7
Votes

To add ipv6 ULA support to Omada Controller

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
 
7
Votes

To add ipv6 ULA support to Omada Controller

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
To add ipv6 ULA support to Omada Controller
To add ipv6 ULA support to Omada Controller
2023-02-04 02:32:06 - last edited 2023-02-04 02:47:48
Hardware Version:
Firmware Version: 5.8.4

Omada Software controller does not allow to use ULA (aka IPv6 non-routable subnets) as defined in RFC4193.

However, TP-Ling Smart  L2+ switches and Routes allow to create such subnets in standalone mode.

 

 

Below is screenshot with failed ULA prefix validation.

 

 

 

However, this validation executed only on client side (in the browser). Omada controller accepts ULA prefixes if they posted directly via HTTP Post with proper payload.

#1
Options
1 Reply
RE:To add <span class='search-highlight'>ipv6</span> ULA support to Omada Controller
2023-04-27 03:42:46
Hello, I would like to request to add support for more IPv6 features for TP-Link ER605 v2. It would be important to be able to control for "IP Group"/"IP Address", "Virtual Servers", "Load Balancing", "Static Route", "Policy Routing" and "Access Control" (Firewall ACLs) as it exists for IPv4 addresses. Currently, my environment is set up with private IPv4 address and uplinks from two ISPs with NAT configured for local network. My ER605 is "Load Balancing + Failover" features enabled, when one of the uplinks is unavailable, the other WAN interface will continue routing traffic to the Internet automatically. I don't have the budget for fancy links with SLA and BGP support. So I think my own RIPE-NCC IPv6 subnet will not work. On the other hand, having two independent links is more than enough. However, when I get an IPv6 prefix (prefixlen 64) from my ISP, I need to have one IP address facing the Internet (so I can forward packets to my ISP) and a second one facing my LAN. In IPv6, both must be routable. What do I do when I only get a single /64 prefix from my two ISPs? After researching I found the possibility to use Unique Local Addresses (ULA) known as the "Private Networks for IPv6". Network Prefix Translation (NPT) - RFC6296 - which might be called "NAT for IPv6". So I need to assign an internal IPv6 ULA to my LAN, and then enable NPt on each WAN interface, providing my internal ULA and each provider's IPv6 prefix to NPt. NPT has worked quite well for me on Linux + IPTABLES SNPT/DNPT environment. My intention was only to provide independence between my internal IPv6 addressing scheme and that of my ISP so that if I switch ISPs only the ISP prefixes need to change, not my entire network configuration.
#2
Options