I’m trying to get IPv6 working on my PPPoE WAN connection, following this and this guide (among with other sources), however I can’t get it to work fully on my setup, which is as follows:
- PPPoE on WAN side
- 4 VLANs on LAN side via br100: br100.10, br100.20, br100.30, br100.40
- IPv6 /48 prefix from my ISP
With the following setup I get IPv6 addresses on my bridge interfaces coming from my ISP:
set interfaces pppoe pppoe0 ipv6 address autoconf # needed sometimes
set interfaces pppoe pppoe0 dhcpv6-options pd 1 length '48'
set interfaces pppoe pppoe0 dhcpv6-options pd 1 interface br100.10 sla-id 16
set interfaces pppoe pppoe0 dhcpv6-options pd 1 interface br100.10 address 1
set interfaces pppoe pppoe0 dhcpv6-options pd 1 interface br100.20 sla-id 32
set interfaces pppoe pppoe0 dhcpv6-options pd 1 interface br100.20 address 1
set interfaces pppoe pppoe0 dhcpv6-options pd 1 interface br100.30 sla-id 48
set interfaces pppoe pppoe0 dhcpv6-options pd 1 interface br100.30 address 1
set interfaces pppoe pppoe0 dhcpv6-options pd 1 interface br100.40 sla-id 64
set interfaces pppoe pppoe0 dhcpv6-options pd 1 interface br100.40 address 1
Gives
vyos@vyos:~$ show interfaces | strip-private
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface IP Address MAC VRF MTU S/L Description
----------- ----------------------- ----------------- ------- ----- ----- ----------------
br100 - xx:xx:xx:xx:xx:55 default 1500 u/u
br100.10 xxx.xxx.10.1/24 xx:xx:xx:xx:xx:55 default 1500 u/u VLAN10-Mgmt
xxxx:xxxx:77ce:10::1/64
br100.20 xxx.xxx.20.1/24 xx:xx:xx:xx:xx:55 default 1500 u/u VLAN20-Trusted
xxxx:xxxx:77ce:20::1/64
br100.30 xxx.xxx.30.1/24 xx:xx:xx:xx:xx:55 default 1500 u/u VLAN30-Guest
xxxx:xxxx:77ce:30::1/64
br100.40 xxx.xxx.40.1/24 xx:xx:xx:xx:xx:55 default 1500 u/u VLAN40-IoT
xxxx:xxxx:77ce:40::1/64
eth0 - xx:xx:xx:xx:xx:af default 1500 u/u LAN
eth1 - xx:xx:xx:xx:xx:f3 default 1500 u/u WAN
eth1.6 - xx:xx:xx:xx:xx:f3 default 1500 u/u WAN
lo xxx.xxx.0.1/8 xx:xx:xx:xx:xx:00 default 65536 u/u
::1/128
pppoe0 xxx.xxx.185.241/32 n/a default 1492 u/u WAN
wg0 xxx.xxx.50.1/24 n/a default 1420 u/u Roadwarrior
vyos@vyos:~$ show ipv6 route | strip-private
Codes: K - kernel route, C - connected, S - static, R - RIPng,
O - OSPFv3, I - IS-IS, B - BGP, N - NHRP, T - Table,
v - VNC, V - VNC-Direct, A - Babel, F - PBR,
f - OpenFabric,
> - selected route, * - FIB route, q - queued, r - rejected, b - backup
t - trapped, o - offload failure
S>* ::/0 [210/0] is directly connected, pppoe0, weight 1, 00:11:03
C>* xxxx:xxxx:77ce:10::/64 is directly connected, br100.10, 00:10:39
C>* xxxx:xxxx:77ce:20::/64 is directly connected, br100.20, 00:10:39
C>* xxxx:xxxx:77ce:30::/64 is directly connected, br100.30, 00:10:38
C>* xxxx:xxxx:77ce:40::/64 is directly connected, br100.40, 00:10:38
C * fe80::/64 is directly connected, br100.10, 00:10:38
C * fe80::/64 is directly connected, br100.40, 00:10:38
C * fe80::/64 is directly connected, br100.30, 00:10:38
C * fe80::/64 is directly connected, br100, 00:10:38
C * fe80::/64 is directly connected, br100.20, 00:10:39
C * fe80::/64 is directly connected, wg0, 00:11:06
C * fe80::/64 is directly connected, pppoe0, 00:11:07
C * fe80::/64 is directly connected, eth1.6, 00:11:09
C * fe80::/64 is directly connected, eth1, 00:11:09
C>* fe80::/64 is directly connected, lo, 00:11:12
C>* fe80::627e:cdff:fe95:8efb/128 is directly connected, pppoe0, 00:11:07
C>* fe80::f4d6:aaa4:164f:ea54/128 is directly connected, pppoe0, 00:11:07
I can resolve host names to IPv6 addresses, but that might also given by my DNS over IPv4.
I then try to get IPv6 working on my LAN with the following setup, but no LAN client gets an IPv6 address:
# set service dns forwarding dnssec validate
set service dns forwarding listen-address 2a02:a47f:e000::53
set service dns forwarding listen-address 2a02:a47f:e000::54
set service router-advert interface br100.10 link-mtu '1492'
set service router-advert interface br100.10 other-config-flag
set service router-advert interface br100.10 name-server 2a02:a47f:e000::53
set service router-advert interface br100.10 name-server 2a02:a47f:e000::54
set service router-advert interface br100.10 prefix ::/64 valid-lifetime '172800'
set service router-advert interface br100.20 link-mtu '1492'
set service router-advert interface br100.20 other-config-flag
set service router-advert interface br100.20 name-server 2a02:a47f:e000::53
set service router-advert interface br100.20 name-server 2a02:a47f:e000::54
set service router-advert interface br100.20 prefix ::/64 valid-lifetime '172800'
set service router-advert interface br100.30 link-mtu '1492'
set service router-advert interface br100.30 other-config-flag
set service router-advert interface br100.30 name-server 2a02:a47f:e000::53
set service router-advert interface br100.30 name-server 2a02:a47f:e000::54
set service router-advert interface br100.30 prefix ::/64 valid-lifetime '172800'
set service router-advert interface br100.40 link-mtu '1492'
set service router-advert interface br100.40 other-config-flag
set service router-advert interface br100.40 name-server 2a02:a47f:e000::53
set service router-advert interface br100.40 name-server 2a02:a47f:e000::54
set service router-advert interface br100.40 prefix ::/64 valid-lifetime '172800'
I suspect it could have something to do with VLANs in use, but the prefixes are already assigned on the correct VLAN interfaces. Any idea what I’m missing? Thanks in advance