*) ppp - added "ipv6-routes" parameter to "secrets" menu; *) ppp - added support for "Framed-IPv6-Route" RADIUS attribute; *) ppp - allow specifying pool name for "remote-ipv6-prefix-pool" parameter; Does any of these changes mean it will help with this https://forum.mikrotik.com/viewtopic.php?f=13...

... who's wondering ? we have IPv6 running for over 10 years in the provider-production-environment ... but who's using ? in EMEA or AMER (without BETA-Feeling) ? Noises heard: it's running big time in the "chinese-internet" (and they wanna be part of the standardization-process ... [they invented ...

I have an FTTH GPON connection as well with a bridged ONT (simple media converter). The problem with manual port forwarding is you need to bind each device in your home with a static IP and then you need to manually add port forwarding rules for each of the ports you require, each protocol, each sta...

Can anyone please confirm wheather IPv6 accounting is added to ROS v7? IP(v4) Accounting has been removed in RouterOS v7. So certainly there has been no IPv6 Accounting added. Accounting should now be done using Netflow (IP->Traffic Flow) which already supports IPv6 in RouterOS v6. Thank You for th...

The problem has been solved, posted the fix details on my Reddit thread: https://www.reddit.com/r/mikrotik/comme ... uteros_647

Hope it helps someone out there who may have the same issue.

So after settings up my RouterBoard with many changes here and there, I realised that: LAN-to-LAN cannot ping/reach other RouterOS cannot ping LAN devices LAN devices can ping RouterOS LAN to WAN, WAN to LAN works All LAN devices have the internet working and no problems with port forwarding etc. I'...

# Identify VoIP add chain=prerouting action=mark-connection new-connection-mark=VOIP port=5060-5062,10000-20000 protocol=udp passthrough=yes comment="VOIP" add chain=prerouting action=mark-packet connection-mark=VOIP new-packet-mark=VOIP passthrough=no Does this account for all VoIP like VoWiFi, Go...

It also looks like the mangle rules for tcp-mss-clamping aren't required anymore: viewtopic.php?t=122019#p781363

I am operating a couple of WiFi networks at company locations where 200-500 clients are connected every day (Android, Apple, Windows, ChromeOS etc) and out of those I see maybe 3-10 that are not actively using IPv6. Maybe they have disabled it somehow. But then, we do not have dynamic prefixes. One...

Another small hack I came up with is to reduce the preferred and preferred-lifetime & valid-lifetime to 2 hours in ND>Prefix, it seems to work and forces the client devices to refresh IPv6 addresses every two hours or at least drop whatever it used after 2 hours, but again this is dirty and not a c...

Your local systems remembering old prefixes after the ISP has changed them can be considered a RouterOS bug or at least limitation. (it should send an RA with the old address and zero lifetime when it withdraws the old address to set the new one, but it doesn't) IMO, its a bug but yes perhaps a cur...

Yes on the router. But make sure your clients are correctly setup as well. So I have 3 OSes on my clients, iOS, Windows and Android. I cannot disable "privacy extensions" on iOS nor on Android, and on Windows, if it's disabled, router discovery would also be disabled. On RouterOS, I unchecked "Adve...

I think mozerd did not understand the root cause of the problem. @pe1chl, yes you are correct in that I did not understand the root cause of the problem expressed by @DarkNate My apologies to DarkNate ... I do not use PPPoE -- mine is DHCP ..... but I do have similar behavior that DarkNate exposes ...

You will have permanent pain when you cannot get 1500 byte MTU and no way to communicate smaller MTU to the client (like in a ND). Make sure you do not set the clients to "managed address" (DHCPv6 client), it will not work. It has to be SLAAC (router sends RA). Also it appears that in some of my se...

What are "privacy extensions"? Privacy extensions means the client will not use the MAC-derived fixed IPv6 address structured like prefix:xx:xx:xx:ff:fe:xx:xx:xx but will change IPv6 address regularly. (different random addresses prefix:xx:xx:xx:xx:xx:xx:xx:xx so no ff:fe in the middle and not look...

First try to reproduce the issue without any firewall other than "accept established/related", "accept icmpv6 (no further qualifiers)" and "accept new outgoing". That is the default configuration. Yes, I've done this and was able to reproduce the same issue. And yes, at the moment, IPv6 firewall is...

There must be a mistake somewhere. When everything is configured like I mentioned it just works. The reason you can reach some sites and not others when you have this error is that some sites block ICMP (clueless firewall admins) and the same thing happens with IPv4. I've shared my IPv6 config. Doe...

I emailed them. Let's hope they can resolve this. I linked them to thread in the email. I think mozerd did not understand the root cause of the problem. The issue is that the MTU information obtained from the ISP (the interface MTU) is not communicated (via the route table and the IPv6 ND) to the c...

IPv6 large packet fail This probably means that your internet connection does not have MTU 1500 but a smaller value. Check what the MTU value is and if you can raise that to 1500. E.g. when you use PPPoE there is a Max MTU and Max MRU field in the settings, put 1500 there and see if it works and th...

Is there anything wrong with my IPv6 configuration? Your ipv6 config is fine I agree that this should not be happening and my suggestion is only a temporary fix. Inquire with MikroTik Support support@mikrotik.com and see what they have to suggest. I emailed them. Let's hope they can resolve this. I...

My suggestion for your issue (I have experienced the very same thing) is to do the following: When the IPv6 tests fail go to Winbox ipv6 dhcp Client then highlight the connection and Release wait 5 seconds then Renew Now go back to your test sites and test again ...... when i do that the test sites...

Is it possible for a Mikrotik router to receive a public IPv6 IP with SLAAC? I use SLAAC with the following settings that may be helpful for you: /ipv6 dhcp-client add add-default-route=yes comment="delgate ISP-assigned prefix" interface=\ ether1 pool-name=ipv6 prefix-hint=::/56 request=address,pre...

We need more people to contribute to this Cloudflare thread I created about DoH issues: https://community.cloudflare.com/t/cloudflares-doh-request-is-being-rejected-dropped-when-request-is-sent-from-a-mikrotik-routeros-device/184158/6 It is probably only your ISP or setup issue, we are using DoH Cl...

I've read multiple sources including official documentation and watched YouTube videos, but no matter what I've tried, IPv6 isn't working as it should. My devices do get IPv6 addresses and they can reach some IPv6 sites but fails IPv6 tests (IPv6 large packet fail) and they cannot be pinged from the...

We need more people to contribute to this Cloudflare thread I created about DoH issues:
https://community.cloudflare.com/t/clou ... e/184158/6