Sunday, June 16, 2019

Dual Stack IPv4/IPv6 on Cisco RV042G Dual WAN Router

I have several servers on AWS (Amazon Web Services). I pay a fee each month for an Elastic IPv4 address. I use this address for an OpenVPN server to access my EC2 instances.

I found that AWS provides free public IPv6 addresses for all EC2 instances in a VPC (Virtual Private Cloud) networks.  The key here is that a public IPv6 address is permanently assigned to the EC2 instance, whether it is running or not.  There is no need to pay the fee for an Elastic IP address.

"No distinction between public and private IP addresses. IPv6 addresses are public"

"An IPv6 address persists when you stop and start your instance, and is released when you terminate your instance."

I confirmed all my computers, network equipment, and ISPs would work with IPv6.  After upgrading my router to a Cisco RV042g, I had everything.  However, IPv6 addresses were not working.  I found the time to troubleshoot the problem and found a solution.

I have Spectrum (Time Warner Cable / Road Runner) on WAN1 and AT&T on WAN2.  Both are on a gigabit connection.  AT&T is metered, so I use Spectrum as primary and AT&T as backup.  I also route all voice-over-IP traffic through AT&T.  Both WANs are configured the same in the IPV6 configuration in the Cisco router.

Note: IPv6 will not automatically fail-over.  It looks like IPv6 is not getting rerouted to the backup WAN.  IPv6 seems to have an affinity for the last WAN it was using.  Resetting the network connection on the computer solves the problem, but that is not automatic.  I tried a smaller value for "Router Lifetime" (30 seconds) in the Router Advertisement configuration.  The IPv6 traffic did not get rerouted to the backup WAN. I updated to the latest firmware v4.2.3.09 (Jul 2 2018 14:38:22), but IPv6 would not reroute to the backup WAN.

Enable ICMP (Ping) on Windows 10 Firewall (Inbound and Outbound):

I found this command to open ICMP on my Windows firewall
netsh firewall set icmpsetting type=all mode=enable

Then, I disabled all the rules that allow inbound and outbound ICMPv4.

Cisco RV042g Configuration (non-default settings for IPv6):

Note: Some of these images were captured with the primary WAN (WAN1) disabled.

These are Google's IPv6 DNS Servers:
  • 2001:4860:4860:8844
  • 2001:4860:4860:8888

After configuring IPv6, I was able to contact my Cisco router using this URL:

Spectrum (WAN1) IPv6 Test Results:

I ran these tests with the WAN2 port disabled on the router.

AT&T (WAN2) IPv6 Test Results:

I ran these tests with the WAN1 port disabled on the router.

"ipconfig" Shows my Ethernet Adapter Configuration:

Note:  Unlike IPv4, there are many IPv6 addresses on my network adapter.  Also, there are 2 sets of IPv6 addresses, one for each ISP (Dual WAN).

  • 2605:6000... - Spectrum
  • 2600:1700... - AT&T

No comments:

Post a Comment