| This is a pretty decent overview of IPv6 on a home network. Here are some other things I learned when doing something similar recently on my home network (except the router is a FreeBSD box). - You can run `dhclient` interactively to learn the size of the prefix your ISP delegates. The OP touches on this, but the solution is OpenWRT-specific. Most distributions include `dhclient` or have it packaged. - It’s possible that the IP your ISP assigns your router is in a different prefix from the prefix it delegates to you. For example, my ISP for a while assigned an IP in 2607::/16 while delegating a /56 prefix in 2605::/16. - Prefixes can also change. When I switched my router to FreeBSD, I started getting a /56 prefix in 2607::/16 instead of 2605::/16. - Some systems (e.g., Windows 7) don’t support getting DNS via router advertisements. If you want to support them, you need to run a DHCPv6 server and advertise that other stateful configuration is available. - Kea is the successor to the ISC DHCP server. I found it a bit nicer and more flexible to configure. - On Linux, NetworkManager and systemd-networkd handles a lot of this stuff automatically, but your customization options are limited. I couldn’t find a way to do the above without having to do things manually myself. - FreeBSD’s DHCP client in base does not yet support DHCPv6. To get an IP and a prefix, you need to install one from ports. I’m using dhcp6c, following this guide[1] to set it up. - ICMPv6 is integral to IPv6, but if you want to filter it, follow the advice in RFC-4890. Filtering ICMPv6 incorrectly will mess up your network in weird ways (e.g., my MBP could get an IP but wouldn’t get a DNS server until I fixed the problem). - IANA maintains a registry[2] of IPv6 multicast addresses. I found this helpful when writing firewall rules. - When advertising LAN services over DNS, make sure you use the “secure” or “template” IP and not the temporary IP used for IPv6 privacy. Also, you can’t assign domain names to link-local addresses, but you can advertise a DNS server (via RA and DHCPv6) on one. - mDNS is the exception to the above. Avahi and Bonjour advertise link-local address and are able to resolve them properly. [1]: https://vladvasiliu.com/post/20180827-0922-ipv6_prefix_deleg... [2]: https://www.iana.org/assignments/ipv6-multicast-addresses/ip... |
Colin Percival made it a bit easier (IMO)[1] it is meant for AWS EC2 but worked for me with my ISP as well. The guide you submitted probably will work everywhere.
[1] http://www.daemonology.net/blog/2017-01-26-IPv6-on-FreeBSD-E...