IPV6: Ubiquiti Router, Ubuntu Client

Question

I have a Ubiquiti router on which ipv6 appears to be working fine. The output of radvdump, along with various other relevant data, is below. My trouble is with ipv6 on an ubuntu 16.04 machine behind the router.

Setting the router as DHCP client on the WAN side and Prefix Delegation/{stateless,stateful} DHCP Server on the LAN side leaves me with only link-local addresses on the client. Setting the router as {DHCP client,SLAAC} on the WAN side, a static address on the LAN side, and the {stateless,stateful} DHCP Server for the client, provides me with ipv6 adresses on the client, but no connectivity.

I am understanding that I may need to edit the Network Manager config, /etc/dhclient.conf, and that while the keys in sysctl are also relevant, they may not play well with Network Manager. I'd appreciate any input on how to start.

Also, I am hesitating to install radvd on the Ubuntu client. I am concerned it may conflict with DHCP or SLAAC functionality on the client. Is that an issue?

--------------------------------------------------------------------

# radvdump [run on the router]

interface ath0
{
    AdvSendAdvert on;
    # Note: {Min,Max}RtrAdvInterval cannot be obtained with radvdump
    AdvManagedFlag off;
    AdvOtherConfigFlag on;
    AdvReachableTime 0;
    AdvRetransTimer 0;
    AdvCurHopLimit 64;
    AdvDefaultLifetime 1800;
    AdvHomeAgentFlag off;
    AdvDefaultPreference medium;
    AdvSourceLLAddress on;

    RDNSS 2607:X:X:X::53
    {
        AdvRDNSSPreference 0;
        AdvRDNSSOpen off;
        AdvRDNSSLifetime 1800;
    }; # End of RDNSS definition


    prefix 2607:X:Y:Y::/64
    {
        AdvValidLifetime 2592000;
        AdvPreferredLifetime 604800;
        AdvOnLink on;
        AdvAutonomous on;
        AdvRouterAddr off;
    }; # End of prefix definition

}; # End of interface definition
#
# radvd configuration generated by radvdump 1.2
# based on Router Advertisement from fe80::Z:Z:Z:Z
# received by interface ath0

ip -6 addr [on the router]

inet6 2607:X:X:X:Y:yff:fey:Y/64 scope global dynamic
plus a link-local address

$ ip -6 addr [on the client. first address only present when using the stateful server]

inet6 2607:X:X:X::x/128         scope global dynamic
inet6 2607:X:X:X:Y':Y':Y':Y'/64 scope global temporary dynamic 
inet6 2607:X:X:X:Z:Z:Z:Z/64     scope global mngtmpaddr noprefixroute dynamic

$ ip -6 route [on the client. first route only present when using the stateful server and fe80::Y:yff:fey:Y is the link-local ip of the router's LAN interface]

2607:X:X:X::x dev enp0s25 proto kernel metric 256 expires 86292sec pref medium 
2607:X:X:X::/64 via fe80::Y:yff:fey:Y dev enp0s25 proto ra metric 100 pref medium
2607:X:X:X::/64 dev enp0s25 proto kernel metric 256 expires 7090sec pref medium
fe80::/64 dev enp0s25 proto kernel metric 256 pref medium
default via fe80::Y:yff:fey:Y dev enp0s25 proto static metric 100 pref medium
plus a link-local address

$ cat /etc/network/interfaces [unchanged from the ubuntu install]

