ER-X使用switch0的vif接口拨号dhcpv6-PD无法获取前缀

一直以来为了方便我都是使用switch0的vif接口拨号。这样的好处就是可以ER-X到ONU之间单网线并且通过不同VLAN支持上网,IPTV和语音3钟业务
具体做法是ONU做VLAN绑定,所有的业务VLAN都通过tagged形式走到ER-X的eth0,ER-X所有的端口都加入switch0,启用 vlan 支持。
然后建立switch0.xxx几个vlan字接口,pppoe建立在switch0.xxx上。除了firewall之外,IPv4拨号上网一直不成问题。

但是最近北京电信和北京移动分别启用了dhcpv6分配/60和/64前缀。但是无论怎么配置,始终无法正常获取前缀。
经过反复测试,确定了使用switch0的vif接口拨号时候,无法正常通过dhcpv6-PD获取前缀,如果将eth0拆出switch0,单独建立vif拨号,就没有问题。

这个问题不知道是否是由硬件结构限制,未来是否会解决。ER-X的web页面感觉对于IPv6的支持基本为零,只能通过配置树和CLI解决,而且功能严重不完善。
最近配置IPv6的朋友们请注意一下,避免走弯路。

想知道这个问题你是否有进展?我也是对位于光猫vlan,拨号在 switch0.201上,我也刚要求开通了ipv6,所以怎么配置也成了现实问题。

我倒是配出过pppoe0上有了240e的地址,但是没法内网分配,因此也就重置了。现在需要比较详尽的ipv6配置教程,但是似乎连官方英文论坛也找不到,相关信息很混乱。

借楼主宝地求教,我的上网和IPTV都是pppoe方式,用你的方法,ONU做VLAN绑定,把ER-X所有的端口都加入switch0,启用 vlan 支持,再建立两个switch0.xxx,上网和IPTV的pppoe分别建立在这两个switch0.xxx上,发现只能拨上一个,两个同时拨上的话立刻会断掉一个。不得已,只能留一个端口不加入switch0,双网线连接ONU。请问这是一个switch0上不能有2个pppoe吗?

