Your browser isn't supported
It looks like you're using an old web browser. To get the most out of the site and to ensure guides display correctly, we suggest upgrading your browser now. Download the latest:

Welcome to the MSE Forums

We're home to a fantastic community of MoneySavers but anyone can post. Please exercise caution & report spam, illegal, offensive or libellous posts/messages: click "report" or email forumteam@. Skimlinks & other affiliated links are turned on

Search
  • FIRST POST
    • esuhl
    • By esuhl 16th Jan 20, 9:32 AM
    • 9,113Posts
    • 7,156Thanks
    esuhl
    VLANs and subnets...?
    • #1
    • 16th Jan 20, 9:32 AM
    VLANs and subnets...? 16th Jan 20 at 9:32 AM
    I want to use my ISP's router ONLY for internet access, and connect it to my DrayTek router. But I'm a bit confused as to how I'd set that up...

    Should I connect the ISP router to the WAN port on the Draytek, or to one of its LAN ports?

    Presumably, I'd want the two routers on separate subnets:
    192.168.1.x - ISP router only
    192.168.2.x - LAN devices

    Would it make sense to put the ISP router in the DMZ?

    Is it best to let the ISP server provide DHCPv6?

    Can anyone explain the general principles I need to know to figure this out?
Page 3
    • esuhl
    • By esuhl 21st Jan 20, 11:18 PM
    • 9,113 Posts
    • 7,156 Thanks
    esuhl
    I'm stumped. IPv6 just doesn't want to work with my DrayTek! Gah! Anyway, this post is just a quick log of what I've tried today...

    I'm going to connect just the Sky router (to ADSL and my PC), so IPv6 is working, and note the router and ipconfig settings and test results. Then I'll connect just the DrayTek and compare the differences:
    -------------------------------------------------------

    ADSL >> Sky Router >> LAN PC

    Sky router information:

    Code:
    MODEM:-
        IPv6 Loopback Address     2a02:aaaa:bbbb:cccc::1/128
       
      BROADBAND PORT:-
        MAC Address               ww:ww:ww:ww:ww:ww
        Gateway IPv6 Address      fe80::1234:5678:90ab:cdef
        IPv6 Domain Name Server   -
        IPv6 Global Address       2a02:aaaa:bbbb:cccc::1/64
        IPv6 Link Local Address   fe80::wwww:wwff:feww:wwww
        IPv6 Delegated Prefix     2a02:aaaa:bbbb:cccc::/56
      
      LAN PORT:-
        MAC Address               xx:xx:xx:xx:xx:xx
        IPv6 ULA                  fd13:dddd:eeee:ffff:xxxx:xxff:fexx:xxxx/64
        IPv6 Global Address       2a02:aaaa:bbbb:cccc::1
        IPv6 Link Local Address   fe80::xxxx:xxff:fexx:xxxx
      
      LAN TCP/IPv6 SETUP:-
        Enable IPv6 on LAN side                   YES
        Enable ULA Router Prefix Advertisements   YES
        Prefix randomly generated**               YES
        Enable IPv6 DHCP Server                   YES
        Enable MLD Querier                        YES
    * - I've changed the IP/MAC addresses, but have done so consistently. I've replaced MAC addresses (and the MAC part of EUI-64 addresses) with a sequence of:
    w = Sky broadband port
    x = Sky LAN port
    y = PC's MAC

    ** - This option generates prefix (fd13:dddd:eeee:ffff), or can be manually specified.

    ipconfig information:
    Code:
    Windows IP Configuration  
         Host Name . . . . . . . . . . . . : mypc
         Primary Dns Suffix  . . . . . . . :
         Node Type . . . . . . . . . . . . : Mixed
         IP Routing Enabled. . . . . . . . : No
         WINS Proxy Enabled. . . . . . . . : No
         DNS Suffix Search List. . . . . . : Home
      
      Ethernet adapter Local Area Connection:
      