auto lo
iface lo inet loopback

$ sudo sysctl -a | grep accept_ra

net.ipv6.conf.all.accept_ra = 1
net.ipv6.conf.all.accept_ra_defrtr = 1
net.ipv6.conf.all.accept_ra_from_local = 0
net.ipv6.conf.all.accept_ra_min_hop_limit = 1
net.ipv6.conf.all.accept_ra_mtu = 1
net.ipv6.conf.all.accept_ra_pinfo = 1
net.ipv6.conf.all.accept_ra_rt_info_max_plen = 0
net.ipv6.conf.all.accept_ra_rtr_pref = 1
net.ipv6.conf.default.accept_ra = 1
net.ipv6.conf.default.accept_ra_defrtr = 1
net.ipv6.conf.default.accept_ra_from_local = 0
net.ipv6.conf.default.accept_ra_min_hop_limit = 1
net.ipv6.conf.default.accept_ra_mtu = 1
net.ipv6.conf.default.accept_ra_pinfo = 1
net.ipv6.conf.default.accept_ra_rt_info_max_plen = 0
net.ipv6.conf.default.accept_ra_rtr_pref = 1
net.ipv6.conf.enp0s25.accept_ra = 1
net.ipv6.conf.enp0s25.accept_ra_defrtr = 0
net.ipv6.conf.enp0s25.accept_ra_from_local = 0
net.ipv6.conf.enp0s25.accept_ra_min_hop_limit = 1
net.ipv6.conf.enp0s25.accept_ra_mtu = 1
net.ipv6.conf.enp0s25.accept_ra_pinfo = 0
net.ipv6.conf.enp0s25.accept_ra_rt_info_max_plen = 0
net.ipv6.conf.enp0s25.accept_ra_rtr_pref = 0
net.ipv6.conf.lo.accept_ra = 1
net.ipv6.conf.lo.accept_ra_defrtr = 1
net.ipv6.conf.lo.accept_ra_from_local = 0
net.ipv6.conf.lo.accept_ra_min_hop_limit = 1
net.ipv6.conf.lo.accept_ra_mtu = 1
net.ipv6.conf.lo.accept_ra_pinfo = 1
net.ipv6.conf.lo.accept_ra_rt_info_max_plen = 0
net.ipv6.conf.lo.accept_ra_rtr_pref = 1
net.ipv6.conf.virbr0.accept_ra = 0
net.ipv6.conf.virbr0.accept_ra_defrtr = 1
net.ipv6.conf.virbr0.accept_ra_from_local = 0
net.ipv6.conf.virbr0.accept_ra_min_hop_limit = 1
net.ipv6.conf.virbr0.accept_ra_mtu = 1
net.ipv6.conf.virbr0.accept_ra_pinfo = 1
net.ipv6.conf.virbr0.accept_ra_rt_info_max_plen = 0
net.ipv6.conf.virbr0.accept_ra_rtr_pref = 1
net.ipv6.conf.virbr0-nic.accept_ra = 1
net.ipv6.conf.virbr0-nic.accept_ra_defrtr = 1
net.ipv6.conf.virbr0-nic.accept_ra_from_local = 0
net.ipv6.conf.virbr0-nic.accept_ra_min_hop_limit = 1
net.ipv6.conf.virbr0-nic.accept_ra_mtu = 1
net.ipv6.conf.virbr0-nic.accept_ra_pinfo = 1
net.ipv6.conf.virbr0-nic.accept_ra_rt_info_max_plen = 0
net.ipv6.conf.virbr0-nic.accept_ra_rtr_pref = 1
net.ipv6.conf.wlp3s0.accept_ra = 0
net.ipv6.conf.wlp3s0.accept_ra_defrtr = 0
net.ipv6.conf.wlp3s0.accept_ra_from_local = 0
net.ipv6.conf.wlp3s0.accept_ra_min_hop_limit = 1
net.ipv6.conf.wlp3s0.accept_ra_mtu = 1
net.ipv6.conf.wlp3s0.accept_ra_pinfo = 0
net.ipv6.conf.wlp3s0.accept_ra_rt_info_max_plen = 0
net.ipv6.conf.wlp3s0.accept_ra_rtr_pref = 0

Answer 1

Setting the router as DHCP client on the WAN side and Prefix Delegation/{stateless,stateful} DHCP Server on the LAN side leaves me with only link-local addresses on the client. Setting the router as {DHCP client,SLAAC} on the WAN side, a static address on the LAN side, and the {stateless,stateful} DHCP Server for the client, provides me with ipv6 adresses on the client, but no connectivity.

Based on this, and on your comments, it seems that you are copying the SLAAC-advertised WAN prefix directly onto your LAN interface's configuration. That is not going to work (for the same reason that it wouldn't with WAN DHCP on IPv4).

In IPv6 SLAAC, just like in IPv4 DHCP, the advertised prefix simply indicates what subnet the WAN interface is in, and the router picks its own WAN address from that subnet. However, that has nothing to do with the LAN side – your router is a router, not a bridge, therefore the LAN is its own network and needs its own prefix.

To obtain a prefix for the LAN interfaces, your router must usually send a prefix delegation request by using DHCPv6-PD on the WAN side. (Usually there is some integration that automatically starts advertising the delegated prefix to the LAN.)

• https://help.ubnt.com/hc/en-us/articles/115005868927-UniFi-USG-Addressing-How-to-Implement-IPv6-with-DHCPv6-and-Prefix-Delegation

How large a prefix you can request depends on the ISP (some provide up to a /60, others up to a /56, etc.) – but the individual LAN interfaces must still use /64s.

(That said, not all ISPs do DHCPv6-PD; sometimes you have to request an IPv6 prefix yourself and configure that manually. There is also the option of continuing the IPv4 practice of using a private address range for the LAN, and 1:many NAT (masquerading) done on the router. Though I wouldn't recommend 1:many NAT except as the last resort; it is already bad enough on IPv4.)

Also, I am hesitating to install radvd on the Ubuntu client.

No, it is absolutely not needed. That's like trying to install a DHCP server on a client.