This article will provide guidance on how to provision IPv6 on any model of UniFi Security Gateway (USG) and UniFi Dream Machine (UDM). The article will explain how DHCPv6-PD and Static IPv6 are implemented, along with explaining how LAN clients obtain an IPv6 address.
- DHCPv6-PD will not work with the USG behind another router that does not provide prefix delegation or sub-delegation.
- Will not work with 6RD, DS-Lite, or other non-native IPv6 technologies.
- Find the manual configuration method used for UniFi Controller software version older than v5.7 at the end of this article.As always, we recommend staying with the newest software and firmware versions at all times.
- Please not that VPN is not supported on IPv6.
Table of Contents
Depending on how the ISP has their IPv6 environment structured, the USG will either need to be configured with a static IPv6 address or receive an address via DHCPv6 on WAN.
On the LAN side of this configuration, the setup may vary on the factors listed in the table above. If the USG has received a prefix delegation (PD) from the ISP, it will advertise the prefix that clients will use with stateless address auto-configuration (SLAAC) and the EUI-64 process. The static IPv6 addressing assumes you know the block of addressing that the clients are supposed to be using.
Steps: How to Implement IPv6
- In the UniFi Controller, navigate to Settings>Networks>Edit WAN Network.
- In the IPv6 section select whether the Connection Type will be DHCPv6 or static IPv6 addressing. Other than that, it is only necessary to select the Prefix Delegation Size.
- Click Save to finish.
- Navigate to Settings > Networks > Edit network > "Configure IPv6 network" section.
- If DHCPv6 was selected on WAN then prefix delegation will be used for "IPv6 Interface Type".
- Make sure the correct WAN interface and IPv6 router advertisement are applied.
- If static was chosen on WAN, the options for IPv6 gateway/subnet must be filled in along with applying the correct DHCPv6 range if desired.
- After each selection has been made click save and the USG will be provisioned.
Testing & Verification
showcommands below will not work on the UniFi Dream Machine models, but the
1. SSH into the USG.
2. Input the following commands:
show ipv6 route : will show IPv6 connected networks for both global and link-local address types.
show interfaces : will show IPv6 addressing under the configured interfaces.
show ipv6 neighbors : will show IPv6 Neighbor Discovery (ND) information.
ping6 google.com : will respond with icmp6 replies if configured correctly.
When enabled, the clients should not need intervention to complete the SLAAC process. If the clients do not have an address then disabling/enabling the NIC should bring the addressing up. A test of connectivity from a client would be to "ping6 google.com" (OS X, Linux, BSD) or "ping -6 google.com" (Windows).
See other configurations in the UniFi Routing and Switching help center section.
Manual Configuration with .JSON File (Controller Version Pre-5.7)
Click here to see manual configuration instructions for UniFi Controller versions prior to v5.7. We recommend upgrading to the newest version available.