Verizon Router Prefix Delegation with SonicWall Gen 7 Firewall
SecurityGuy1
Newbie

I'm in the Sterling, VA area.  I do receive the /56 prefix delegation from the CO to my Verizon Router.  The Verizon Router makes a single /64 available on the LAN.  

I have a SonicWall Gen 7 firewall behind the Verizon Router.  I would like to make use of prefix delegation to populate the internal interfaces on the firewall.  I have configured the firewall to enable prefix delegation, but nothing gets delegated to the internal interfaces.

Assumptions / Questions / Misc:

1. Perhaps the Verizon Router is not capable of performing a secondary delegation to the firewall.

2. I want to see if I can get the Verizon Router to delegate a /60 to the LAN to see if this will allow the firewall to delegate /64 blocks to the internal interfaces.  I can't find a way to do this.  Any suggestions are appreciated!

3. I want to keep the Verizon Router in the path for the WiFi-6, otherwise I would connect the ONT directly to the firewall.  Also I have another (IPv4 Only) device connected to the Verizon Router WAN in front of the firewall.  That is why I don't want to move the Verizon Router behind the firewall.

4. I have tried an experiment with a Ubiquity EdgeRouter Pro in place of the Verizon router.  The ERPro received the /56 and I was able to assign a different /64 to each port on the ERPro.  I was unable to assign a /60 to any LAN ports.  Open to suggestions here too!

Prefix Delegation would be my preferred mechanism for populating the internal interfaces behind the firewall.  I would like to hear suggestions of things to try before I abort and start doing static internal interface configs.  

Thank you!!

0 Likes