The time has come to implement IPV6 for our company. The scenario is as follows: we have a provider, an UTM 7.2 security gateway and 5 webservers
Our UTM router has 213.207.30.33/28 at eth0 from the provider, and 10.20.0.1/24 at the LAN side. Webservers have 10.20.0.50 to 54 with 10.20.0.1 as their gateway.
Our provider came op with a /64 ipv6 block, let say: 2001:4018:1399:107::/64 with 2001:4018:1399:107::1 as default GW
Problem: How to get the IPV6 addresses correctly on the Webservers?
I came up with the solution:
give eth0(Wan) 2001:4018:1399:107::2/126 and set gw to 2001:4018:1399:107::1
give eth1(lan) 2001:4018:1399:107::5/64
while setting Prefix advertisement on eth1(lan)
Unfortunately this doesn't work out:
the UTM can successfully ping6 addresses in pubic space, and
the webservers got their IPV6 addresses which can by ping6ed by the UTM but there is no IPV6 connectivity in public space. Apparently the IPV6 multicast packets can't make it from eth1 to eth0 [:(] . I need some kind of neighbor proxying
My question:
What is the proper way to handle this common situation where a provider comes up with a new IPV6 /64 block.
This thread was automatically locked due to age.
