Mathias' Blog

Occasional musings and technical posts…

11 Feb 2021

UniFi AC Pro and IPv6 RAs

For a while now, I’ve been running an IPv4/IPv6 dual stack network on my main wired LAN. IPv6 availability has come a long way since World IPv6 Day a decade ago, when I first started dabbling with IPv6 connectivity. Indeed, a lot of my network-connected devices run only IPv6.

It’s easy to use a given protocol when you control the entire network – things get interesting when you try to use it beyond your network. So, I’ve started a personal experiment: how well can I use the Internet solely over IPv6? To make this a bit less painful, right now I’m only making this change on my wireless network, which previously had been IPv4 only. (Yeah, yeah, why hadn’t I already enabled IPv6 for wifi? I’m lazy! My wifi is around mostly for convenience or my phone that doesn’t have an Ethernet port.)

For several years, I’ve been a very happy Ubiquiti user, with two AC Pros serving my wireless network. I don’t use their UniFi Security Gateway (USG) – relying rather on pfSense – so my access points are pretty dumb, simply relaying packets to and from the port on my router and any wireless clients.

IPv6 is very cool, in that it can be truly plug-and-play. There’s no need for NAT, or for a local DHCP server (although nothing’s stopping you from using one if you want). This is done through SLAAC (Stateless Address Auto-Configuration) where clients automatically assign themselves an appropriate address and optionally get some basic network configuration, like a local DNS server. This is done through the magic of Router Advertisements (RAs) sent via multicast from the local router.

That’s worked great on my wired LAN, but for some reason wasn’t working for me on my wireless network. After some debugging, it became clear that something was preventing the multicast packets from actually being broadcast from the access points. A bit of googling later, I found the very simple solution: whitelist my router’s MAC address in the UniFi wireless network configuration (red box in the screenshot below), and voilà, IPv6 connectivity is (exclusively) available to all wireless clients on my network! Apparently this is done automatically if you are using a USG in conjunction with your UniFi access points, but that’s not the case for my setup.

UniFi network settings

UniFi network settings (click to embiggen)

So, what’s the verdict?

Well, things are working pretty smoothly a couple of days in. I have found a handful of sites and services that aren’t available over IPv6, such as Zoom, reddit, and the StackOverflow family of sites. Other than that, you wouldn’t know that you’d left IPv4 behind.