         Connection-specific DNS Suffix  . : Home
         Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
         Physical Address. . . . . . . . . : YY-YY-YY-YY-YY-YY (PC’s MAC)
         DHCP Enabled. . . . . . . . . . . : Yes
         Autoconfiguration Enabled . . . . : Yes
         IPv6 Address. . . . . . . . . . . : 2a02:aaaa:bbbb:cccc:1111:2222:3333:4444(Preferred)
         IPv6 Address. . . . . . . . . . . : fd13:dddd:eeee:ffff:1111:2222:3333:4444(Preferred)
         Temporary IPv6 Address. . . . . . : 2a02:aaaa:bbbb:cccc:5555:6666:7777:8888(Preferred)
         Temporary IPv6 Address. . . . . . : fd13:dddd:eeee:ffff:5555:6666:7777:8888(Preferred)
         Link-local IPv6 Address . . . . . : fe80::1111:2222:3333:4444%11(Preferred)
         IPv4 Address. . . . . . . . . . . : 192.168.1.10(Preferred)
         Subnet Mask . . . . . . . . . . . : 255.255.255.0
         Lease Obtained. . . . . . . . . . : 21 January 2020 10:38:48
         Lease Expires . . . . . . . . . . : 22 January 2020 10:38:48
         Default Gateway . . . . . . . . . : fe80::xxxx:xxff:fexx:xxxx%11 (Sky’s LAN port)
                                             192.168.1.1
         DHCP Server . . . . . . . . . . . : 192.168.1.1
         DHCPv6 IAID . . . . . . . . . . . : 234567890
         DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-55-66-77-88-YY-YY-YY-YY-YY-YY (PC’s MAC)
      
         DNS Servers . . . . . . . . . . . : fd13:dddd:eeee:ffff:xxxx:xxff:fexx:xxxx (Sky’s LAN port)
                                             192.168.1.1
         NetBIOS over Tcpip. . . . . . . . : Enabled
      
      Tunnel adapter isatap.Home:
      
         Media State . . . . . . . . . . . : Media disconnected
         Connection-specific DNS Suffix  . : Home
         Description . . . . . . . . . . . : Microsoft ISATAP Adapter
         Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
         DHCP Enabled. . . . . . . . . . . : No
         Autoconfiguration Enabled . . . . : Yes
    Test results:
    Code:
    ipv6-test.com             17/20
    test-ipv6.com (HTTP)      9/10
    test-ipv6.com (HTTPS)     9/10
    Android game              OK
    Android test app          OK
    ping -6 ipv6.google.com   OK
    -------------------------------------------------------

    ADSL >> DrayTek Router >> LAN PC

    In the DrayTek router's settings, I set:

    WAN >> Internet Access >> IPv6:
    --- Connection Type = PPP

    Running ipconfig /all shows that the DNS Suffix "Home" doesn't appear anywhere (unlike with the Sky router), nor do DHCPv6 IAID or DUID; nor any unique local addresses (fd13:...). These are my test results:

    Code:
    ipv6-test.com             3/20
    test-ipv6.com (HTTP)      9/10
    test-ipv6.com (HTTPS)     0/10
    Android game              OK
    Android test app          FAIL
    ping -6 ipv6.google.com   FAIL (Could not find host)
    So this must be the DrayTek setting page where the problem lies:
    LAN >> General Setup >> IPv6

    The DHCP and DNS settings were empty. And the "Current IPv6 Address Table" was missing the unique local address range (fd13:...).

    So, I set the following options. (All the IP characters are literal, except x which is the LAN MAC in EUI-64 format.)

    Code:
    LAN >> General Setup >> IPv6
        RADVD Configuration:          Enable
        DHCPv6 Server Configuration:  Enable Server
         - Start IPv6 Address    FD13:1:1::
         - End IPv6 Address      FD13:1:1:0:FFFF:FFFF:FFFF:FFFF
         - Primary DNS Server    FD13:1:1:0:xxxx:xxFF:EE:xx:xxxx
         - Secondary DNS Server  (blank)
        Static IPv6 Address configuration
         - [Add] "FD13:1:1:0:xxxx:xxFF:EE:xx:xxxx/64"
    The output from ipconfig /all now looks comparable to Sky router, except for the missing DNS suffix ("Home"). The test results have improved, but they don't match those from the Sky router:

    Code:
    ipv6-test.com             17/20
    test-ipv6.com (HTTP)      9/10
    test-ipv6.com (HTTPS)     0/10
    Android game              FAIL
    Android test app          OK
    ping -6 ipv6.google.com   OK
    The report from test-ipv6 HTTPS says:
    - No IPv6 address detected
    - Our tests show that you will have a broken or misconfigured IPv6 setup, and this will cause problems as web sites enable IPv6.
    - We are sometimes unable to detect Teredo and 6to4 when using HTTPS.
    So... perhaps I need to choose an IPv6 connection type other than "PPP" in the DrayTek settings...?

