0

I moved and my only option for decent internet is Starlink, which is behind a CGNAT. I don't have a lot of experience with getting around it. Hoping to get some advice or to know what the best way to deal with it would be.

Before on a different ISP I had DDNS with port forwards to allow IPMI and connections to a OpenVPN server.

I honestly don’t fully understand IPv6 just a basic understanding. So first question, If I can setup a DDNS with IPv6 to my router do the internal addresses need to also be IPv6? Public IPv6 with port forwards to internal IPv4 addresses? Mostly so I don’t have to redo everything.

My first issue is my current firewall software Untangle/NG Firewall doesn’t really have a DHCPv6 sever so I setup a pfSense VM to test. I get a public IPv6 address on the Starlink and can ping the pfSense VM from it. Although I can’t seem to get an IPv6 address assigned to my laptop which can’t ping anything IPv6 outside. It just has a local link address.

Anyone know why it won’t work? I searched and followed guides but still no luck.

Improve this question
1
  • Setting up a dynamic DNS won’t allow you to open ports on the Starlink terminal. There is very little difference between IPv4 and IPv6 with regards to these services you describe. Yes; I would be shocked if Starlink only supported IPv6 the terminal likely supports both
    – Ramhound
    Commented Jan 21 at 3:01

1 Answer 1

Reset to default
1

So first question, If I can setup a DDNS with IPv6 to my router do the internal addresses need to also be IPv6?

Yes, it's kind of the whole point. Generally you wouldn't set up DDNS to your router – you'd point the domain to the VPN server's IPv6 address directly, because the idea is that every device in your network would have its own external IPv6 address.

Although I can’t seem to get an IPv6 address assigned to my laptop which can’t ping anything IPv6 outside. It just has a local link address.

If your laptop is connected indirectly (i.e. on a separate subnet through a separate router), then that router (pfSense?) needs to do IPv6 assignment as well. Typically not through DHCPv6, however – the primary method in IPv6 is SLAAC, also known as "Router Advertisement" or "RA".

And, just as in IPv4, when you have two subnets then they need different IP address ranges; the pfSense router needs to use DHCPv6-PD to obtain its own public IPv6 prefix (or it needs to do IPv6 NAT... which I don't think its OS is capable of).

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .