IPv6 on Internode using Monowall

As a previously happy SixXS (https://www.sixxs.net) user with a Monowall firewall (http://m0n0.ch/wall/) I thought that I would move one of my IPv6 services to something a little more local than England. Internode (http://www.internode.on.net) have an IPv6 over PPPOA / PPPOE ADSL2+ service so after much trying I persuaded Monowall to provide access to Internode’s IPv6 service.
The steps to getting the service to work are as follows:

  1. Turn on your IPv6 dual stack configuration from the Internode service page
  2. Request a static IPv6 allocation from Internode - there really is no point without having a set of address ranges to route to that doesn’t change - Typically this will be a /56
  3. Make sure you are using at least version 1.34 of Monowall. Earlier versions don’t have the options you need.
  4. Under the WAN tab:

    • Select PPP
    • Ensure that IPv6 RA > Send IPv6 router advertisements is on (this seems to be needed to make the PPP interface listen to Route Announcements

  5. Also under the WAN tab configure your PPP session:

    • Username and Password are required

  6. Under the LAN tab:

    • Select IPv6 Mode: DHCP-PD (this is the secret sauce for making the process work this allows Monowall to get the static range from Internode and configure your local LAN)
    • IPv6 Prefix Delegation should be set to the size of the static allocation. The ID (the box next to the left of the slash is combined with the delegated range sent to allow multiple LANS to be configured should you have multiple interface cards) by using 0 this keeps the initial configuration simple as the /64 address is identical to the /56 address
    • IPv6 RA > Send IPv6 router advertisements ensures that the local LAN can configure itself.

Note: the IP Addresses and Authentication details have been redacted