6
Votes

FR: add NPTv6 to ER605 to provide IPv6 fail-over

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
 
6
Votes

FR: add NPTv6 to ER605 to provide IPv6 fail-over

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
FR: add NPTv6 to ER605 to provide IPv6 fail-over
FR: add NPTv6 to ER605 to provide IPv6 fail-over
2023-03-23 02:28:36 - last edited 2023-03-23 02:48:51
Model: ER605 (TL-R605)  
Hardware Version: V2
Firmware Version:

The ER605 can provide nice fail-over for IPv4 via NAT using multi-WAN setup, but for IPv6 it's not working, as only one of the WANs can be set to provide IPv6 connection to the LAN.

 

With the new firmware there is a prefix delegation server now, but it should be able to provide a private address (currently fd00::/8 addresses are not even accepted), and do a prefix translation (NPTv6) to the active WAN.

 

I think this is a typical scenario in SOHO environments, where you have two ISPs providing a main/backup connection, both with dynamic IPv4/IPv6 addresses.

#1
Options
2 Reply
Re:FR: add NPTv6 to ER605 to provide IPv6 fail-over
2023-03-24 06:36:01

Hello @fagzal,

 

Thank you for your valuable feedback.

I've reported to the developer team for evaluation.

Best Regards! >> Omada EAP Firmware Trial Available Here << >> Get the Latest Omada SDN Controller Releases Here << *Try filtering posts on each forum by Label of [Early Access]*
#2
Options
RE:FR: add NPTv6 to ER605 to provide <span class='search-highlight'>IPv6</span> fail-over
2023-04-27 03:42:42
Hello, I would like to request to add support for more IPv6 features for TP-Link ER605 v2. It would be important to be able to control for "IP Group"/"IP Address", "Virtual Servers", "Load Balancing", "Static Route", "Policy Routing" and "Access Control" (Firewall ACLs) as it exists for IPv4 addresses. Currently, my environment is set up with private IPv4 address and uplinks from two ISPs with NAT configured for local network. My ER605 is "Load Balancing + Failover" features enabled, when one of the uplinks is unavailable, the other WAN interface will continue routing traffic to the Internet automatically. I don't have the budget for fancy links with SLA and BGP support. So I think my own RIPE-NCC IPv6 subnet will not work. On the other hand, having two independent links is more than enough. However, when I get an IPv6 prefix (prefixlen 64) from my ISP, I need to have one IP address facing the Internet (so I can forward packets to my ISP) and a second one facing my LAN. In IPv6, both must be routable. What do I do when I only get a single /64 prefix from my two ISPs? After researching I found the possibility to use Unique Local Addresses (ULA) known as the "Private Networks for IPv6". Network Prefix Translation (NPT) - RFC6296 - which might be called "NAT for IPv6". So I need to assign an internal IPv6 ULA to my LAN, and then enable NPt on each WAN interface, providing my internal ULA and each provider's IPv6 prefix to NPt. NPT has worked quite well for me on Linux + IPTABLES SNPT/DNPT environment. My intention was only to provide independence between my internal IPv6 addressing scheme and that of my ISP so that if I switch ISPs only the ISP prefixes need to change, not my entire network configuration.
#3
Options