It’s not as if it hasn’t been done before, but here’s my take on this classic.
Recently while assisting with an Arduino project, I found myself needing a simple circuit which generates either a 1 KHz or or 100 Hz square wave. The reason for this was to connect to an interrupt pin to generate a timekeeping-level accurate 1ms or 10ms timestamp, which the Arduino its self cannot generate as its crystal is fixed at 16.000 MHz
This turns out to be a little more difficult than I expected. Because you can’t divide 100 down to 10 with flip-flops, whatever you end up building is going to do one frequency or the other, requiring a change in crystal to switch. So first of all, let’s look at which crystals can generate these frequencies:
A crystal that can divide down to 1 KHz must be a power of two, multiplied by 1000. Some examples (all of which are easy to come by) are:
- 32.000 KHz (divide by 32)
- 2.048 MHz (divide by 2048)
- 4.096 MHz (divide by 4096)
- 8.192 MHz (divide by 8192)
Likewise, a crystal that can divide down to 100 Hz must be a power of two multiplied by 100. These are not so common. Some examples I could find:
- 25.600 KHz (divide by 256) – I could only find one example from a single manufacturer, which is stocked by some vendors but no longer in production
- 1.6384 MHz (divide by 16384) – Once existed, but at the time of writing none appear to be in production or for sale
- 6.5536 MHz (divide by 65536) – Several examples in production at the time of writing, reasonably obtainable
My requirements are:
- Must be easy to change from 100 Hz to 1 KHz
- No expensive or obscure components
- Must be all SMT
- Vcc = 5V
The next headache
Now I have to find an IC which can divide two of the above frequencies down to 100 Hz or 1 KHz. The trusty old CD4060 immediately jumps out. If we switch between 25.600 KHz and 32.000 KHz crystals, also changing the output stage – we’ve got a solution. Problem is, this solution falls foul of two my objectives – that one-and-only obscure 25.600 KHz crystal, which is not SMT.
With the only practical primary clock (for me) for 100 Hz operation being 6.5536 MHz, that rules pretty much all CD4xxx timers, which according to their datasheets, can’t operate with such high input clocks.
So far as I could see that leaves two options: 74xx292 (Rare in SMT) and HEF4541. If we are to select 8.192 MHz for the 1 KHz option, both can divide by 8192 and 65536, and handle those input clocks.
One more bump in the road
Because of the obscurity of 74xx292 in SMT, I’ve gone for HEF4541. The HEF4541 can in theory have a crystal connected directly to it, but after hours of profanities I discover that running at Vcc = 5V it can’t quite self oscillate at 6-8 MHz. We can prove this by shorting RS and RTC, and we see that it self-oscillates (with no other components) at about 5.9 MHz, which reveals the shortest propagation time between those two pins.
Great, so now we need another IC. Fortunately that only needs to be a 74HC2G04 which is tiny and inexpensive, barely increasing the footprint of this circuit.
The final solution
First, the 100 Hz version. Note that R3 can also be a wire link.
Related article: Silencing a Cisco 2951 router.
I recently purchased a Cisco 2911 to replace my 1921 for use at home, as I needed an extra WIC slot. Now that they’ve been obsoleted by the ISR 4000 series, they’re starting to appear on eBay for relatively palatable sums. For me, the 2911 was a good choice because it has four WIC slots and fits in a 450mm deep rack, whereas the 2901 requires at least a 600mm deep rack, which is far too large for my home office. The 1941 was another possibility, but it’s not enough of an upgrade, and quite frankly, too damn ugly.
Without even having to bother plugging it in and switching it on, I know this thing is going to be too noisy for a home environment. The good news is that the standard array of leaf-blower strength fans are only needed when this product is used in extreme situations, i.e. loaded up with a four WIC cards, a 24-port Gigabit switch service module, with PoE, all ports at full power, and roasting in a street cabinet on a searing hot day in Egypt.
