ISPs have now supported dynamic IPv6 prefix allocation through PPP. I have 10 such lines, which have been tested and found to assign different IPv4 addresses and IPv6 prefixes to each line. Under my routing, there are about 300 PPPoE users. Before support for dual-stack was available, IPv4 was load-balanced over 10 external lines using PCC. Now that I am preparing to provide dual-stack inside the network, I don’t want to use PCC for the IPv6 part because that would require using NAT66. I would like to use the following methods for triage.
1.Create 10 PPP profiles, such as ad1, ad2, ad3, …, ad10. Each PPP profile is assigned a different IPv4 address range. Use /ip fir mangle to mark different routes and let them travel on different lines;
2.For the IPv6 part, use the obtained prefix for each external line to configure different PPP profiles. Use /ipv6 fir mangle to mark different routes and ensure that they travel on the same line as the IPv4 part.;
3.The difficulty in implementing this is how to assign PPP profiles to the more than 300 users (with no regular pattern for usernames). That is, the first user is assigned ad1, the second user is assigned ad2, and so on until the tenth user is assigned ad10. The eleventh user then assigns ad1 again, and so on. When an external line goes down, such as when pppoe-out2 is not working, the first user is assigned ad1 again, the second user is assigned ad3, and so on until the ninth user is assigned ad10. The tenth user then assigns ad1 again, and so on. After all assignments are complete, disconnect all users and force them to use the newly assigned PPP profile.
Everyone can propose their own better solutions, and those with the ability can provide implementation scripts.
Hi,
After a period of testing, IPv4 and IPv6 coexist on the internal network. The advantage of doing so is that since NAT66 is not used, users can obtain IPv6 global addresses. Combined with DDNS, mobile work is very convenient. The only regret is that if there is a line interruption on an external line, all users’ ppp profiles will change and be forcibly taken offline. I still cannot solve the problem of only changing the ppp profile of users who use the interrupted line.
First, I absolutely agree with @joegoldman regarding what the correct approach would be.
Second, my solution to your required behaviour would be the following:
create a static associative array of the profile names indexed by the pppoe interface names as a global variable using a scheduler running at startup, or set the profile names as comments for the pppoe-client interfaces, or simply name the profiles the same like the pppoe-client interfaces
whenever any pppoe-client interface goes up or down, run a script that will
use a foreach cycle over the list of active pppoe-client interfaces to build a numerically indexed array of profiles to assign.
set the pointer to this array to 0, and run a foreach cycle over the elements of the [/ppp secret find] list that will assign a profile from that numerically indexed array to the client, increment the pointer modulo the size of the array, and remove the pppoe-server interface for that ppp secret row immediately.
But your clients will not be happy if you forcifully change their IPv6 prefix the way you suggest, because it will take time before the change will propagate to their endpoints, so each change in pppoe-client interface state will cause an IPv6 outage to all your clients. Also your router will not be happy as the PPPoE reconnection is quite resource-consuming. So if you have to take this workaround way, I would suggest that when a pppoe-client interface goes down, you only re-assign the profile and restart the tunnels for those clients whose “native” profile corresponds to the interface that went down, of course evenly spreading them across the remaining profiles. In order to use the prefixes again once the pppoe-client interface comes back up, of course you would have to revert the change and restart the tunnels. So noting down the “native” profile in the comment filed of each /ppp secret row, or creating another associative array mapping the ppp secret usernames to native profile names algorithmically at each restart, is necessary for this approach.
The solution I am currently proposing does not require any additional expenses, it is a bit complex to implement using scripts, but it is very interesting:
300 users, 10 external lines, with 30 users assigned to each line. If two lines are interrupted (assuming Line 2 and Line 3), then the 60 users of these two lines will be evenly allocated to Lines 1, 4, 5-10. When Line 2 is restored, the original Line 2 users will resume using this line, and the original Line 3 users will be evenly allocated to Lines 1, 2, 4, 5-10 until Line 3 is restored, and all of these Line 3 users will return to their original positions.
3 or 5 lines interrupted…
My English expression is not very accurate. If someone’s native language is English, please help test the ability of OpenAI to generate scripts for the benefit of the public.