Adding IPv6 At Home

Derek Morton

Jun 21, 2022 • 2 min read

Unfortunately my primary ISP at home still doesn't offer native IPv6 (major bummer in 2022) and has even set up CGNAT (having to pay extra for a static IP to get around this). I decided that I wasn't going to wait for them to get IPv6 figured out and was able to get IPv6 running myself. I ultimately ended up getting an ASN and IPv6 block assigned directly to me.

Previously, one could simply create a tunnel at tunnelbroker.net and be off to the races; however, Netflix and others have cracked down on this as they can be used to get around content geo-restrictions and the like. Using your own IP block helps get around these restrictions although it is much more involved.

Being a US-based person, I first looked to ARIN (American Registriy for Internet Numbers) to have an ASN and IPv6 block allocated; this unfortunately is less than practical for an individual as they do not allocate these resources to individual persons, rather only to business-like entities. RIPE (Europe's RIR) allows resource allocation for individuals with services within their service region so I went this route.

First, I purchased an ASN and /44 IPv6 block through securebit.ch and filled out the paperwork they requested; this is when I learned of the requirement to have actual services within the RIPE service region and I also had to purchase a VPS from securebit.ch to fullfil this requirement. A couple days later everything was complete and my ASN and IPv6 block was allocated.

While I could use the VPS purchased at Securebit to serve as the location that I annouce my ASN and IPv6 block from, doing this is less than optimal as all my traffic would have to travel back and forth between San Antonio and Zurich, Switzerland which adds a significant delay. Instead, I am annoucing my resources with a Vultr VPS in Dallas which is the path that the majority of my traffic takes anyways.

Using Vultr to annouce your resources is fairly painless; your ASN and IPv6 blocks can be added and validated via the control panel. Additionally, once you have BGP enabled on your account Vultr provides pre-populated configuration snippets to allow you to get the BGP daemon running on your instances quickly. I used the bird BGP daemon to annouce my resources and a simple GRE tunnel to connect to my PFsense router at home.

After getting things configured on the Vultr VPS I brought the tunnel up on my PFsense router at home and configured my internal LAN to use IPv6 as well; PFsense allows you to configure DHCPv6 and Router Advertisement all via the WebUI so this is easy to get going.

More technical documentation can be found here.

Sign up for more like this.