As this does not remotely resemble my use case, I can do away with most of the cooling. First stop – the fan module:
Top is the original, which I am going deaf just looking at, and below is my modified module.
I’ve removed all four of the original fans and fitted a single 70mm 4-wire fan (Delta AFB0712HHB). In order to prevent the system log from filling up with warnings about failed / missing fans, I’ve connected the tach signal from that one fan to the input for the 3 fans.
A quick run of ‘show env’ reveals that this has done the trick. The router being none the wiser to three of the fans being absent.
SYSTEM FAN STATUS ================= Fan 1 OK, Low speed setting Fan 2 OK, Low speed setting Fan 3 OK, Low speed setting Fan 4 OK, Low speed setting
Just in case it isn’t obvious – the pinout for that connector (Molex 44133-1208) is as follows:
- 1 TACH – 40mm
- 2 TACH – 70mm (rear-most fan)
- 3 GND + Orange presence strap
- 4 TACH – 70mm (middle fan)
- 5 TACH – 70mm (front-most fan)
- 6 GND (middle and front-most fan)
- 7 PWM – 40mm
- 8 PWM – 70mm (rear-most fan)
- 9 +12V
- 10 PWM – 70mm (middle fan)
- 11 PWM – 70mm (front-most fan)
- 12 Orange presence strap
Fortunately I have the Molex Micro-Fit 3.0 contact extraction tool, and crimp tool handy making this easy, but failing that a new connector and contacts could easily be purchased from Mouser.
Eliminating the power supply as a heat source
In my setup, everything runs from a single battery backed regulated DC +12V source. This is no coincidence, as most I.T. equipment internally runs from +12V, meaning that in almost all cases my gear doesn’t require an internal power supply. This router is no exception, needing only a single +12V source (with 5V standby voltage), so I effectively don’t need the power supply here either.
Good news for this conversion, because that’s another source of heat done away with, in fact it means that I don’t need any cooling in the lower half of the router, so that inlet vent can be blanked up – focusing the cooling Mojo of my single 70mm fan solely on the top (mainboard) half of the router.
But it’s not quite that simple. On my previous router (a 1921) the +12V could be feed straight through to the mainboard with no extra components. On the 2911, we need a bit of extra stuff to satisfy it.
I whipped up a small emulator PCB which fits in place of the power supply’s original PCB, and has all the extra bits needed to satisfy the routers’ software / hardware – i.e. present its’ self as a PWR-2911-AC, leaving the router none-the-wiser to the fact that it is now powered by an impostor power supply. The downside is that there is nothing but empty wasted space in the lower half of the router.
I’m not going to go into the details of this, but you can download its schematic here. While I was at it, I moved the power switch and inlet to the rear and blanked up the front. A little more convenient, because it means I don’t have to grope around in the back of my rack. For anyone else with the desire and patience to construct an emulator board like mine, a 60W power brick can easily replace the internal power supply.
A quick check shows that IOS is happy with my phony power supply, with the temperature sensor working, serial number and model number still reading as per the original AC supply this replaces.
Router#show inv ... NAME: "C2911 AC Power Supply", DESCR: "C2911 AC Power Supply" PID: PWR-2911-AC , VID: V05 , SN: DCA1647R2GF Router#show env SYSTEM TEMPERATURE STATUS ========================= ... Power Supply Unit temperature: 28 Celsius, Normal
How it runs
The power consumption of an idle unloaded 2911 at the 12V stage is 1.8 Amps (about 23W) – show environment reports a lot higher (38W), I am assuming this takes into account inefficiency in the power supply.
If we are to assume that this is also the unit TDP – It’s practically bupkis given its large size. According to my scientific ‘finger on heatsink’ tests, all of my WIC cards run very cool. The mainboard ASIC also barely gets warm to the touch.
The only thing I need to keep an eye on is the CPU temperature. The CPU in my unit is a Cavium Octeon (MIPS64), which is fairly energy efficient, but still chucks out the loins share of the heat. It has an internal temperature sensor, which we can read out with the ‘show environment’ command.
SYSTEM TEMPERATURE STATUS ========================= Intake Left(Bezel) temperature: 31 Celsius, Normal Intake Left temperature: 23 Celsius, Normal Exhaust Right(Bezel) temperature: 34 Celsius, Normal Exhaust Right temperature: 27 Celsius, Normal CPU temperature: 61 Celsius, Normal Power Supply Unit temperature: 28 Celsius, Normal
At 61 degrees, it is 2 degrees hotter than it was with the stock hurricane grade array of fans, where it sat at 59 degrees. Suffice to say that for my light use case, those fans are indeed completely unnecessary.
For anyone thinking of attempting this…
Having a single fan is ideal, because there is no risk of irritating ‘beat patterns’ (which often occur when fans rotating at similar speeds are near each other) – but you can only get away with a single fan if also doing away with the power supply, there’s nothing in the service module bay, and the inlet for the lower half of the router is blanked up. As is the case with mine.
As the PWR-2911-AC does need a little bit of airflow at 30-40 watts, I would suggest replacing with three thinner 70mm fans (like the one I have used) and doing away with / blanking up the 40mm fan, because you are not going to find a quiet one, then strap the tach signal for the 40mm fan to one of the 70mm fans to eliminate software errors.
As a keen electronics hobbyist, I have designed some 50 or so PCBs to date. In each instance where a switching regulator is required, I’m typically reaching for one of two options: Where efficiency isn’t important – the trusty old LM2596, or when efficiency is required, I’ll be using a design from Linear Technology with synchronous regulation.
On my last two boards however, for reasons I am myself not entirely sure of (cost perhaps?) I used an MC34063. It’s been with us since the dinosaurs roamed the earth, and is unsurprisingly very primitive. It should have been designated to the dustbin of history, but thanks to the internet and the renascence of electronics in the hobbyist space, it has made an aggressive comeback, and for a simple reason: It’s dirt cheap.
My MC34063 was deployed on the PCB with the above circuit, lifted unchanged from the datasheet. It just so happened that I need 5V at 500mA max, from a 24-28V source. Perfect. What could possibly go wrong?
There is one very important thing we must consider when using this chip: It has absolutely no built-in thermal protection. The above circuit does have over-current protection, but this does not offer any protection from sustained short circuits. In many cases that isn’t a problem, but on this board it was.
From looking at the photo, we can see that there’s quite a bit of burned out stuff, making it a little difficult to piece together exactly what happened. Fortunately it all unfolded before my very eyes. The problem started with something that was nothing to do with the MC34063. See those two rectangular capacitors? One of them is particularly toasty indeed.
That capacitor is an AVX “TAJ” series 330uF 10V tantalum. It had developed an internal short circuit which caused the MC34063 to gradually heat up, eventually reaching a point where its internals melted, then becoming a short circuit its self.
Once the MC34063 became a short circuit, the 25V input voltage surged straight through to the 5V secondary, bear in mind that, that voltage is coming from a bank of large lead acid batteries.
Both pairs of batteries were protected with battery fuses, but those were 15A a piece, as this is a very high power setup, also on the PCB was a 30A maxi blade fuse. Surely one of those would have blown? Nope. When silicon melts to the point of becoming a short circuit, there is typically still a few ohms of resistance, which in this case was not enough to blow any fuses.
What happens next? BOOM! The short circuiting of the MC34063 unleashed 25V @ ~40A of potential at that shorted capacitor, which promptly exploded, ejecting a significant amount of fire and hot gasses in the process. In the picture you can clearly see the internals of it have become a melted blob of metal, transforming it into a very effective short circuit.
The last phase of destruction was the MC34063 its self burning to a cinder, as it is now the weakest part of the circuit, doing significant damage to the PCB in the process.
It’s at this point that you start recounting exactly what is attached to the 5V rail, because it is likely now toast. The tantalum capacitor must have briefly been open circuit because all 10 ICs fed from the 5V rail were completely destroyed, as well as all of the chips on a second PCB also fed from this regulator, requiring hours of rework to replace them all. Just as well there was nothing expensive connected to it.
