Categories

Bluetrait
        Bluetrait
                Bluetrait
                    Coding
                    Geek
                    General
                    Videos
                    Solar
                    Coding
                    Geek
                    General
                    Coding
                        PHP
                        Bluetrait
                        PHP
                        Bluetrait
                        WordPress
                            Plugins
                        PHP
                        Bluetrait (Program)
                    Geek
                        Juniper
                        Cisco
                        IBM N2200 8363
                        PCs
                        Spam
                        IPv6
                        Apple
                        NetScreen
                        Internet
                    General
                        Uni

Sun, 17 Jan 2010 11:10 AM

Native IPv6 over PPPoE with Internode and a Juniper SSG5

Michael Dale

Internode released a trial of native IPv6 over ADSL a few months back, so anyone with an ADSL account with them can try it.


So one of my clients has an SSG5 and an internode connection so I thought I'd set it up.


So the setup:


  • ADSL modem in bridge mode

  • SSG5 running ScreenOS 6.3.0r2 (I had some issues with 6.2, so it is best to use the latest OS)

The very first step is to enable IPv6 on the SSG5, this requires you to run the following command and then restart/reboot the device:


set envar ipv6=yes

Once done you should now have access to all the IPv6 functions in the WebUI.


The next step is to modify your PPPoE connection settings.



set pppoe name "Internode" username "username@ipv6.internode.on.net" password "encryptedpassword"


set pppoe name "Internode" ppp ipv6cp ipcp



Now you need to enable IPv6 on the interface that the PPPoE connection is setup on.



set interface "ethernet0/0" ipv6 mode "host"


set interface "ethernet0/0" ipv6 enable


set interface ethernet0/0 ipv6 ra accept


unset interface ethernet0/0 ipv6 nd nud



So the above should be enough for you to get the /64 on the PPPoE interface.


Internode is currently handing out a /60 for use in your network (via DHCPv6), so lets now set that up.



set interface ethernet0/0 dhcp6 client


set interface ethernet0/0 dhcp6 client options rapid-commit


set interface ethernet0/0 dhcp6 client options request pd


set interface ethernet0/0 dhcp6 client pd ra-interface bgroup0


set interface ethernet0/0 dhcp6 client enable



In the above "bgroup0" is my LAN interface.


Now let's get IPv6 running on "bgroup0"



set interface "bgroup0" ipv6 mode "router"


set interface "bgroup0" ipv6 ip 2001:44b8:7763:baa0::1/64


set interface "bgroup0" ipv6 enable


set interface bgroup0 ipv6 ra link-address


set interface bgroup0 ipv6 ra transmit


unset interface bgroup0 ipv6 nd nud



In the above the IPv6 address there is my first /64 out of the /60, I've manually set it to a :1 address but you can use whatever it's default auto assigned address is.


Now you might want to hand out internodes IPv6 DNS server addresses to your LAN



set interface bgroup0 dhcp6 server


set interface bgroup0 dhcp6 server options dns dns1 2001:44b8:1::6


set interface bgroup0 dhcp6 server options dns dns2 2001:44b8:2::6


set interface bgroup0 dhcp6 server enable



Now we need to setup the default IPv6 route, as the one that is added by default is incorrect.



set route ::/0 interface ethernet0/0 gateway ::



And finally the IPv6 policy to allow traffic out (yay no NAT).



set policy id 12 from "Trust" to "Untrust"  "Any-IPv6" "Any-IPv6" "ANY" permit log



That should be all you need to do to get IPv6 working on your network.


There is more information over at the internode site if needed.


And here is a traceroute from a computer on the LAN



C:\Users\Administrator>tracert -6 ipv6.google.com


Tracing route to ipv6.l.google.com [2001:4860:c004::68]


over a maximum of 30 hops:


  1     1 ms    <1 ms    <1 ms  2001:44b8:7763:baa0::1


  2    37 ms    37 ms    37 ms  loop0.lns6.syd7.internode.on.net [2001:44b8:b070::4]


  3    37 ms    37 ms    37 ms  gi1-1.cor2.syd7.internode.on.net [2001:44b8:b070:5::1]


  4    37 ms     *       37 ms  gi6-0-0-146.bdr1.syd6.internode.on.net [2001:44b8:b060:146::1]


  5    37 ms    37 ms    37 ms  2001:4860:1:1:0:1283:0:2


  6    38 ms    38 ms    39 ms  2001:4860::1:0:9f8


  7   184 ms   295 ms   174 ms  2001:4860::1:0:165


  8   175 ms   175 ms   175 ms  2001:4860::1:0:890


  9   181 ms   176 ms   182 ms  2001:4860::29


 10   185 ms   176 ms   244 ms  tx-in-x68.1e100.net [2001:4860:c004::68]


Trace complete.