EdgeOS IPv6 + delegation on Time Warner Cable

commands.txt

# Assumes eth0 is internet, switch0 is normal internal network, and switch0.52 is a DMZ

# Firewall
lstoll@corerouter# set interfaces ethernet eth0 firewall in ipv6-name wan6_in
lstoll@corerouter# set interfaces ethernet eth0 firewall local ipv6-name wan6_local

lstoll@corerouter# set firewall ipv6-name wan6_in default-action drop
lstoll@corerouter# set firewall ipv6-name wan6_in description "WAN IPv6 to internal networks"
lstoll@corerouter# set firewall ipv6-name wan6_in enable-default-log 
lstoll@corerouter# set firewall ipv6-name wan6_in rule 10 action accept
lstoll@corerouter# set firewall ipv6-name wan6_in rule 10 description "Allow established/related sessions"
lstoll@corerouter# set firewall ipv6-name wan6_in rule 10 state established enable 
lstoll@corerouter# set firewall ipv6-name wan6_in rule 10 state related enable
lstoll@corerouter# set firewall ipv6-name wan6_in rule 20 action drop
lstoll@corerouter# set firewall ipv6-name wan6_in rule 10 description "Drop invalid state"
lstoll@corerouter# set firewall ipv6-name wan6_in rule 10 description "Allow established/related sessions"
lstoll@corerouter# set firewall ipv6-name wan6_in rule 20 description "Drop invalid state"
lstoll@corerouter# set firewall ipv6-name wan6_in rule 20 state invalid enable 
lstoll@corerouter# set firewall ipv6-name wan6_in rule 30 action accept
lstoll@corerouter# set firewall ipv6-name wan6_in rule 30 description "Allow IPv6 icmp"
lstoll@corerouter# set firewall ipv6-name wan6_in rule 30 protocol ipv6-icmp
lstoll@corerouter# set firewall ipv6-name wan6_local default-action drop
lstoll@corerouter# set firewall ipv6-name wan6_local description "WAN IPv6 to router"
lstoll@corerouter# set firewall ipv6-name wan6_local enable-default-log
lstoll@corerouter# set firewall ipv6-name wan6_local rule 10 action accept
lstoll@corerouter# set firewall ipv6-name wan6_local rule 10 description "Allow established/related sessions"
lstoll@corerouter# set firewall ipv6-name wan6_local rule 10 state established enable 
lstoll@corerouter# set firewall ipv6-name wan6_local rule 10 state related enable 
lstoll@corerouter# set firewall ipv6-name wan6_local rule 20 action drop 
lstoll@corerouter# set firewall ipv6-name wan6_local rule 20 description "Drop Invalid state"
lstoll@corerouter# set firewall ipv6-name wan6_local rule 20 state invalid enable 
lstoll@corerouter# set firewall ipv6-name wan6_local rule 30 action accept
lstoll@corerouter# set firewall ipv6-name wan6_local rule 30 description "Allow IPv6 icmp"
lstoll@corerouter# set firewall ipv6-name wan6_local rule 30 protocol ipv6-icmp
lstoll@corerouter# set firewall ipv6-name wan6_local rule 40 action accept 
lstoll@corerouter# set firewall ipv6-name wan6_local rule 40 description "Allow dhcpv6"
lstoll@corerouter# set firewall ipv6-name wan6_local rule 40 destination port 546
lstoll@corerouter# set firewall ipv6-name wan6_local rule 40 protocol udp
lstoll@corerouter# set firewall ipv6-name wan6_local rule 40 source port 547

# Getting addresses from the ISP
lstoll@corerouter# set interfaces ethernet eth0 dhcpv6-pd pd 1 interface switch0 service slaac 
lstoll@corerouter# set interfaces ethernet eth0 dhcpv6-pd pd 1 interface switch0 prefix-id :51
lstoll@corerouter# set interfaces ethernet eth0 dhcpv6-pd pd 1 interface switch0 service slaac
lstoll@corerouter# set interfaces ethernet eth0 dhcpv6-pd pd 1 interface switch0.52 service slaac 
lstoll@corerouter# set interfaces ethernet eth0 dhcpv6-pd pd 1 interface switch0.52 prefix-id :52
lstoll@corerouter# set interfaces ethernet eth0 dhcpv6-pd pd 1 interface switch0.52 service slaac
lstoll@corerouter# set interfaces ethernet eth0 dhcpv6-pd rapid-commit enable 


# If your hardware supports it
lstoll@corerouter# set system offload ipv6 forwarding enable 
Error: platform does not support IPv6 forwarding offload