Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
genewitch 5 days ago

starlink doesn't even give you publicly routable ipv6 unless you bypass the starlink router.

My starlink is such that i cannot install/set up things like pfsense/opnsense because the connection drops sometimes, and when either of those installers fail, they fail all the way back to "format the drive y/n?" Also, things like ipcop and monowall et al don't seem to support ipv6.

I looked in to managing ipv6 from a "i am making my own router" and no OS makes this simple. i tried with debian, and could not get it to route any packets. I literally wrote the guide for using a VM for ipcop and one of the "wall" distros; but something about ipv6 just evades me.

deathanatos 5 days ago | parent [-]

> starlink doesn't even give you publicly routable ipv6 unless you bypass the starlink router.

If you've not got an Internet[-routable] address, are you truly connected to the Internet?

> I looked in to managing ipv6 from a "i am making my own router" and no OS makes this simple. i tried with debian, and could not get it to route any packets. I literally wrote the guide for using a VM for ipcop and one of the "wall" distros; but something about ipv6 just evades me.

TBH, I would think that this is just enabling v6 forwarding. That wouldn't do RA or DHCP, I don't think, but I don't think you'd want that, either. (That would be the responsibility of the upstream network.)

Dagger2 2 days ago | parent | next [-]

You would want that. The upstream network can't do it for you, because RAs can't be routed. Same deal for DHCPv6 (although personally I'd say you can probably skip that and just use SLAAC).

genewitch 4 days ago | parent | prev [-]

in order to have public ipv6 on starlink you need to manage the /56 they delegate to you into however many /64s that is (at least 8); i tested it with a store bought router, everything worked if you can do PD with DHCP[v6] or whatever. I returned the router because it was $200 and i will eventually figure it out on a VM.

Dagger2 2 days ago | parent [-]

It's pretty simple with systemd-networkd:

  # On the upstream network.
  [Network]
  DHCP=yes
  [DHCPv6]
  PrefixDelegationHint=::/56

  # On each downstream network.
  [Network]
  IPv6SendRA=yes
  DHCPPrefixDelegation=yes
If you don't want systemd-networkd, look at https://wiki.debian.org/IPv6PrefixDelegation#Using_ifupdown_.... Firewalling is the same as v4, just without the NAT.

One frustrating part is that as far as I can tell nothing supports easy downstream DHCPv6-PD delegation, so machines on the downstream network that want their own prefix won't be able to get one automatically. OpenWRT's network config daemon supports it, but nothing on regular Linux does.

> however many /64s that is (at least 8);

256!