disable http access over ipv6?

Thanks
joewein
DD-WRT Novice


Joined: 24 May 2009
Posts: 6

PostPosted: Tue Jun 23, 2009 6:52    Post subject: Reply with quote
I wonder if removing "http" from the list of permitted TCP ports in the firewall rules would do what you want:

Quote:
insmod ip6t_REJECT
ip6tables -F
ip6tables -A FORWARD -p tcp -i he-ipv6 –syn -m multiport –dports ftp-data,ftp,ssh,smtp,http,https,ntp,domain -j ACCEPT
ip6tables -A FORWARD -p tcp -i he-ipv6 –syn -j REJECT –reject-with adm-prohibited
ip6tables -A FORWARD -p udp -i he-ipv6 -m multiport –dports ntp,domain -j ACCEPT
ip6tables -A FORWARD -p udp -i he-ipv6 -j REJECT –reject-with adm-prohibited


Perhaps removing it only stops HTTP access from outside to web servers on your LAN - I'm not an expert on iptables.
boonie
DD-WRT Novice


Joined: 11 Jul 2009
Posts: 2

PostPosted: Sat Jul 11, 2009 14:04    Post subject: Reply with quote
@gplnpsb: To block all traffic to the IP of my router I've used this:

In the startup you need these lines. They were in other posts before:

Code:
insmod /jffs/lib/modules/2.4.34/ip6_tables.o
insmod /jffs/lib/modules/2.4.34/ip6table_filter.o
insmod /jffs/lib/modules/2.4.34/ip6t_multiport.o


And then save this in the firewall part:

Code:
insmod ip6t_REJECT
ip6tables -F
ip6tables -I INPUT -d 2001:470:1f14:153::2 -j DROP
ip6tables -I INPUT -d 2001:470:1f15:153::99 -j DROP


Change the IP to the one your router has.

You might want to use this site to test with pings: http://www.subnetonline.com/pages/ipv6-network-tools/online-ipv6-ping.php

edit: Added second IP. The router gui was reachable on 2 IPv6 addresses.

edit2: Added filtering on specific ports only. Before this, I could not ping anymore from the GUI.

ip6tables -I INPUT -d 2001:470:1f14:153::2 --dport 80,23 -j DROP
ip6tables -I INPUT -d 2001:470:1f15:153::99 --dport 80,23 -j DROP
dtaht
DD-WRT Novice


Joined: 09 Sep 2009
Posts: 1

PostPosted: Wed Sep 09, 2009 18:34    Post subject: ipv6 to google modification to dnsmasq Reply with quote
I note that an earlier post suggested that google over ipv6 be accessed thusly, if you have a hurricane electric tunnel.

>Make sure DNSMasq is enabled, then add
>server=/#/2001:470:20::2
>in the additional options box.
>That will send all DNS requests to the HE IPv6 server. >('#' matches all domains.)

this is kind of a bad idea, if you lose your tunnel for any reason, everything goes down. Rather, just direct your requests to ipv6 google via this in your dnsmasq options.

server=/google.com/2001:470:20::2

I note that gmail is also ipv6 enabled, although it may not be official. You can add:

server=/gmail.com/2001:470:20::2

I'm told that sixxs is running a dns nameserver for google over ipv6 as well.
Goto page Previous  1, 2, 3, 4, 5, 6, 7  Next Display posts from previous:    Page 5 of 7
Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum