EDGEMAX TELUS IPV6

1. admin@ERX:~$ show configuration
2. firewall {
3. all-ping enable
4. broadcast-ping disable
5. ipv6-name WANv6_IN {
6. default-action accept
7. description "WAN inbound traffic forwarded to LAN"
8. enable-default-log
9. rule 10 {
10. action accept
11. description "Allow established/related session"
12. state {
13. established enable
14. related enable
15. }
16. }
17. rule 20 {
18. action drop
19. description "Drop invalid state"
20. state {
21. invalid enable
22. }
23. }
24. rule 30 {
25. action accept
26. description "allow icmpv6"
27. log disable
28. protocol icmpv6
29. }
30. }
31. ipv6-name WANv6_LOCAL {
32. default-action accept
33. description "WAN inbound traffic to the router"
34. enable-default-log
35. rule 10 {
36. action accept
37. description "Allow established/related sessions"
38. state {
39. established enable
40. related enable
41. }
42. }
43. rule 20 {
44. action drop
45. description "Drop invalid state"
46. state {
47. invalid enable
48. }
49. }
50. rule 30 {
51. action accept
52. protocol ipv6-icmp
53. }
54. rule 40 {
55. action accept
56. description "allow dhcpv6"
57. destination {
58. port 546
59. }
60. protocol udp
61. source {
62. port 547
63. }
64. }
65. }
66. ipv6-receive-redirects enable
67. ipv6-src-route disable
68. ip-src-route disable
69. log-martians enable
70. name WAN_IN {
71. default-action drop
72. description "WAN to internal"
73. rule 10 {
74. action accept
75. description "Allow established/related"
76. state {
77. established enable
78. related enable
79. }
80. }
81. rule 20 {
82. action drop
83. description "Drop invalid state"
84. state {
85. invalid enable
86. }
87. }
88. }
89. name WAN_LOCAL {
90. default-action drop
91. description "WAN to router"
92. rule 10 {
93. action accept
94. description "Allow established/related"
95. state {
96. established enable
97. related enable
98. }
99. }
100. rule 20 {
101. action drop
102. description "Drop invalid state"
103. state {
104. invalid enable
105. }
106. }
107. }
108. receive-redirects disable
109. send-redirects enable
110. source-validation disable
111. syn-cookies enable
112. }
113. interfaces {
114. ethernet eth0 {
115. address 192.168.2.1/24
116. description Local
117. duplex auto
118. speed auto
119. }
120. ethernet eth1 {
121. address dhcp
122. description Internet
123. dhcp-options {
124. default-route update
125. default-route-distance 210
126. name-server update
127. }
128. dhcpv6-pd {
129. pd 0 {
130. interface switch0 {
131. prefix-id :0
132. service slaac
133. }
134. prefix-length 56
135. }
136. prefix-only
137. rapid-commit enable
138. }
139. duplex auto
140. firewall {
141. in {
142. ipv6-name WANv6_IN
143. name WAN_IN
144. }
145. local {
146. ipv6-name WANv6_LOCAL
147. name WAN_LOCAL
148. }
149. }
150. ipv6 {
151. dup-addr-detect-transmits 1
152. }
153. mac 44:D9:E7:07:73:B5
154. speed auto
155. }
156. ethernet eth2 {
157. description Local
158. duplex auto
159. speed auto
160. }
161. ethernet eth3 {
162. description Local
163. duplex auto
164. speed auto
165. }
166. ethernet eth4 {
167. description Local
168. duplex auto
169. poe {
170. output pthru
171. watchdog {
172. address 192.168.1.2
173. failure-count 3
174. interval 15
175. off-delay 5
176. start-delay 300
177. }
178. }
179. speed auto
180. }
181. loopback lo {
182. }
183. switch switch0 {
184. address 192.168.1.1/24
185. description Local
186. dhcpv6-pd {
187. rapid-commit enable
188. }
189. mtu 1500
190. switch-port {
191. interface eth2
192. interface eth3
193. interface eth4
194. }
195. }
196. }
197. port-forward {
198. auto-firewall enable
199. hairpin-nat enable
200. lan-interface switch0
201. wan-interface eth1
202. }
203. service {
204. dhcp-server {
205. disabled false
206. hostfile-update disable
207. shared-network-name DHCPv4 {
208. authoritative disable
209. subnet 192.168.1.0/24 {
210. default-router 192.168.1.1
211. dns-server 192.168.1.1
212. dns-server 75.153.176.1
213. domain-name ERX
214. lease 86400
215. start 192.168.1.10 {
216. stop 192.168.1.100
217. }
218. static-mapping Chromecast {
219. ip-address 192.168.1.11
220. mac-address 6c:ad:f8:fa:6d:87
221. }
222. static-mapping ConnorsiPhone6S {
223. ip-address 192.168.1.12
224. mac-address cc:20:e8:e3:15:2e
225. }
226. static-mapping WCB3000N {
227. ip-address 192.168.1.4
228. mac-address 4c:8b:30:c4:3d:94
229. }
230. }
231. }
232. }
233. dhcpv6-relay {
234. listen-interface switch0 {
235. }
236. listen-port 546
237. max-hop-count 85
238. upstream-interface eth1 {
239. }
240. }
241. dns {
242. forwarding {
243. cache-size 150
244. listen-on eth0
245. listen-on switch0
246. }
247. }
248. gui {
249. https-port 443
250. }
251. nat {
252. rule 5010 {
253. outbound-interface eth1
254. type masquerade
255. }
256. }
257. ssh {
258. port 22
259. protocol-version v2
260. }
261. telnet {
262. port 23
263. }
264. }
265. system {
266. domain-name ERX
267. host-name ERX
268. login {
269. user admin {
270. authentication {
271. encrypted-password ****************
272. plaintext-password ****************
273. }
274. full-name "Connor McCaffrey"
275. level admin
276. }
277. }
278. name-server 75.153.176.1
279. name-server 8.8.8.8
280. ntp {
281. server 0.ubnt.pool.ntp.org {
282. }
283. server 1.ubnt.pool.ntp.org {
284. }
285. server 2.ubnt.pool.ntp.org {
286. }
287. server 3.ubnt.pool.ntp.org {
288. }
289. }
290. syslog {
291. global {
292. facility all {
293. level notice
294. }
295. facility protocols {
296. level debug
297. }
298. }
299. }
300. time-zone UTC
301. }
302. traffic-control {
303. smart-queue Telus {
304. upload {
305. ecn enable
306. flows 1024
307. fq-quantum 300
308. htb-quantum 1500
309. interval 80ms
310. limit 10240
311. rate 11.7mbit
312. target 5ms
313. }
314. wan-interface eth1
315. }
316. }