FireBrick IPv6 Tunnel

From AAISP Support Site
Revision as of 10:16, 10 January 2011 by AA-Andrew (talk | contribs)

To add a tunnelled IPv6 block to your FireBrick (2500/2700) and advertise it on your LAN subnet is quite simple:

Create a route:

<route ip="::/0" gateway="81.187.81.187"/>

Here, 81.187.81.187 is the AAISP side Tunnel endpoint, and we've created an IPv6 default route to it - if you are using someone else for the Tunnel, then use their endpoint.

Update your subnet to include:

  • ra="true"
  • ra-mtu="1480" (1472 if over ppp)
  • and add an IPv6 address from your block to the ip= element.

The smaller MTU is required due to the IPv6 packets being placed inside IPv4 packets.

Once saved, machines on your LAN should be given IPv6 addresses, and they will use the FireBrick as their IPv6 gateway, which in turn will use the Tunnel endpoint.