RUTX50 + Starlink IPv6

Hi,

I have a RUTX50 and starlink gen 2. I want to use IPv6 since I´ve read that it does not have CG-NAT so I could connect to it externally. I have enabled bridge mode on the starlink router so now the main router should be the teltonika one.

The problem is that while it seems to get both IPv4 and IPv6, if i try to use the IPv6 it does not work, I cannnot ping it for example and I can not browse just using IPv6. Is there anything special that needs to be done?

This si my wan6 interface configuration:




Thank you.

Hello,

Unfortunately, having a public IPv6 address doesn’t guarantee that the ISP will forward traffic to it.
Even if a ping6 doesn’t succeed one way to check this is to do a tcpdump on the RUTX50:

tcpdump -i eth1 -n -v icmp6

and ping the address from the outside.
Do you see incoming echo request frames ?

Regards,

Yes, I do see echo requests:

tcpdump: listening on eth1, link-type EN10MB (Ethernet), snapshot length 262144 bytes
13:24:47.540367 IP6 (flowlabel 0x4acb5, hlim 51, next-header ICMPv6 (58) payload length: 64) XXXXXXXXXXXXXX > YYYYYYYYYYYYYYYYY: [icmp6 sum ok] ICMP6, echo request, id 235, seq 1
13:24:47.540593 IP6 (flowlabel 0x92e1a, hlim 64, next-header ICMPv6 (58) payload length: 64) YYYYYYYYYYYYYYYYY > XXXXXXXXXXXXXX: [icmp6 sum ok] ICMP6, echo reply, id 235, seq 1
13:24:48.628337 IP6 (flowlabel 0x4acb5, hlim 51, next-header ICMPv6 (58) payload length: 64) XXXXXXXXXXXXXX > ZZZZZZZZZZZZZZ: [icmp6 sum ok] ICMP6, echo request, id 236, seq 1
13:24:48.628569 IP6 (flowlabel 0x92e1a, hlim 64, next-header ICMPv6 (58) payload length: 64) YYYYYYYYYYYYYYYYY > XXXXXXXXXXXXXX: [icmp6 sum ok] ICMP6, echo reply, id 236, seq 1
13:24:49.692224 IP6 (flowlabel 0x4acb5, hlim 51, next-header ICMPv6 (58) payload length: 64) XXXXXXXXXXXXXX > YYYYYYYYYYYYYYYYY: [icmp6 sum ok] ICMP6, echo request, id 237, seq 1
13:24:49.692454 IP6 (flowlabel 0x92e1a, hlim 64, next-header ICMPv6 (58) payload length: 64) ZZZZZZZZZZZZZZ > XXXXXXXXXXXXXX: [icmp6 sum ok] ICMP6, echo reply, id 237, seq 1

You also have echo replies so the ping6 succeeds! From where was it done ? From a device on the lan or some device on another network ?
Check your firewall and administration settings:

  • Network->Firewall-General settings set wan=>lan to Accept/Accept/Reject
  • System->Access control enable remote ssh access
    With this setup can you reach yout RUTX over ssh ?

I did it from my phone with 5G so another network.
Also I tried the SSH from that same device and it does let me connect to the router.
Finally I tried the firewall and that was the problem, I finally have connection to the outside.
Thank you so much.