I've configured DHCPv6-PD and RA all by myself. The Basic Setup Function under the Wizard tab just won't work for me. After I've enabled IPv6, I'm able to use ping6 and verify my IPv6 connection using www.ipv6-test.com. But other than that, other sites that have IPv6 enabled eg bgp.he.net and my UniFi Controller (IPv6 enabled at DigitalOcean) will always say waiting for (whatever).com and time-out in the end. I've seen reports by other user that enabling Hardware Offload will cause the IPv6 to not work, so I went ahead to disable all Hardware Offload functions and give those sites a try again but unfortunately, they still won't work. This problem has occured since v1.8.0. I have included as many information as I gathered here. Any advice how to solve this?
ISP: Telekom Malaysia (AS4788)
Connection Type: PPPoE tagged with vlan 500
IPv6 Connection Type: DHCPv6-PD over PPPoE tagged with vlan 500 and RA to distribute IPv6 addresses to all Clients.
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface IP Address S/L Description
--------- ---------- --- -----------
br0 - u/u TM UniFi HyppTV Bridge
eth0 - u/u Internet
eth0.500 - u/u TM UniFi Internet VLAN
eth0.600 - u/u TM UniFi HyppTV VLAN
eth1 - u/D Local
eth2 - u/D Local
eth3 - u/D Local
eth4 - u/u Local
lo 127.0.0.1/8 u/u
::1/128
pppoe0 175.143.2x9.y7z u/u
switch0 10.0.0.1/24 u/u Local
2001:e68:5413:2b73:46d9:e7ff:fe07:1bd1/64
switch0.10 10.0.1.1/24 u/u Guest Wi-Fi
2001:e68:5413:2b73:46d9:e7ff:fe07:1bd1/64
IPSec offload module: not loaded
HWNAT offload module: not loaded
Traffic Analysis :
export : enabled
dpi : enabled
firewall {
all-ping enable
broadcast-ping disable
ipv6-name WAN6_IN {
default-action drop
rule 10 {
action accept
description "allow established"
protocol all
state {
established enable
related enable
}
}
rule 20 {
action drop
description "drop invalid packets"
protocol all
state {
invalid enable
}
}
rule 30 {
action accept
description "allow ICMPv6"
protocol icmpv6
}
}
ipv6-name WAN6_LOCAL {
default-action drop
rule 10 {
action accept
description "allow established"
protocol all
state {
established enable
related enable
}
}
rule 20 {
action drop
description "drop invalid packets"
protocol all
state {
invalid enable
}
}
rule 30 {
action accept
description "allow ICMPv6"
protocol icmpv6
}
rule 40 {
action accept
description "allow DHCPv6 client/server"
destination {
port 546
}
protocol udp
source {
port 547
}
}
}
ipv6-receive-redirects disable
ipv6-src-route disable
ip-src-route disable
log-martians enable
name WAN_IN {
default-action drop
description "WAN to LAN"
rule 1 {
action accept
description "Allow established/related"
log disable
protocol all
state {
established enable
invalid disable
new disable
related enable
}
}
rule 2 {
action drop
description "Drop invalid state"
log disable
protocol all
state {
established disable
invalid enable
new disable
related disable
}
}
}
name WAN_LOCAL {
default-action drop
description "WAN to router"
enable-default-log
rule 1 {
action accept
description "Allow established/related"
log disable
protocol all
state {
established enable
related enable
}
}
rule 2 {
action drop
description "Drop invalid state"
log disable
protocol all
state {
invalid enable
}
}
rule 3 {
action accept
description "Remote access"
destination {
port 80,443
}
log enable
protocol tcp_udp
}
rule 5 {
action accept
description SSH
destination {
port 122
}
log enable
protocol tcp_udp
}
rule 6 {
action accept
description Ping
log enable
protocol icmp
}
}
receive-redirects disable
send-redirects enable
source-validation disable
