On 26 feb 2010, at 00:55, mattmcadoo at mattmcadoo dot com wrote:

> I have a /64 block of IPv6 addresses from my ISP and am having a hell of a
> time to get it working.  For the sake of example, my block is
> 2001:aaaa:bbbb:cccc::/64 and the gateway is 2001:aaaa:bbbb:cccc::1 (all
> the info that was given by my ISP)
> 
> From my understanding of the docs it should done basically by:
>  1. Enable IPv6 support
>  2. On the WAN interface, enable Static IPv6 mode
>  3. Assign an address to the interface  (2001:aaaa:bbbb:cccc::2)
>  4. Turn on RA on the WAN
>  5. Put in the IPv6 gateway (given by my ISP)
>  6. On the LAN interface, enable Static IPv6 mode
>  7. Assign an IPv6 address (2001:aaaa:bbbb:cccc::3 (the Suggested IPv6
> Address always errors...))
>  8  Turn on RA on the LAN
>  9. Add a Static IPv6 route on my LAN interface using the the IPv6 prefix
> and gateway.  (Inferface: LAN, Destination: 2001:aaaa:bbbb:cccc::/64,
> Gateway 2001:aaaa:bbbb:cccc::1)
>  10. Reboot the system for good measure.
> 
> The systems on the LAN side are able to get RA's but not able to ping or
> route out.  I've manually configured a Linux box on the WAN side for IPv6
> and have verified that my ISP's routing is correct.  Even though ifconfig
> shows the proper address for both interfaces on the m0n0wall, doing a
> Neighbor Discovery from the Linux box does not show the m0n0wall router,
> just the Gateway.  I can ping6 the router from systems on the LAN side,
> but not on the Linux box on the WAN side.
> 
> So now I'm left with basically two questions:
>   First, am I wrong about the 10 steps above?
>   Second, should Neighbor Discovery work, or is it a result of router
> being misconfig'd/not working properly?
> 

Just a guess. Since you're not actually routing between subnets, couldn't it be necessary to simply
use a filtered bridge between WAN and LAN?

HTH

Peter