We’ve recently moved to the new BT FTTP service and enjoy a nice, stable 500Mbps download speed. We’re equipped with a Ubiquity UniFi system in the house which uses a USG (Ubiquity Security Gateway) as out main firewall/router. We connect the Openreach ONT (the white box that Openreach install where the fibre terminates and provides an ethernet connection) directly to the USG and don’t use the provided BT home router at all. This config works great and removed the problems of having a double NAT when dealing with firewalls and port forwards. This also lets us use the USG to load balance a 4G connection (which we use for some specific traffic and as a failover).
BT are providing IPv6 over the FTTP service and are to be aplauded for doing so but it has to be configured on the USG in order to receive an IPv6 address. There’s a small ‘gotcha’ in the config that requires a little work in the USG terminal so I thought I would document it here for my own reference and for anyone else who is attempting to configure their USG with the BT FTTP service. I’ll cover all the steps from initial set up on IPv4, adding IPv6 and then fixing the small bug that results in high CPU usage on the USG when using IPv6.
Step 1: Configure the BT FTTP service as a WAN connection
Using the UniFi controller (with the new admin interface enabled), select Settings -> Internet.
If you are setting up from scratch, add a new WAN connection.
If you are reconfiguring a service, click on the current service to access the edit settings screen.
Set the name to BT FTTP and click on the Advanced section to access the other options.
Set the DNS servers to your prefered choices (I use Primary: 127.0.0.1, Secondary: 208.67.220.220).
In the IPv4 section, set the IPv4 Connection to “PPPoE”, Username to “bthomehub@btbroadband.com” and Password to “bt”.
This should give you a working IPv4 connection. Go and do a speed thes to confirm.
Step 2: Configure IPv6
In the edit connection screen, open the IPv6 Connection settings.
Set IPv6 Connection to “DHCPv6”.
Set Prefix Delegation Size to “56”.
Once saved, you should now have an IPv6 connection. You can test this at https://ipv6-test.com.
Step 3: Verify the USG high CPU usage bug
You’ll need to use SSH to access the USG console. I won’t cover that here because if you don’t know how to SSH then you shouldn’t be playing around in the console!
Once connected type “top”. You should see the process “dhcpv6-pd-response” using high CPU (mine was over 60%)
Verify it’s the same issue as I and many other have faced but doing “tail -f /var/log/dhcp6c.log”. If it’s the same issue then you should see a bunch of entries that look something like “update_ia: status code for NA-0: no addresses”.
If you see these entries, and more being added then complete the commands below.
Step 4: Fix the USG high CPU usage bug
In the console type “configure” and press enter.
Type “set interfaces ethernet eth0 pppoe 0 dhcpv6-pd prefix-only” and press enter (this assumes your FTTP connection is on eth0).
Type “commit” and press enter (this action may take a few seconds).
Type “save” and press enter.
Step 5: Verify the fix
Once again, type “tail -f /var/log/dhcp6c.log” and check for any new entries. There should be no new “update_ia: status code for NA-0: no addresses” entries.
You can also type “top” and check that the CPU usage for“dhcpv6-pd-response” has dropped.
My IPv6 is now working great with a USG CPU of around 9% (was over 90% before the fix). I hope this helps out if anyone else is attempting to do the same.
Thanks!! This was very thorough and helpful.
Great write up so thank you.
My only query against your hard work is with your configuration on the LAN. I had to perform some modification relating to IPv6 routing advertisements as well as clean up some inspection rules. Did you come across any issues that you needed to correct within the LAN configuration?
Hi James
No, I didn’t have to do any modifications or clean up. It worked perfectly as it was. Glad I could help you get it working.
Matt
You’re welcome.