- When using an MC34063, or anything else without built-in protection – short out its output for a few minutes and see what happens. If you find yourself staring at a mess like the above, sort it out. Don’t ever assume it won’t happen.
- In cases like this where the system is fed from batteries, protected by large fuses – add a second smaller fuse i.e. 500mA before small circuits like this.
- In my case I have ditched the MC34063 and replaced with with a Wurth 173010542 7805 switching drop in replacement. It gets me a 5V output with 90% efficiency, over-current and over-temperature protection. Not cheap, but when you are talking about stuff that could start a fire…
One of the biggest advantage of these sensors over I2C sensors, is that you can mount them almost anywhere. That having been said, I’ve never quite managed to come up with an elegant solution, particularly when attaching to a heatsink (for cooling applications).
Typically I find myself drilling 5mm holes in pieces of aluminum, then stuffing the sensor in that hole, or using small metal clips, which aren’t always reliable.
One solution I looked at using the aluminum heatsink clips from vintage TO-92 transistors i.e. 2N3403 and 2N4425. These are absolutely perfect but unfortunately the clips aren’t purchasable without the transistor. Sadly these parts are no longer in production and becoming increasingly rare. Destroying them to scavenge thier heatsink clips is a little senseless.
Without wanting risk the wrath of the world’s remaining Ham Radio enthusiasts… What other options are there?
I recently had the idea of using ‘Yellow’ (6mm) ring terminals with 3.2mm holes:
Perfect! All I had to do was remove the plastic band, cut the crimp and open it a little, add a little heatsink compound (to be pedantic), then gently crimp the sensor in place with pliers.
This has turned out to be a robust and inexpensive solution, as those terminals are made of copper, they conduct heat very effectively. I wish I had thought of this a decade ago.
Putting a little heatshrink over the final assembly makes for a good finishing touch.
I recently found myself needing a simple circuit which could detect a low battery condition of a sealed lead acid setup, but also with a hysteresis function i.e. don’t re-enable the output until the battery voltage rises to a certain threshold.
The internet is practically exploding with low voltage detection circuits but many are quite complicated with exotic ICs and other fussy details.
Geez man. All it takes is a single comparator and a two resistors (three for hysteresis).
Okay so my circuit has a little more, that is because making something that is actually useful requires a bit of extra stuff.
With the above component values it will cut out at 11.2V and re-activate at 12V, which is good for most sealed lead acid batteries. There is also second comparator – this is purely acting as a logic inverter, because I needed a negative logic output. If you don’t need it, leave it out. One of the cheapest and most available comparators – the LM393 has two units anyway, so this works out well.
The main guts of the circuit is R1, R2, R3 & U1A. R4 & R5 are a simple voltage divider to get the input voltage inside of the 5V operating range of the comparator. R6, R7 R8 & R9 should be left as is.
Because I’m using fixed resistors, I’ve worked backwards, from a ‘components first’ approach, simply working out the formula for the circuit then plugging a variety of E24 resistor values in until I got what I wanted. I find this easier than working from a ‘results first’ approach i.e. starting with the desired voltages, to then being told by your workings you need a whole bunch of resistor values that don’t exist!
- VCC (Constant – 5.0): The output of the 78L05
- VL (Constant – 0.1): The voltage the LM393’s output transistor can pull down to. Yours may vary. The expression containing this term can be omitted if you are happy to call it zero.
- VIl: The low battery input threshold voltage
- VIh: The high input threshold voltage i.e. re-enable output when voltage reaches this level
If you wanted to adjust my thresholds, assuming a 12V setup, focus on R1, R2 & R3. Leave R4/R5 as is. If changing to a different voltage / type of battery, then R4/R5 need to be adjusted to bring the voltage at pin 2 within a 2-3 volt range.