    I'll have a look tomorrow...
    Last edited by esuhl; 21-01-2020 at 11:37 PM.
    • that
    • By that 22nd Jan 20, 4:24 PM
    • 1,510 Posts
    • 839 Thanks
    that
    esuhl, you no not have to reply, but Draytek are one of the very few companies that still update firmware even if the equipment s end of life was years ago
    • esuhl
    • By esuhl 23rd Jan 20, 4:05 PM
    • 9,113 Posts
    • 7,156 Thanks
    esuhl
    esuhl, you no not have to reply, but Draytek are one of the very few companies that still update firmware even if the equipment s end of life was years ago
    Originally posted by that
    Thanks -- I checked, but I'm running the latest firmware.

    Ok, I couldn't resist and played a bit with my personal Draytek, I got this after a few changes in the WAN settings page. So yes, it can be done with the Draytek, I think it's just a matter of finding the right settings that work with your non-standard setup.
    Originally posted by arciere
    Can I ask how you set that up? How was your DrayTek connected to the Internet? What WAN settings did you have to change?

    The IPv6 address in the test was my computer's address, not my router's. This shows you that, without doing much, you are effectively directly exposed to the Internet.
    Originally posted by arciere
    Did you have to change your LAN settings to get a global IPv6 address on your computer?
    • arciere
    • By arciere 23rd Jan 20, 4:36 PM
    • 989 Posts
    • 600 Thanks
    arciere
    Can I ask how you set that up? How was your DrayTek connected to the Internet? What WAN settings did you have to change?
    Did you have to change your LAN settings to get a global IPv6 address on your computer?
    Originally posted by esuhl
    I am with BT Infinity, so probably settings are a bit different. Anyway, all I had to do was:

    WAN-->Internet Access-->WAN1 (the telephone cable goes here)-->IPv6-->Connection type: PPP (always on). Note that under the PPPoE tab in the same section you need to have the PPP details set up (username/password/VPI-VCI for ADSL connections, etc).

    LAN-->General Setup-->LAN1 IPv6-->Enable IPv6; WAN primary interface WAN1; ULA configuration off; Current IPv6 table I have two addresses, Global and Link
    In the same page, I have two DNS servers that are probably auto-generated, Management is set to SLAAC and at the bottom I have the DHCPv6 Server enabled with only Auto IPv6 Range ticked.
    • esuhl
    • By esuhl 23rd Jan 20, 6:10 PM
    • 9,113 Posts
    • 7,156 Thanks
    esuhl
    I am with BT Infinity, so probably settings are a bit different. Anyway, all I had to do was:

    WAN-->Internet Access-->WAN1 (the telephone cable goes here)-->IPv6-->Connection type: PPP (always on). Note that under the PPPoE tab in the same section you need to have the PPP details set up (username/password/VPI-VCI for ADSL connections, etc).
    Originally posted by arciere
    Thanks. That was exactly was I was doing. The PPP connection was working perfectly for IPv4.

    I've just (a few minutes ago) switched to VDSL (which the DrayTek doesn't support). So I can only connect to the Internet with the Sky router, via the DrayTek's WAN2 port now.

    LAN-->General Setup-->LAN1 IPv6-->Enable IPv6; WAN primary interface WAN1; ULA configuration off; Current IPv6 table I have two addresses, Global and Link
    In the same page, I have two DNS servers that are probably auto-generated, Management is set to SLAAC and at the bottom I have the DHCPv6 Server enabled with only Auto IPv6 Range ticked.
    Originally posted by arciere
    Hmm... I saw this guide on the DrayTek forum explaining how to set up a PPP IPv6 connection (just as you are describing):

    https://www.draytek.co.uk/support/guides/kb-ipv6-ppp

    But my router doesn't have the same LAN configuration options on that page. :-/

    https://www.dropbox.com/s/hmnbubk5l9t01k0/DrayTek%20LAN%20settings.PNG?dl=0
    Last edited by esuhl; 23-01-2020 at 6:28 PM.
    • arciere
    • By arciere 23rd Jan 20, 9:28 PM
    • 989 Posts
    • 600 Thanks
    arciere
    If you are using WAN2 you can't use PPP because the line goes to the Sky router, not to the Draytek.

