IPv6 in my LAN with Unitymedia, Technicolor TC7200, Ubiquiti EdgeOS on Edgerouter X and Prefix Delegation
This post describes how to set up IPv6 with Edgerouter X (and supposedly any EdgeOS device) in interplay with the infameous Technicolor TC7200 cable modem as provided by Unitymedia in Germany, using prefix delegation to advertise valid IPv6 addresses into the LAN. This guide shows how to configure settings via GUI instead of CLI.
As usual, some bla bla in the beginning – you may skip directly to the guide.
Some of the links are German – I could not find English versions, sorry!
Preface
Compared to the simple concepts of IPv4, I still struggle a bit to understand the IPv6 concepts in detail. But Unitymedia, my ISP, only offers DS-Lite (and receives lots of bad publicity for it), and thus forces you to have a look on IPv6 concepts if you at some point want to go beyond simple internet surfing. Still, they don’t make your life easy, delivering cable modems that are – to put it mildly – a bit overrestricted, lacking funtionality that you would expect, and which the hardware itself even would be able to provide. I am speaking of the infameous Technicolor TC7200 cable modem – Unitymedia edition -, but as far as I understand (and partly can judge myself), the Connect Box is not really better.
On of the severe problems is that the TC7200 supposedly does not support prefix delegation, which is a crucial feature. I did not understand how crucial that is, until I started playing around a bit naïvely. I thought: Well, just pick a valid subnet and distribute it yourself, and things will work. I was not aware of the fact that the cable modem/router needs to actively issue the prefix in order to be willing to route traffic from and to it.
The good news is: In the meantime some firmware update seems to have enabled prefix delegation, and I have it up and running – which I never would have tried if I had understood everything beforehand – so, sometimes ignorance is a blessing 🙂
Configure Edgerouter X
Ubiquiti offers a rather cheap gigabit router that runs a modified Linux on it, EdgeOS. It offers routing, NAT, firewall, VPN and some more functions in a comprehensive GUI. The only caveat with the cheap device is, that it would not be able to offer full gigabit throughput on all interfaces simultaneously, but it is capable enough for home use by some margin. I find the IPv6 support by the GUI rather lacking, but the funtionality itself is there, either via CLI, or via the Config Tree GUI, which is what I present here. If you want to use CLI, I recommend this forum post on the Ubiquiti forum. Here are the steps with the GUI via Config Tree tab:
1. Add prefix number to WAN interface
The WAN interface – in my case eth0 – is the one to receive the delegated prefix from the upstream router, i.e. the cable modem. So we need to give it a number to identify the requested prefix. I chose 0.
2. Set prefix length
After that, you configure the desired prefix length. The router will ask the upstream device for a prefix of this length. What exactly you can get depends on your ISP. Trying around, 62 bit length seems to be what Unitymedia is willing to hand over.
3. Select LAN interface
In the end, you want clients in the LAN to get IP addresses from the delegated prefix. Here you can select the interfaces that shall allow clients to pick an address. In my case, it’s switch0 that consists of three router ports.
4. Select Service
With IPv6, you can run “classic” DHCP, where the DHCP server decides which IP address a client gets. Alternatively, you can use Stateless address autoconfiguration (SLAAC), which I understand seems to be the more modern way to got. The client itself will generate an IP address from the offered subnet, will check if there is a duplicate, and if not, keep it.
So I configured slaac as service. I’ve still some questionmarks – it seems that the DNS server is not handed over alongside – it still comes via DHCPv4. As of now, it does not bother me, since the DNS via IPv4 can still answer AAAA queries for IPv6 addresses.
5. (optional?) WAN interface autoconfiguration
During my fumbling around (and it still feels like that…) I realized my Edgerouter did not get an IPv6 address on its own. This is quickly mitigated (and would also work without prefix delegation) by configuring the WAN interface for autoconfiguration:
I cannot tell if this is strictly necessary for things to work, but I left it since it seems to make sense to me.
And that’s it already. All my devices in the LAN immediately picked up the IPv6 capability, and now have porper IPv6 addresses. Let’s see how I can make use of it in the future…
Remarks
Doing the above steps will cause several other values to be set to defaults. Click around in the Config Tree, you’ll see what I mean. It may make sense to play around a bit here.
Do not forget to make sure you have an IPv6 firewall configured! The IPv6 addresses that you just brought into existence are globally routed and thus open to attackers unless shielded.
Connect Box
I shortly had the Connect Box from Unitymedia (as you can read at the end of my Media Center blog post) which supposedly was capable of prefix delegation right from the beginning, but apart from that and the fast WiFi it offers, I found it bad: Slow UI, bad LAN performance – I sent it back. It seems it was a good decision: I find quite a number of forum posts where other users report the same experience I had. So don’t just retire your TC7200 just for prefix delegation – no need anymore 🙂
Hi,
is this still working?
/Bernd
Hi Bernd, to my knowledge yes. However, in the meantime my ISP Unitymedia has been acquired by Vodafone, I got a new box (the “Vodafone Station”, i.e. an Arris TG3442DE), and that new box does not do prefix delegation *sigh*
Hi Hauke,
so you don’t use the Edgerouter any more? I am trying with a unitymedia connect box and an edge router but so far without success with IPv6
/Bernd
Hi Bernd,
I still use Edgerouter X, of course! Cool device! I am rather sure that I had it working with the Connect Box, but it was tricky: You had to have the exact right prefix length. I seem to remember it was /62, but it is worth trying anything between /57 and /63. However, there’s a chance they switched that off with Connect Box also, if for whatever reason Vodafone thinks users don’t need it. A quick search in the inofficial Unitymedia-Forum yielded this post – I guess it’s worth a try.
Good luck!
Hauke