Menu
Reply
tehwolf
  • 1.56K
  • 253
  • 379
Superfast
329 Views
Message 1 of 3
Flag for a moderator

IPv6 over L2TP

I, like many VM users, am interested to know when VM are planning to move to IPv6.. not because it will particulalry improve my experience or because of any specific services that i am unable to access over an ipv4 connection, but because i’m a network geek and i like to play with stuff.. and ipv6 is something that i’ve not had the opportunity to mess about with much yet.

Given that there are no public plans for v6 from VM and there’s also no indication from them about when they might communicate any plan, i decided to take things into my own hands and see if i could get something close to native v6 working on my home network using my VM v4 connection as a transport layer.

I read about the HE service, and whilst initially interested, read some horror stories about VM throttling 6in4 encapsulated (protocol41 packets) traffic.. seems that it might be fixed with the Hub4, but since i’m still running a 2ac, i wanted to find a different option.. That led me to find another service that operates over L2TP - a tunneling mechanism that encapsulates layer2 frames between two endpoints and runs over UDP.  This is about as close to “native” as you’re gonna get and effectively works the same way as DSL connection (with PPP or PPPoE sessions). Infact, the configuration i ended up with mirrors what i would have to configure if i had an openreach connection with the only difference being that my connection to the LNS is done over another ISPs (VM’s) IPv4 network.

So i now have 18 million trillion public ipv6 addresses (should just about be enough :p) routed towards my home connection and, as far as the devices connected to my v6 LAN are concerned, they are 100% native v6 end points..  The devices can fallback to v4 if a given service they are trying to access isn’t enabled for v6 and it’s all working flawlessly.  There is no discernable slowdown in speeds when using v6 vs v4.  The L2TP service i signed up to is capped at 100mbit and i was seeing downloads of 95mbit over both v4 and v6 speeds tests to the same endpoint.. 

now that basic connectivity is in place, next steps are to tie down the firewalling a little (since there’s no NAT in v6, a proper ruleset becomes more important) and to carve the network up a little more to make it a bit more LAN sized (some people might think that 18 million trillion addresses is a little excessive for the ~70 or so devices that regularly connect to my LAN).

pretty happy with how it’s all turned out though - a purely technical learning exercise, just for the sake of doing it, not because i had a particular need for it.. 

this is all configured on a pfSense device that i use as my router - happy to share some screenshots of the configuration if anyone is interested.

Dagger2
  • 136
  • 3
  • 57
Superfast
278 Views
Message 2 of 3
Flag for a moderator

Re: IPv6 over L2TP

That sounds an awful lot like A&A's L2TP service. The speed limit is unfortunate but there's good chances it'll be bumped some time this year or next as they upgrade their LNSs to new hardware.

and to carve the network up a little more to make it a bit more LAN sized (some people might think that 18 million trillion addresses is a little excessive for the ~70 or so devices that regularly connect to my LAN).

"18 million trillion addresses" sounds like one /64, which is exactly how big each of your VLANs should be. If you have multiple VLANs then use one /64 for each of them (this is why you get a /48).

There are over 300 million /64s available for each person on the planet, so using one per network isn't a large amount of space.

0 Kudos
Reply
tehwolf
  • 1.56K
  • 253
  • 379
Superfast
265 Views
Message 3 of 3
Flag for a moderator

Re: IPv6 over L2TP


@Dagger2 wrote:

That sounds an awful lot like A&A's L2TP service. The speed limit is unfortunate but there's good chances it'll be bumped some time this year or next as they upgrade their LNSs to new hardware.

"18 million trillion addresses" sounds like one /64, which is exactly how big each of your VLANs should be. If you have multiple VLANs then use one /64 for each of them (this is why you get a /48).

There are over 300 million /64s available for each person on the planet, so using one per network isn't a large amount of space.


It is indeed AA's L2TP service.. The speed limit is a minor annoyance - I have a 200mb connection from VM and i'd be happy to tunnel all of my traffic over AAs network, but honestly at this stage it's just a "for fun" activity (plus, my wife hates it when i "mess around with the network" so keeping it away from the general use LAN at the moment is probably wise whilst I'm tinkering :p)

yup, one /64 - there's another ~65000 of 'em available in the allocated /48, and whilst ipv6 kinda makes subnetting somewhat irrelevant, it's mostly for the sake of playing with it than anything else..    

0 Kudos
Reply