IPv6Prefix delegation with an AVM!Fritzbox

Example configuration for using IPv6 prefix delegation with a UTM behind a Fritzbox

Last adaptation to the version: 12.7.2

New:

Updated to Redesign of the webinterface

notempty

This article refers to a Beta version

07.2023

Note

This article includes descriptions of third-party software and is based on the status at the time this page was created.
Changes to the user interface on the part of the manufacturer are possible at any time and must be taken into account accordingly in the implementation.
All information without warranty.

Settings in AVM Fritzbox

Login to the configuration interface (in the default settings at https://192.168.178.1)
In the network settings for IPv6, the option Enable DHCPv6 server in FRITZ!Box for home network must be selected
Select suboption Assign DNS server, prefix (IA_PD) and IPv6 address (IA_NA)

Fig.1

Fritzbox (with Internet) connected to LAN1, internal network connected to LAN2

Fig.2

Menu Home network ➊ / Network ➋ / Tab Network settings ➍
at the bottom of the page dropdown menu: More Settings ➍
Section IP addresses / Button IPv6 settings ➎ (not in picture)
or also IPv6 configuration

Fig.3

Section Other IPv6 routers in the home network
Also allow IPv6 prefixes to be advertised by other IPv6 routers on the home network ➏

Section DHCPv6 server in home network
Enable DHCPv6 server in FRITZ!Box for the home network: ➐

Activate Assign DNS server, prefix (IA_PD) and IPv6 address (IA_NA). ➑

Save details with button OK ➒

Fig.4

Required if the UTM and, if necessary, other devices in the local network are to be accessible from outside via IPv6

Menu → Internet →Permit AccessTab Port sharing Button Add device for sharing

Select device from dropdown menu ➓
Select 'Enter IP address manually' if it is not assigned via DHCP

If desired: enable ping for IPv6 ⓫

Enable Open firewall for delegated IPv6 prefixes of this device option ⓬

Click on the New sharing button ⓭
Another dialog opens

Fig.5

Choose option Port sharing

Application Other application

Description Meaningful name

Protocol TCP

Port to device 11115 through Port 11115
Adjust port if necessary under Area Server Settings section

web server

Administration Web Interface Port: a different port has been configured.

In the Enable sharing section, select the
Internet access via IPv6 option

Finish input with OK

In the overview confirm entries with OK (see Fig.4 No.⓮)

Fig.6

Check all entries and confirm with .

Configuration on the UTM:

Edit interfaces

External interface

Typically A0, LAN1 or eth0 - depending on the hardware used

connected to the Internet via NAT router

Menu Network Network Configuration Area Network Interfaces / Edit External Interface / Tab General

DHCP Client IPv4 & IPv6
Router Advertisement: Off
IPv6 Prefix Delegation On

Internal interface

E.g. A1, LAN2 or eth1 - depending on the used hardware

(must be configured for all internal interfaces that are to distribute a public IPv6 address to clients (and thus also receive one themselves).

Menu Network Network Configuration Area Network Interfaces / Edit Internal Interface / Tab General

DHCP Client Off
Router Advertisement: On
IPv6-Adressen vergeben: Ja
IPv6 Prefix Delegation: Off

Add default route

Gateway Type: IPSchnittstelle
Gateway: LAN1
IPv6: On

In order for the IPv6 addresses to be routed, a default route must be added under Network Network Configuration Area Routing button Add Default Route.
Save

Network configuration with IPv6 prefix delegation

The external interface should get an dynamic … /64 IPv6 address after a short moment
If there is a 128 address here, the settings in the Fritzbox must be verified
The internal interface(s) should, after a brief moment, receive a dynamic ... /64 IPv6 address from another network.
In the picture only configured for LAN2