If you happen to be producing boards which use Xilinx’s long discontinued classic 5V CPLDs which are purchased as scrap from the far east (which I hope you are not); You may have found that getting quality samples is not so straight forward.
The situation is not so bad for smaller devices, but for the larger ones, it’s tough. One of my projects (8OD) is stuck with the XC95216. Being a 100% 5V design with a swag of 5V bidirectional I/O pins, converting to a modern 3.3V device is completely out of the question.
Without the spare time or willingness to adapt the design to an inevitably ridiculously expensive alternative; I have been dependent on purchasing recycled chips from the far east (typically sold on eBay or AliExpress).
In terms of what arrives in the post, it’s a mixed bag. I’ve had perfect genuinely new batches, and other batches which are in poor physical condition (i.e. scratched, pins bent / missing).
To frustrate matters further, the best (absolutely perfect) batch I received then prompted me to make a second purchase from that same seller. But upon arrival of that parcel, I quickly see that it was sent from a different address, different packaging. Surprise surprise… Some were clearly scrap, and most of them were dead.
Here is a sample of the kinds of errors I find when I assemble boards when dead chips:
Completely sodding’ dead
When dealing with properly dead chips we sometimes see an error like this from iMPACT:
PROGRESS_START - Starting Operation. INFO:iMPACT:583 - '1': The idcode read from the device does not match the idcode in the bsdl File. INFO:iMPACT:1578 - '1': Device IDCODE : 00000000000000000000000000000000 INFO:iMPACT:1579 - '1': Expected IDCODE: 00101001010100010010000010010011
Less than healthy
I have seen quite a few that sort-of work, but fail on the identification stage, like this:
Identifying chain contents...INFO:iMPACT:1585 - '0':The part appears to be of type xc9500, but could not be identified correctly . '0': : Manufacturer's ID = Xilinx unknown part, Version : 1 INFO:iMPACT:1111 - Can't locate bsdl file xc9500.bsd.
This is quite a curious error, as I have had chips, both from the same batch, identical markings etc where one identifies OK, but the other has a bit or two twiddled (i.e. version as shown here).
Avoiding wasting your time with dead chips
I have spent a lot of hours checking soldering, voltages, JTAG signals on my scope etc, all to no avail. I do not know what is involved in recycling these chips but whatever the process, a crapload of them don’t survive it.
Quite how so many end up dead leaves one to ponder, because from my own experiences, they are pretty robust. I have some XC95216’s that have been carelessly soldered/de-soldered 5 times or so by myself, zapped with large electrostatic discharges and even those survived! Perhaps these chips are typically removed from equipment with a propensity for suffering lightning strikes? Are they de-soldered with a flame thrower?
A quick google image search for “Guiyu” gives us a hint of what this business is like. My own guess it that they are killed with excessive temperatures during de-soldering.
Rule of thumb seems to be, if it can be successfully programmed with iMPACT, it’ll work. I have not yet found one that then went on to fail the burn-in test.
And on that note, I took the time to build a simple rig to weed out the duds:
It’s a blank PCB with power, decoupling and JTAG components fitted. I then use a small clamp to press the CPLD onto its footprint on the board, with a block of polypropylene and a layer of adhesive felt to ensure even pressure. To keep it extra high-tech – I’ve also got a pad of post-it notes underneath.
As much as this may not appear to be a reliable mechanism, it most certainly has proven to be. I happened to have preserved a tray of known-good / known-bad chips and when I tested them with this, the good chips – even those weren’t very well cleaned up (i.e. still some solder on them) verified perfectly in this rig.
Last but not least:
If you end up with a bunch of dead chips, use buyer protection to get your money back.
This is a lot easier on AliExpress than eBay
At the very least we may be able to entice recyclers to be a little more cautious.
A little while back I purchased Xeltek’s SuperPro 610P Universal programmer.
