Tuesday, March 3, 2015

IPv6 linux gateway for home network with Telenet (Belgian ISP)

This took me a while to figure out, but I finally got the missing piece figured out.  I'm using Telenet as an ISP to provide access from my home network.  I have a linux box acting as a gateway router for the home network with some basic services that I use in my home.
The ISP has IPv6 enabled on their cable modems for a while, and I've been trying to extend that IPv6 network into my home network.  After all, they're handing out a /64 to all end users.  Here's how I got it to work.

The situation looks like this. The Telenet router is the ISP provided cable modem.  After that I have my Ubuntu linux gateway.  For the examples later, eth0 is the home network, eth1 is towards the internet.

The address range for the home network can be found on the admin pages from the ISP (warning - dutch content)

To turn on IP forwarding, configure in /etc/ufw/sysctl.conf:

I'll focus on the IPv6 specific settings in the remainder of the post.
In /etc/network/interfaces:
iface eth0 inet6 static
 address 2a02:1810:2088:5b00::100
 netmask 64
 up ip route add 2a02:1810:xxxx:xxxx::/64 dev eth0 metric 100
 down ip route del 2a02:1810:xxxx:xxxx::/64 dev eth0 metric 100

Note that I added an explicit metric.  If I didn't do this, the default route that is assigned to eth1 would get the upperhand, and I wouldn't be able to properly communicate within my home network since the gateway would send all traffic out the door.

Install radvd to autoconfigure devices on the home network:
sudo apt-get install radvd

And configure it:
interface eth0
   AdvSendAdvert on;
   MinRtrAdvInterval 30;
   MaxRtrAdvInterval 100;

   # There's no DHCPv6
   AdvManagedFlag off;
   AdvOtherConfigFlag off;

   prefix 2a02:1810:xxxx:xxxx::/64
        AdvOnLink on;
        AdvAutonomous on;
        AdvRouterAddr on;

Now before we add the last piece, make sure you have proper firewall rules in place.  I suggest configuring /etc/default/ufw to have disable forwarding by default (and potentially the other chains too):
Then specifically add firewall rules as required for your network.  Two things to know about:
  • There's no need for NAT with IPv6, so you can allow access directly to internal hosts
  • Ensure to configure the firewall on the "Mijn Telenet" ISP admin page in addition to the firewall on the linux gateway.

Now the last piece, which I couldn't figure out for the longest time: when requests come in from the internet (or responses from outgoing packets) the telenet router relies on IPv6 neighbor discovery to figure out who's behind it.  The linux gateway router doesn't proxy such requests by default.
You can compare this with ARP in IPv4.  The Telenet gateway is trying to figure out who has got a certain IPv6 address, and sends out neighbor solicitations.  The linux gateway will respond only when it hears its own address.  We can tell it to respond on behalf of the hosts on the home network by installing ndppd.

wget http://priv.nu/projects/ndppd/files/ndppd_0.2.3-1_amd64.deb
sudo dpkg -i ./ndppd_0.2.3-1_amd64.deb

Then configure it (/etc/ndppd.conf):
proxy eth1 {
    rule 2a02:1810:xxxx:xxxx::/64 {

Now start ndppd:
sudo service ndppd start

And that's it.. now the gateway will respond to IPv6 neighbor solications on eth1 for the entire /64 network.
You should not be able to get to IPv6 enabled websites from within your home network.  Most modern Windows computers will automatically configure themselves after the setup above.  Give it a try and navigate to http://test-ipv6.vyncke.org/  and you should see a confirmation.


  1. Nice Blog on IPv6 linux gateway for home network with Telenet (Belgian ISP).

  2. Those guidelines additionally worked to become a good way to recognize that other people online have the identical fervor like mine to grasp great deal more around this condition.

    Best AWS training in bangalore

  3. AWS Training in Bangalore - Live Online & Classroom
    myTectra Amazon Web Services (AWS) certification training helps you to gain real time hands on experience on AWS. myTectra offers AWS training in Bangalore using classroom and AWS Online Training globally. AWS Training at myTectra delivered by the experienced professional who has atleast 4 years of relavent AWS experince and overall 8-15 years of IT experience. myTectra Offers AWS Training since 2013 and retained the positions of Top AWS Training Company in Bangalore and India.