    In that case, try to use DHCPv6 client and on the Sky router make sure that IPv6 is enabled, that NAT is disabled or that the Draytek is in the DMZ.

    You might also want to enable the "Brigde with LAN1" option on the WAN2 interface, that should allow your clients to capture the IPv6 addresses.
    • esuhl
    • By esuhl 24th Jan 20, 7:15 PM
    • 9,113 Posts
    • 7,156 Thanks
    esuhl
    If you are using WAN2 you can't use PPP because the line goes to the Sky router, not to the Draytek.
    Originally posted by arciere
    That's right -- I was temporarily using the DrayTek's WAN1 port to connect directly to ADSL, and setting the WAN1 IPv6 type to PPP.

    I enabled the LAN DHCPv6 server, with a unique local fd.../64 range. This initially seemed to work. The WAN IPv6 addresses in the DrayTek's "online status" page went green. (It seems the global address is acquired only when a unique local address is assigned.) But test results were mixed:

    Code:
    ipv6-test.com             17/20
    test-ipv6.com (HTTP)      9/10
    test-ipv6.com (HTTPS)     0/10
    Android game              FAIL
    Android test app          OK
    ping -6 ipv6.google.com   OK
    I also looked at the other connection methods. The only ones which don't involve tunnelling are Static IPv6 and DHCPv6 Client.

    In that case, try to use DHCPv6 client and on the Sky router make sure that IPv6 is enabled, that NAT is disabled or that the Draytek is in the DMZ.
    Originally posted by arciere
    Thanks; I tried that -- both with just the DrayTek connected directly via WAN1 and via WAN2 and the Sky box. The options allow me to specify an IAID and choose between "prefix delegation" or "non-temporary address".

    Regardless of which option I chose, and whether I use the same IAID that I saw on my PC via ipconfig when connected to just the Sky router, or use the DrayTek default, the WAN IPv6s in the DrayTek's status page remain red, and IPv6 didn't work at all.

    I managed to make the WAN IPv6 addresses turn green on the status page, by choosing the Static IPv6 connection type, and entering an IP made up of the network prefix issued by Sky, followed by the EUI-64 of the WAN interface, with a /64 range. But the IPv6 tests still failed.

    You might also want to enable the "Brigde with LAN1" option on the WAN2 interface, that should allow your clients to capture the IPv6 addresses.
    Originally posted by arciere
    I can't see an option like that anywhere. :-/

    If I go into LAN >> Static Route >> IPv6 tab, I can specify:
    Destination IP / CIDR prefix length
    Gateway IPv6 address
    Network interface (LAN, WAN1, WAN2 or WAN3)

    Is setting a static route the same as bridging?
    Last edited by esuhl; 24-01-2020 at 7:21 PM.
    • arciere
    • By arciere 25th Jan 20, 11:32 PM
    • 989 Posts
    • 600 Thanks
    arciere
    I managed to make the WAN IPv6 addresses turn green on the status page, by choosing the Static IPv6 connection type, and entering an IP made up of the network prefix issued by Sky, followed by the EUI-64 of the WAN interface, with a /64 range. But the IPv6 tests still failed.
    Originally posted by esuhl
    Try to use a /128 mask for the WAN interface. My connection uses PPP and gets the IPv6 address automatically, with a /128 subnet mask.

    I can't see an option like that anywhere. :-/
    Originally posted by esuhl
    I should have a 2830 somewhere, I'll see if I can resurrect it, I suspect the options in the settings page are different than what I see on the 2860.

    Is setting a static route the same as bridging?
    Originally posted by esuhl
    No, that basically tells the router "if you need to reach IP xyz or IP range xyz-xyz1, send the request through WAN-X
Welcome to our new Forum!

Our aim is to save you money quickly and easily. We hope you like it!

Forum Team Contact us

Live Stats

139Posts Today

1,994Users online

Martin's Twitter