It has the odd quirk, but overall it’s done the job. There is one thing however that has always irritated me about this product – This damn thing:
Every time you start their application, or change device, you are prompted with this absolutely f–king useless dialogue, having to dismiss it every time, worse still, it has no OK or Close button. Even more annoying, there is no option to disable the displaying of it in the first place.
Hell, even if there was any useful information on it, that doesn’t mean I want to see it every single time I use the SuperPro!!!
I contacted Xeltek’s customer support about that, they had me go to the trouble of sending my invoice and serial number to them to prove that I in fact had actually paid them a sum of money, and then promptly did absolutely nothing about it, other than tell me that it could not be disabled.
Despite how simple it would be to even change the software to provide an option to disable it, repeated requests to do so were ignored.
Righty. Time to do something about this. 30 minutes behind IDA later we’re onto it. Quickly I can see it is written on the very same tech I cut my own teeth on: Microsoft Foundation Classes (MFC).
Given this, it’s pretty likely that we’ll see a call to _AfxPostInitDialog() at some point during the displaying of a dialog.
Let’s put a breakpoint in there, and bingo! Hop back up the stack a little, and there I find the offending instruction:
The highlighted instruction is in code written by Xeltek, and calls a function which displays that dialogue both when the application starts and when the device type is changed, but not when the “Dev. Info” button is pressed (in the unlikely event I actually want to see that bloody useless dialogue).
So all that needs to be done is remove it.
In the current version at the time of writing (the version dated 07/21/2016) that instruction (opcode 0xE8) and its 4 byte operand is physically located at 0x3373F in SP6100.exe. Replace it with 5 NOP (0x90) instructions, and we’re good.
Now that dialogue is only displayed when the “Dev. Info” button is clicked, which is all I ever wanted to begin with.
Feel free to contact me if you want the patched EXE!
Recently while staying with the folks in New Zealand, I read that (their) consumer focused ISP – 2Degrees (Formerly Snap Internet) is actually offering IPv6 connectivity to customers, no strings attached!
Although not news, this is a pretty significant development for the New Zealand Internet Service Provider market, with almost every other provider very much heads in the sand on the matter.
Being a nation with a small population and in possession of a fairly reasonable stock of IPv4 addresses, it’s not surprising the countries services providers have been procrastinating.
But anyway, the important question: Does it actually work?
A Cisco 877 I left here a number of years ago ought to be up to the task.
First, let’s get IPv6 turned on:
Router(config)#ipv6 unicast-routing Router(config)#interface Dialer0 Router(config-if)#ipv6 enable
And now the important bit – lease an IPv6 prefix from Snap using DHCP and prefix delegation, and name it ‘snap-provided-prefix’ (As an example):
Router(config-if)#ipv6 dhcp client pd snap-provided-prefix
We should pretty much get it straight away:
Router(config-if)#do show ipv6 dhcp interface BVI1 is in server mode Using pool: default Preference value: 0 Hint from client: ignored Rapid-Commit: disabled Dialer0 is in client mode Prefix State is OPEN Renew will be sent in 10:44:15 Address State is IDLE List of known servers: Reachable via address: FE80::200:F:FC00:0 DUID: Preference: 0 Configuration parameters: IA PD: IA ID 0x000B0001, T1 43200, T2 69120 Prefix: 2406:E001:XXXX::/48 preferred lifetime 86400, valid lifetime 86400 expires at Jul 02 2013 10:33 AM (81855 seconds) Information refresh time: 0 Prefix name: snap-provided-prefix Prefix Rapid-Commit: disabled Address Rapid-Commit: disabled
If not, it may be necessary to up/down the Dialer0 interface.
So now we’ve got a prefix, but we can’t do anything with it yet. Let’s add some more stuff, in particular the default route for IPv6:
Router(config-if)#exit Router(config)#ipv6 route ::/0 Dialer0
Now, let’s go into the configuration for the LAN side interface, and setup an address with that prefix we got from Snap:
Router(config)#interface BVI1 Router(config-if)#ipv6 enable Router(config-if)#ipv6 address snap-provided-prefix ::1000:0:0:0:1/64
The last one is a bit of an odd command. The expression “::1000:0:0:0:1/64” sets the last 80 bits of the interface’s address, with the first 48 bits provided by the ISP. If you wanted to allocate another subnet in your network, you could change the “1000” to “1001” for example.
