Tweaking Guest Network

After upgrade of Turris OS to 3.7 which brings the guest network functionality to Foris I noticed that this guest network is not issuing IPv6 addresses to clients. I achieved this by following these steps.

IPv6 for guests

In order to advertise IPv6 addresses to guest clients I had to add two firewall rules (in /etc/config/firewall):

config rule
        option target 'ACCEPT'
        option family 'ipv6'
        option src 'guest_turris'
        option proto 'icmp'
        option name 'Allow guest ICMP input'

config rule
        option enabled '1'
        option target 'ACCEPT'
        option src 'guest_turris'
        option family 'ipv6'
        option proto 'udp'
        option dest_port '546-547'
        option name 'Allow Guest DHCPv6'

In /etc/config/network file add these two rows in config interface 'guest_turris' section:

        option ip6assign '64'
        option ip6hint 'ffff'

And finally in /etc/config/dhcp in guest pool (section config dhcp 'guest_turris') add these rows

        option ra 'server'
        option ra_management '0'

And after router's reboot guests should be receiving IPv6 addresses too.

Reboot services

BTW instead of full router's reboot, it should be enough to restart:

/etc/init.d/network restart
/etc/init.d/firewall reload
/etc/init.d/odhcpd restart

Sources

turris/guest-network.txt · Poslední úprava: 11.09.2017 23:17 autor: vm

Nástroje pro stránku