syn-cookies enable
}
interfaces {
bridge br0 {
aging 300
bridged-conntrack disable
description "TM UniFi HyppTV Bridge"
hello-time 2
max-age 20
priority 32768
promiscuous disable
stp false
}
ethernet eth0 {
description Internet
duplex auto
firewall {
in {
}
local {
}
}
speed auto
vif 500 {
description "TM UniFi Internet VLAN"
pppoe 0 {
default-route auto
dhcpv6-pd {
pd 0 {
interface switch0 {
service dhcpv6-stateless
}
interface switch0.10 {
service dhcpv6-stateless
}
prefix-length 64
}
rapid-commit enable
}
firewall {
in {
ipv6-name WAN6_IN
name WAN_IN
}
local {
ipv6-name WAN6_LOCAL
name WAN_LOCAL
}
}
ipv6 {
dup-addr-detect-transmits 1
enable {
}
}
mtu 1492
name-server none
password ****************
user-id nsf6969@unifi
}
}
vif 600 {
bridge-group {
bridge br0
}
description "TM UniFi HyppTV VLAN"
}
}
ethernet eth1 {
description Local
duplex auto
speed auto
}
ethernet eth2 {
description Local
duplex auto
speed auto
}
ethernet eth3 {
bridge-group {
bridge br0
}
description Local
duplex auto
speed auto
}
ethernet eth4 {
description Local
duplex auto
poe {
output off
}
speed auto
}
loopback lo {
}
switch switch0 {
address 10.0.0.1/24
description Local
ipv6 {
dup-addr-detect-transmits 1
router-advert {
cur-hop-limit 64
link-mtu 0
managed-flag true
max-interval 600
other-config-flag false
prefix ::/64 {
autonomous-flag true
on-link-flag true
valid-lifetime 2592000
}
reachable-time 0
retrans-timer 0
send-advert true
}
}
mtu 1500
switch-port {
interface eth1 {
}
interface eth2 {
}
interface eth4 {
}
vlan-aware disable
}
vif 10 {
address 10.0.1.1/24
description "Guest Wi-Fi"
ipv6 {
dup-addr-detect-transmits 1
router-advert {
cur-hop-limit 64
link-mtu 0
managed-flag true
max-interval 600
other-config-flag false
prefix ::/64 {
autonomous-flag true
on-link-flag true
valid-lifetime 2592000
}
reachable-time 0
retrans-timer 0
send-advert true
}
}
mtu 1500
}
}
}
port-forward {
auto-firewall enable
hairpin-nat enable
lan-interface switch0
wan-interface pppoe0
}
service {
dhcp-server {
disabled false
hostfile-update disable
shared-network-name Guest_LAN {
authoritative disable
subnet 10.0.1.0/24 {
default-router 10.0.1.1
dns-server 10.0.1.1
dns-server 8.8.4.4
lease 86400
start 10.0.1.2 {
stop 10.0.1.254
}
}
}
shared-network-name LAN {
authoritative disable
subnet 10.0.0.0/24 {
default-router 10.0.0.1
dns-server 10.0.0.1
dns-server 8.8.4.4
lease 86400
start 10.0.0.2 {
stop 10.0.0.254
}
}
}
use-dnsmasq disable
}
dns {
dynamic {
interface pppoe0 {
service noip {
host-name jacktooandroid.ddns.net
login jacktooandroid@gmail.com
password ****************
}
}
}
forwarding {
cache-size 150
listen-on switch0
listen-on switch0.10
}
}
gui {
http-port 80
https-port 443
older-ciphers enable
}
nat {
rule 5010 {
description "masquerade for WAN"
log disable
outbound-interface pppoe0
protocol all
type masquerade
}
}
ssh {
port 122
protocol-version v2
}
upnp {
listen-on switch0 {
outbound-interface pppoe0
}
}
}
system {
config-management {
commit-archive {
}
commit-revisions 65535
}
host-name ubnt
login {
user ubnt {
authentication {
encrypted-password ****************
plaintext-password ****************
}
full-name ""
level admin
}
}
name-server 8.8.4.4
name-server 8.8.8.8
ntp {
server 0.ubnt.pool.ntp.org {
}
server 1.ubnt.pool.ntp.org {
}
server 2.ubnt.pool.ntp.org {
}
server 3.ubnt.pool.ntp.org {
}
}
offload {
hwnat disable
ipsec disable
}
syslog {
global {
facility all {
level notice
}
facility protocols {
level debug
}
}
}
time-zone Asia/Kuala_Lumpur
traffic-analysis {
dpi enable
export enable
}
}
traffic-control {
} 
