Implementation of Nat6

Implementation of Nat6#

The reason for deploying this is that I am modifying the software router at home. I didn't like using dnsmasq with openwrt, so I spent my winter vacation time implementing my own configuration from scratch, choosing the software and tools I like, and making it DIY.

Some people may ask why we need to set up Nat6 when IPv6 can be directly assigned to each device on the public network.

Actually, it's not that I don't want to configure it, it's just that the tools I'm using are a bit difficult to implement (mainly because of my lack of technical expertise).

Most of the tools used to implement the allocation of public IPv6 addresses are dnsmasq and wide-dhcpv6-client. The tools I'm using are isc-dhcp-server and radvd, with DNS resolution provided by AdGuard Home.

Important

This article is based on Debian 11.8, X86_64 architecture. If you are using a different environment, please search for the corresponding instructions.

1. Edit isc-dhcp-server#

Edit isc-dhcp-server

vim /etc/default/isc-dhcp-server

Fill in the INTERFACESv6="" with the name of your internal network card (lan port)

Edit sysctl.conf
```
vim /etc/sysctl.conf
```
It seems that this needs to be modified for broadband from China Telecom

In /etc/sysctl.conf, change this line from 2 to 1
```
net.ipv6.conf.ppp0.accept_ra=1
```
And for broadband from China Unicom, you need to add another line

In the /etc/ppp/peers/dsl-provider file, add
```
+ipv6
```
Otherwise, the WAN port will not be able to obtain an IPv6 public address
- Configure IPv6 static address
```
vim /etc/network/interfaces
```

Add the following content, after the configuration of the lan port, in my case, eno1

iface eno1 inet6 static
				address fc00:a:b:100::1
				netmask 64

You can modify this address according to the v6 specification, it is the internal network address

Configure dhcp6
```
vim /etc/dhcp/dhcpd6.conf
```

Add the above content, starting from the subnet6 part, the fc00🅰️b:100 should be based on the comparison above

Configure ip6tables
```
vim /etc/ufw/before6.rules
```

*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A POSTROUTING -s fc00:a:b:100::/64 -o ppp0 -j MASQUERADE
COMMIT

I am using the ufw firewall, if you want to use other firewalls like iptables or nftables, please search for instructions on how to configure them

Note that ppp0 is the name of your WAN port, please modify it accordingly

2. Install radvd#

apt-get install radvd
vim /etc/radvd.conf

This is mainly used for RA (Router Advertisement), eno1 is the LAN port

CleanShot 2024-02-21 at 15.00.47

interface eno1{

        AdvSendAdvert on;
        prefix fc00:a:b:100::/64{

                AdvOnLink on;
                AdvAutonomous on;
        };

};

Next, we only need to configure the IPv6 DNS. Since I have configured AdGuardHome as the DNS resolver, I just need to specify the v6 address of the lan port in dhcpd6.conf

CleanShot 2024-02-21 at 15.05.37

CleanShot 2024-02-21 at 15.05.08

Either fc00🅰️b💯:1 or fe80::62be:b4ff:fe08 should work

TEST#

You can test whether you have IPv6 on your local network devices

curl 6.ipw.cn

If you have it, congratulations on your success

References#

wide-dhcpv6 https://blog.otakusaikou.com/2020/11/11/x86-soft-router-and-ipv6/
Ubuntu router configuration for IPv4 and IPv6 https://www.youtube.com/watch?v=GnKcM7RZbyc&t=128s
IPv6 port forwarding https://www.emonq.com/ip6tables%E5%AE%9E%E7%8E%B0%E7%AB%AF%E5%8F%A3%E8%BD%AC%E5%8F%91/
radvd https://blog.csdn.net/l0605020112/article/details/18225143
radvd https://www.tomicki.net/ipv6.router.php
Deployment tutorial https://arc.net/l/quote/spnbtpmi

This article is synchronized and updated to xLog by Mix Space
The original link is https://www.ssstttar.com/posts/Z-turn/Nat6