Hi guys, I am struggling with an issue since days and I am out of ideas…
ROS: 6.37.3, RB3011, RB951 as AP, FB7360, Mnet FTTH (dual stack IPv6 with IPv4 option)
My simplified network layout looks like this:
The local forwarded caps and all 8 RB3011 LAN master ports are members of the same bridge.
The issue: Im mangeling vidstream traffic (like youtube) with a layer7 mangle rule. These mangle rules work great as long as I am using e.g. a PC with cable connection (eth8, as shown in the picture). BUT - A mobile device (not logged in to youtube) playing the same movie as the PC is not mangled/queued. I don’t even see any traffic on the RB3011 firewall/connections list.
My MNET provisioned FB got an DHCP ipv6 enabled. ipv6 traffic is not visible in the Mikrotik ipv4 firewall and with ipv6 layer7 filters do not work. Since mobile phones seem to have ipv6 dhcp clients enabled by default I could not see their traffic. On all my other hardware I have have had ipv6 disabled on client side, therefore this traffic was mangled properly.
Solution: I set up a bridge filter in the Mikrotik to drop every ipv6 traffic (disabling ipv6 in the FritzBox was not possible)