The subnet is /64 as always because this configuration will end up using EUI-64 for address assignment.
It should pretty much stick straight away:
Router(config)#do show ipv6 int br ... BVI1 [up/up] FE80::223:EBFF:FE2F:25D0 2406:E001:XXXX:1000::1 Dialer0 [up/up] FE80::223:EBFF:FE2F:25D0 ... Router(config)#
We’re almost online now, just one more thing: DNS.
I prefer to use stateless DHCPv6 for the configuration of IPv6 DNS servers (a fat lot of good for Android devices) but with RDNSS support almost non existent across mainstream platforms, we’ll have to live with it.
Here we’ll create a DHCPv6 pool just for handing out Snap’s two IPv6 DNS servers:
Router(config)#ipv6 dhcp pool default Router(config-dhcpv6)#dns-server 2406:E000::100 Router(config-dhcpv6)#dns-server 2406:E000::200 Router(config-dhcpv6)#exit
And attach it to the BVI1 interface:
Router(config)#interface BVI1 Router(config-if)#ipv6 nd other-config-flag Router(config-if)#ipv6 dhcp server default
Address configuration is done by ICMP in this configuration, so we’ve got to set the other-config-flag to let clients know to get the DNS servers via DHCP.
At this stage, anything connected to the network should now be online with IPv6. Windows 7+ clients do not need any additional configuration, the same should be true for most Linux distributions.
Running the “ipconfig /all” command on a Windows 7 machine confirms it’s all working nicely:
Here we can see a full IPv6 address on this client which is:
Snap’s prefix (2406:e001) plus our customer prefix (censored) plus the prefix of the local subnet I configured earler (0x1000) and finally this machine’s EUI-64, all together, making a rather long string of digits.
Now the ultimate test: Ask Mr Google that question we’ve all asked at some point:
And there it is. Pretty impressive to be seeing that from New Zealand!
Hang on, we’re not done yet
I shouldn’t have to explain, that there’s no such thing as private IP addresses in IPv6. Everything is public.
So we should put some firewall rules in place to keep those script kiddies out of the home network. I’ve implemented this using reflexive ACLs
ipv6 access-list outbound permit tcp any any reflect tcptraffic-out-ipv6 timeout 30 permit icmp any any reflect icmptraffic-out-ipv6 timeout 30 permit udp any any reflect udptraffic-out-ipv6 timeout 30 ! ipv6 access-list inbound permit icmp any FE80::/64 permit udp any FE80::/64 eq 546 evaluate tcptraffic-out-ipv6 evaluate udptraffic-out-ipv6 evaluate icmptraffic-out-ipv6 !
I’ve left ICMP open on the Link Local interface, in case it’s needed by the ISP for any reason, also I’ve left UDP port 546 open because that’s what’s used by the prefix delegation process.
Now apply that to the Dialer0 interface:
Router(config)#interface Dialer0 Router(config-if)#ipv6 traffic-filter inbound in Router(config-if)#ipv6 traffic-filter outbound out
The above gives us back more or less the level of security we took for granted with NAT IPv4 address sharing.
Getting it working on Android devices
Because Google still have their head up their arses when it comes to the matter of DHCPv6 support, and Cisco not having implemented RDNSS in IOS until v15.4 (the last version for Cisco 877 was 15.1) – the easiest option to make this work is to configure IPv4 DNS servers (configured by DHCPv4) which will give out AAAA records in DNS responses.
Many ISPs (Including Snap’s) don’t. So you’ll have to find some others.
It’s one of the most uninteresting yet inescapable facets of electronics: Sodding’ connectors.
I’ve added this page to detail some commonly found wire to board connectors, and how to crimp their terminals.