IPv6Prefix delegation with an AVM!Fritzbox

Example configuration for using IPv6 prefix delegation with a UTM behind a Fritzbox

New article: 07.2023

notempty

This article refers to a Resellerpreview

-

Note
This article includes descriptions of third-party software and is based on the status at the time this page was created.
Changes to the user interface on the part of the manufacturer are possible at any time and must be taken into account accordingly in the implementation.
All information without warranty.

Settings in AVM Fritzbox

Login to the configuration interface (in the default settings at https://192.168.178.1)
In the network settings for IPv6, the option Enable DHCPv6 server in FRITZ!Box for home network must be selected
Select suboption Assign DNS server, prefix (IA_PD) and IPv6 address (IA_NA)

Fig.1

Fritzbox (with Internet) connected to LAN1, internal network connected to LAN2

Fig.2

Menu Home network ➊ / Network ➋ / Tab Network settings ➍
at the bottom of the page dropdown menu: More Settings ➍
Section IP addresses / Button IPv6 settings ➎ (not in picture)
or also IPv6 configuration

Fig.3

Section Other IPv6 routers in the home network
Also allow IPv6 prefixes to be advertised by other IPv6 routers on the home network ➏
Section DHCPv6 server in home network
Enable DHCPv6 server in FRITZ!Box for the home network: ➐
- Activate Assign DNS server, prefix (IA_PD) and IPv6 address (IA_NA). ➑
Save details with button OK ➒

Fig.4

Required if the UTM and, if necessary, other devices in the local network are to be accessible from outside via IPv6

Menu → Internet →Permit AccessTab Port sharing Button Add device for sharing

Select device from dropdown menu ➓
Select 'Enter IP address manually' if it is not assigned via DHCP
If desired: enable ping for IPv6 ⓫
Enable Open firewall for delegated IPv6 prefixes of this device option ⓬
Click on the New sharing button ⓭
Another dialog opens

Fig.5

Choose option Port sharing
Application Other application
Description Meaningful name
Protocol TCP
Port to device 11115 through Port 11115
Adjust port if necessary under → Network →Server SettingsTab Server Settings section
web server
Administration Web Interface Port: a different port has been configured.
In the Enable sharing section, select the
Internet access via IPv6 option
Finish input with OK
In the overview confirm entries with OK (see Fig.4 No.⓮)

Fig.6

Check all entries and confirm with .

Configuration on the UTM:

Edit interfaces

UTM v12.4 externe Schnittstelle IPv6.png

External interface

Typically A0, LAN1 or eth0 - depending on the hardware used

connected to the Internet via NAT router

Menu → Network →Network ConfigurationTab Network Interfaces / Edit External Interface / Tab General

DHCP Client IPv4 & IPv6
Router Advertisement: Off
IPv6 Prefix Delegation On

UTM v12.4 interne Schnittstelle IPv6.png

Internal interface

E.g. A1, LAN2 or eth1 - depending on the used hardware

(must be configured for all internal interfaces that are to distribute a public IPv6 address to clients (and thus also receive one themselves).

Menu → Network →Network ConfigurationTab Network Interfaces / Edit Internal Interface / Tab General

DHCP Client Off
Router Advertisement: On
IPv6 Prefix Delegation Off

Add default route

Gateway interface: LAN1
IPv6: On

In order for the IPv6 addresses to be routed, a default route must be added under → Network →Network ConfigurationTab Routing with Button Add Default Route.
Save

UTM v12.4 Netzwerkkonfiguration mit IPv6 Prefix-Delegation.png

Network configuration with IPv6 prefix delegation

The external interface should get an dynamic … /64 IPv6 address after a short moment
If there is a 128 address here, the settings in the Fritzbox must be verified
The internal interface(s) should, after a brief moment, receive a dynamic ... /64 IPv6 address from another network.
In the picture only configured for LAN2