    IOT Training in Bangalore - Live Online & Classroom
    IOT Training course observes iot as the platform for networking of different devices on the internet and their inter related communication. Reading data through the sensors and processing it with applications sitting in the cloud and thereafter passing the processed data to generate different kind of output is the motive of the complete curricula. Students are made to understand the type of input devices and communications among the devices in a wireless media.

  4. Hadoop concepts, Applying modelling through R programming using Machine learning algorithms and illustrate impeccable Data Visualization by leveraging on 'R' capabilities.With companies across industries striving to bring their research and analysis (R&A) departments up to speed, the demand for qualified data scientists is rising.
    data science training in bangalore
    Big Data and Hadoop training Unlike traditional systems, Big Data and Hadoop enables multiple types of analytic workloads to run on the same data, at the same time, at massive scale on industry-standard hardware.myTectra Big Data and Hadoop training is designed to help you become a expert Hadoop developer. myTectra offers Big Data Hadoop Training in Bangalore using Class Room.
    hadoop training in bangalore
    Looking for best Machine Learning Training in Bangalore then join myTectra the leader in Machine Learning Training in Bangalore. Classroom & Online Training
    machine learning training in bangalore

  5. Thank you for this post. Thats all I are able to say. You most absolutely have built this blog website into something speciel. You clearly know what you are working on, youve insured so many corners.thanks
    Digital Marketing Training in Chennai

    Digital Marketing Training in Bangalore

    digital marketing training in tambaram

    digital marketing training in annanagar

  6. Great post! I am actually getting ready to across this information, It’s very helpful for this blog.Also great with all of the valuable information you have Keep up the good work you are doing well.
    Digital Marketing online training

    full stack developer training in pune

    full stack developer training in annanagar

    full stack developer training in tambaram

  7. Thanks a lot for sharing us about this update. Hope you will not get tired on making posts as informative as this. 
    python training institute in chennai
    python training in Bangalore
    python training in pune

  8. Thank you for allowing me to read it, welcome to the next in a recent article. And thanks for sharing the nice article, keep posting or updating news article.
    Blueprism training in tambaram

    Blueprism training in annanagar

    Blueprism training in velachery

  9. You’ve written a really great article here. Your writing style makes this material easy to understand.. I agree with some of the many points you have made. Thank you for this is real thought-provoking content
    java training in jayanagar | java training in electronic city

    java training in chennai | java training in USA

  10. Thanks for splitting your comprehension with us. It’s really useful to me & I hope it helps the people who in need of this vital information. 

    angularjs Training in chennai
    angularjs Training in chennai

    angularjs-Training in tambaram

    angularjs-Training in sholinganallur

    angularjs-Training in velachery

  11. Whoa! I’m enjoying the template/theme of this website. It’s simple, yet effective. A lot of times it’s very hard to get that “perfect balance” between superb usability and visual appeal. I must say you’ve done a very good job with this.

    AWS Training in Bangalore | Amazon Web Services Training in bangalore , india

    AWS Training in pune | Amazon Web Services Training in Pune, india

    AWS Training in Chennai|Amazon Web Services Training in Chennai,India

    aws online training and certification | amazon web services online training ,india

  12. Infiltrate the gaming world with BGAOC online casino, win and get income by day. great game slot online Play at any time in an online casino.

  13. Разные виды товаров есть у нас, но лучшее это светодиодная лента купить Украина можно это сделать у компании Экодио

  14. Wow it is really wonderful and awesome thus it is very much useful for me to understand many concepts and helped me a lot. it is really explainable very well and i got more information from your blog.
    Microsoft Azure online training
    Selenium online training
    Java online training
    Java Script online training
    Share Point online training

  15. Home Mart is a site about Home Improvement, Furniture, Home Appliances and many more.
    Check out the best
    furniture nz
    furniture sale
    Dog Cages
    bedroom furniture nz

  16. Attend The Digital Marketing courses in bangalore From ExcelR. Practical Digital Marketing courses in bangalore Sessions With Assured Placement Support From Experienced Faculty. ExcelR Offers The Digital Marketing courses in bangalore.
    Digital Marketing Courses in Bangalore