SOLVED
Hello @lezion_ ,
Can you share the ipv6 config which is configured and device product number 'JXXXXX'?
Thanks!
Hi @lezion_ !
Ipv6 is setup to negotiate via Slaac and my clients can ping the router it's vlan ip and also it's ip address set outside vlan on interface GE0/0, but they can't reach any further.
What about tracerouting or pinging IPv6 hosts on Internet from the router itself? Try these two hosts:
2001:4860:4860::8888 and/or 2001:4860:4860::8844
Also, check 'display ipv6 routing-table' if there is any default IPv6 route installed and if there is such, is outgoing interface of the route is the correct one.
What IPv6 addresses your hosts on Vlan1 receive? Please, give a couple of examples.
Do they get them through SLAAC or you they have addresses manually assigned?
Hi @Ivan_B
Hosts are assigned Link Local address:
However i tried assigning hosts ip staticly and through DHCP too but that didnt work either.
My simplified diagram looks like this:
Ok, so since your internal hosts use only link-local FE80 addresses, how hosts on Internet can reply to them even if they get any request from these? For IPv4 you have NAT (technically in your case it is PAT) that translates private RFC1918 addresses to your global IPv4 address assigned to the interface Gig0/0 and vice-versa. But for IPv6 normally we don't use NAT, but expect all hosts even on local networks to communicate outside its Vlan using global unicast IPv6 addresses from 2000::/3 range.
When you initiate a connection from the router itself (like ping or traceroute) the router uses 2A01:4B00:8537:4B00:DA94:3FF:FE43:C9CC/128 as source and since it is valid global unicast address when a host on Internet gets ICMP echo for example, it knows where to return ICMP echo reply. When your internal hosts communicate with Internet they use their FE80 addresses which of course doesn't work on Internet.
To be honest I don't have much of experience with IPv6 on Edge devices, but generally there is an option called PD (Prefix Delegation). Normally edge routers use it in order to delegate a prefix on its WAN port to LAN. In your case your ISP gives you 2A01:4B00:8537:4B00::/64 prefix, but you can't really divide it into sub-networks, as it's already got /64 host prefix (you technically can, but don't open this can of worms, stay on the light side of the IPv6 standards), but PD allows you to 'delegate' this prefix to Vlan-interface1 and your hosts there will get 2A01:4B00:8537:4B00::/64 addresses. I know it looks strange for anybody coming from IPv4 world as there you absolutely can not have same subnet on different L3 interfaces, but it's the way how modern IPv6 routers deal with /64 prefixes received from ISPs.
I don't have prepared configuration that you can copy-paste, but here is an example of working config for PD when ISP uses PPPoE. Dialer5 here will be your WAN port, ignore everything non-related to ipv6 or dhcpv6 there:
dialer-group 1 rule ip permit
#
ipv6 dhcp pool stateless
option-group 1 //quote information in DHCPv6 option group 1 (see related commands in Dialer interface)
#
interface Dialer5 //PPPoE dial interface
mtu 1492
ppp chap password simple pwd
ppp chap user usr
ppp ipcp dns admit-any
ppp ipcp dns request
ppp pap local-user usr password simple pwd
dialer bundle enable
dialer-group 1
dialer timer idle 0
dialer timer autodial 60
ip address ppp-negotiate
tcp mss 1452
nat outbound
ipv6 address auto //Stateless automatic configuration of IPv6 (global unicast) address
ipv6 address auto link-local //Set IPv6 link local address
ipv6 dhcp client pd 1 rapid-commit option-group 1 //Request the prefix from the ISP through the DHCPv6 PD. pd 1 refers to assigning the obtained prefix as prefix number 1; option-group 1 refers to assigning other options (such as DNS addresses) issued by DHCPv6 to the local option group (option-group); rapid-commit refers to preferential use of DHCPv6 fast Interactive (rapid commit) mode.
#
interface Vlan-interface1
ip address 192.168.8.1 255.255.255.0
ipv6 mtu 1280 //H3C V7 does not support ipv6 tcp mss for the time being, and can only minimize the MTU (this mtu setting will be advertised to the "intranet" terminal through RA) .
ipv6 dhcp select server //Specify the interface to work in DHCPv6 server mode
ipv6 dhcp server apply pool stateless
ipv6 address 1 ::1/64 //quote the prefix
ipv6 nd autoconfig other-flag in prefix number 1 //instruct the client to use DHCPv6 to obtain Configuration other than IPv6 address (such as DNS)
undo ipv6 nd ra halt //Allow RA to be sent on this interface
ipv6 nd ra interval 60 10 //The maximum and minimum sending interval of RA (randomly between the maximum and the minimum Choose the time)
ipv6 nd ra dns server 240C::6666 sequence 0 //Use RA RDNSS to notify the DNS server to be compatible with clients that do not support DHCPv6
ipv6 nd ra dns server 240C::6644 sequence 1
#
interface GigabitEthernet1/0/5 //Dial binding The specified physical interface
port link-mode route
undo lldp enable
undo dhcp select server
pppoe-client dial-bundle-number 5
#
ip route-static 0.0.0.0 0 Dialer5
ipv6 route-static :: 0 Dialer5 //IPv6 default route