Configuring Edge Router X for IPv6 on Maxis
Leaving this config here in case someone else finds this useful. Configuration was done on the Ubiquiti EdgeRouter X, ERX (EdgeOSv1.10.5) for Maxis Fiber (HSBB Unifi infrastructure).
The typical Maxis Fiber internet connection is a PPPoE authenticated connection over VLAN 621. Hence in the config below IPv6 will be enabled under the PPPoE tree of the configuration directory.
In my config my actual LAN interfaces eth2 and eth3 is behind switch0 interface. Hence I will be enabling ipv6 on the switch
Config as follows (in two parts):
firewall {
ipv6-name WANv6_IN {
default-action drop
description "WAN inbound traffic forwarded to LAN"
enable-default-log
rule 10 {
action accept
description "Allow established/related sessions"
state {
established enable
related enable
}
}
rule 20 {
action drop
description "Drop invalid state"
state {
invalid enable
}
}
}
ipv6-name WANv6_LOCAL {
default-action drop
description "WAN inbound traffic to the router"
enable-default-log
rule 10 {
action accept
description "Allow established/related sessions"
state {
established enable
related enable
}
}
rule 20 {
action drop
description "Drop invalid state"
state {
invalid enable
}
}
rule 30 {
action accept
description "Allow IPv6 icmp"
protocol ipv6-icmp
}
rule 40 {
action accept
description "allow dhcpv6"
destination {
port 546
}
protocol udp
source {
port 547
}
}
}
}interfaces {
ethernet eth0 {
duplex auto
speed auto
vif 621 {
description "Internet (PPPoE)"
pppoe 0 {
default-route auto
dhcpv6-pd {
pd 0 {
interface switch0 {
host-address ::1
prefix-id :0
service slaac
}
prefix-length 64
}
rapid-commit enable
}
firewall {
in {
ipv6-name WANv6_IN
name WAN_IN
}
local {
ipv6-name WANv6_LOCAL
name WAN_LOCAL
}
}
ipv6 {
address {
autoconf
}
enable {
}
}
mtu 1492
name-server auto
password ****************
user-id *******@public.maxis.com.my
}
}
}
switch switch0 {
address 10.0.0.1/24
ipv6 {
address {
autoconf
}
dup-addr-detect-transmits 1
router-advert {
managed-flag true
name-server fe80::f369:71d6:f865:9974
name-server fe80::b1c3:b1cd:a709:ddc5
prefix ::/64 {
autonomous-flag true
on-link-flag true
}
}
}
}
}Notes:
- Maxis IPv6 uses a
::/64prefix (as far as I can tell) -
fe80::f369:71d6:f865:9974andfe80::b1c3:b1cd:a709:ddc5are my local IPv6 DNS caching servers;
Alternatively please feel free to use a public IPv6 DNS servers like Google, OpenDNS or Cloudflare.
Disclaimer
(update March 2021)
The above post is NOT a how-to / step-by-step / tutorial
If the above does not make sense to you OR you do not know what to do with the information provided: This post is simply NOT for you. I will not provide the basic knowledge required to understand and properly configure your Edge Router. To thoso who’s inclined to do it themselves, please read up at Ubiquiti’s Edgerouter Documentation Page.
Please DO NOT contact me for support/assistance (especially issues related to basic knowledge of router configuration but not limited to this). Your network equipment is your own responsibility to configure and maintain.
TL;DR Information above is provided as it is; no more no less; for the benefit to those who can understand it; no support from the author will be provided; you are on your own.
Post changelog
2019-10-22 - After changes to Maxis's network and a year later of ERX firware patches the config below seems to be broken. Haven't gotten around to get it working again.
2020-06-12 - The config below is still working. (Thanks to Andrew!).
2021-03-07 - Added disclaimer section.