firewall {
all-ping enable
broadcast-ping disable
ipv6-name WANv6_IN {
default-action drop
description “IPv6 packets from the internet to LAN and WAN”
enable-default-log
rule 10 {
action accept
description “Allow established/related packets”
protocol all
state {
established enable
related enable
}
}
rule 20 {
action accept
description “Allow IPv6 icmp”
protocol ipv6-icmp
}
rule 90 {
action drop
description “Drop invalid packets”
protocol all
state {
invalid enable
}
}
}
ipv6-name WANv6_LOCAL {
default-action drop
description “WAN inbound traffic to the router”
enable-default-log
rule 10 {
action accept
description “Allow established/related sessions”
state {
established enable
related enable
}
}
rule 20 {
action accept
description “Allow IPv6 icmp”
protocol ipv6-icmp
}
rule 30 {
action accept
description “allow dhcpv6”
destination {
port 546
}
protocol udp
source {
port 547
}
}
rule 90 {
action drop
description “Drop invalid state”
state {
invalid enable
}
}
}
ipv6-receive-redirects disable
ipv6-src-route disable
ip-src-route disable
log-martians enable
name WAN_IN {
default-action drop
description “WAN to internal”
rule 10 {
action accept
description “Allow established/related”
state {
established enable
related enable
}
}
rule 90 {
action drop
description “Drop invalid state”
state {
invalid enable
}
}
}
name WAN_LOCAL {
default-action drop
description “WAN to router”
rule 10 {
action accept
description “Allow established/related”
state {
established enable
related enable
}
}
rule 20 {
action accept
description https
destination {
port 443
}
log disable
protocol tcp
}
rule 90 {
action drop
description “Drop invalid state”
state {
invalid enable
}
}
}
options {
mss-clamp {
mss 1412
}
}
receive-redirects disable
send-redirects enable
source-validation disable
syn-cookies enable
}
interfaces {
ethernet eth0 {
address 192.168.1.6/24
description “Internet (PPPoE)”
duplex auto
pppoe 0 {
default-route auto
dhcpv6-pd {
no-dns
pd 0 {
interface switch0 {
host-address ::1
prefix-id :0
service dhcpv6-stateless
}
prefix-length /60
}
prefix-only
rapid-commit enable
}
firewall {
in {
ipv6-name WANv6_IN
name WAN_IN
}
local {
ipv6-name WANv6_LOCAL
name WAN_LOCAL
}
}
ipv6 {
address {
autoconf
}
dup-addr-detect-transmits 1
enable {
}
}
mtu 1492
name-server none
password 888888
user-id 07458888888
}
speed auto
}
ethernet eth1 {
duplex auto
speed auto
}
ethernet eth2 {
duplex auto
mtu 1500
speed auto
}
ethernet eth3 {
duplex auto
speed auto
}
ethernet eth4 {
duplex auto
speed auto
}
loopback lo {
}
switch switch0 {
address 192.168.6.1/24
description Local
ipv6 {
dup-addr-detect-transmits 1
router-advert {
cur-hop-limit 64
link-mtu 0
managed-flag true
max-interval 600
other-config-flag true
prefix ::/64 {
autonomous-flag true
on-link-flag true
valid-lifetime 2592000
}
reachable-time 0
retrans-timer 0
send-advert true
}
}
mtu 1500
switch-port {
interface eth1 {
}
interface eth2 {
}
interface eth3 {
}
interface eth4 {
}
vlan-aware disable
}
}
}
port-forward {
auto-firewall enable
hairpin-nat enable
lan-interface switch0
rule 1 {
description Routers_forwarding
forward-to {
address 192.168.6.1
port 443
}
original-port 8389
protocol tcp
}
wan-interface pppoe0
}
protocols {
static {
interface-route6 ::/0 {
next-hop-interface pppoe0 {
}
}
}
}
service {
dhcp-server {
disabled false
hostfile-update disable
shared-network-name LAN {
authoritative enable
subnet 192.168.6.0/24 {
default-router 192.168.6.1
dns-server 59.51.78.211
dns-server 223.6.6.6
lease 21600
start 192.168.6.50 {
stop 192.168.6.115
}
static-mapping AP {
ip-address 192.168.6.6
mac-address 88:88:88:88:88:01
}
static-mapping Computer {
ip-address 192.168.6.200
mac-address 88:88:88:88:88:02
}
static-mapping My_phone {
ip-address 192.168.6.196
mac-address 88:88:88:88:88:03
}
}
}
static-arp disable
use-dnsmasq disable
}
dns {
forwarding {
cache-size 150
listen-on switch0
system
}
}
gui {
http-port 80
https-port 443
older-ciphers enable
}
nat {
rule 5010 {
description “masquerade for WAN”
outbound-interface pppoe0
type masquerade
}
rule 5011 {
description “masquerade for LAN”
log disable
outbound-interface eth0
protocol all
type masquerade
}
}
ssh {
port 5022
protocol-version v2
}
unms {
disable
}
upnp {
listen-on switch0 {
outbound-interface pppoe0
}
}
upnp2 {
listen-on switch0
nat-pmp enable
secure-mode disable
wan pppoe0
}
}
system {
host-name ubnt
login {
user ubnt {
authentication {
encrypted-password $6$K4jStMOdaCnNs9o$3BxXZz8lB7tpLQToPA.ou3N3S9cpNWxJOgaZU20y.aMQnb1TEPi2sVLI42BcwUmfQTeOQxr05wt8vF9QEqAwJ/
plaintext-password “”
}
level admin
}
}
name-server 180.76.76.76
name-server 2400:da00::6666
ntp {
server 120.25.115.19 {
}
server 120.25.115.20 {
}
server 203.107.6.88 {
}
}
offload {
hwnat enable
ipsec enable
}
options {
reboot-on-panic true
}
syslog {
global {
facility all {
level notice
}
facility protocols {
level debug
}
}
}
task-scheduler {
task bg7dyf-reboot {
crontab-spec “26 5 * * *”
executable {
path /sbin/reboot
}
}
}
time-zone Asia/Shanghai
}

配置文件说明
结构是 EHT0接光猫 其他口接内网

1、内网网段改到192.168.6.1
2、可以直接访问IP是192.168.1.1的光猫
3、做了我知道的IPv6设置
4、账号密码是 ubnt ubnt
5、PPPOE可以获得/64的IPv6地址
6、switch0可以获得/60掩码的IPv6地址(16个)
7、外网访问端口改到8389 并做了相关设置
8、开启了硬加速

缺点:电脑不能自动获取IPv6地址,需要手工设置

ER-X_001.png

我也是这种情况,但是通过radvdump能够看到在switch0.xxx上的pppoe能拿到prefix,但是似乎不能通知给其他vlan(switch0.yyy),导致内网vlan始终无法获得有效的ipv6。看楼主发帖在2018年9月,现在过了一年多了,难道这个问题还是不能解决么?

我也遇到这问题了,现在好像也没修复