L2TP over PPPoE

Started by loonylion, September 24, 2025, 06:06:29 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
September 24, 2025, 06:06:29 PM
Hi Forumites,

I'm looking into getting FTTP at home, however there is only one single provider at this location (v. rural postcode in North West England, the FTTP provider is an altnet that deployed with public money because we aren't 'commercially viable' for Openreach or anybody else). Unfortunately this provider uses the abomination known as CGNAT, which can be avoided on their business packages by taking the static IP option, but they do not (yet, they said it's planned but they can't give a timeframe) offer IPV6, which I need because the house phone system doesn't work over IPv4 NAT.

I have in the past used HE.net tunnelbroker for IPv6, however it caused quite a few different sites to have tantrums because the IPv6 address geolocated to America and not the UK.

There is a small 'specialist/enthusiast' ISP in the UK that offers an L2TP tunneling service for the express purpose of allowing customers of other ISPs to bypass CGNAT and also gain IPv6 connectivity when they can't otherwise.

My query is, therefore, given that the FTTP provider almost certainly uses PPPoE authentication (UK ISPs seem to love it rather than use the superior more modern alternatives), is it possible to set up an L2TP tunnel such that it runs over the top of the PPPoE WAN link, and if so do I need to do anything special to make it happen?

Alternatively, if anyone knows of a tunnelbroker that can provide UK geolocated IPv6 addresses, then that would certainly be an option.

Thanks all.
Deciso DEC2770
September 24, 2025, 06:23:35 PM #1
To my knowledge there is no L2TP functionality out of the box (without using some command line tools to set it up yourself)

What Ive seen most in these cases is GRE which is fully supported, though needs static addressing (meaning the provider IP and your IP should not change).

If the tunnel must be layer 2 over layer3, there is also vxlan.

Routing the network to you via ipsec would also be a nice alternative.

But l2tp is an issue :)
Hardware:
DEC740
September 24, 2025, 06:34:06 PM #2
L2TP is indeed present in the webUI, and GRE is what I used for the HE.net tunnelbroker back when I used it before, and I wouldn't be opposed to using it again, if I can get IPv6 addresses/prefix that geolocate to the UK and are registered to a UK entity to avoid sites getting upset that I appear to be in America (primarily online banking and can also affect streaming like iplayer)
Deciso DEC2770
September 24, 2025, 06:44:29 PM #3 Last Edit: September 24, 2025, 06:46:03 PM by Monviech (Cedrik)
Oh right I just saw its also under point to point devices.

Im definitely not sure if you can stack a point to point device onto another one (e.g existing pppoe). I have pppoe too and I cannot select that interface as link interface for L2TP. So it might seem like thats not possible? But unsure!

I could select the VLAN which is the link interface for the PPPoE interface. Maybe you can select that or the parent interface (e.g ethX)
Hardware:
DEC740
September 25, 2025, 06:14:16 PM #4
I'm thinking maybe the best approach would be to set up a HE.net IPv6 tunnel ONLY for the phone system, and reverting the rest of the network back to IPv4 only until such time as the ISP get their act together on IPv6.
Deciso DEC2770
September 29, 2025, 01:02:29 PM #5
Stacking tunnels is likely not the most stable option. We do have L2TP, but only as an alternative to PPPoE, unless the ISP does PPPoE v4 and L2TP v6 or some other weirdness. In the past, ISPs would use L2TP in rare instances on the WAN interface, but provide all of the connectivity (well, all as in IPv4 as back in the day).


Cheers,
Franco
Print
Go Up Pages1
User actions