In the concepts of IPv6 it is foreseen that multicast traffic can be forwarded between subnets in the ULA address space, if the multicast address is beyond FF02, like FF05, FF08, FF0E. So for instance in BACnet it is foreseen that multicast messages can be sent on FF02::BAC0, FF05::BAC0, FF08::BAC0 and FF0E::BAC0 to discover other devices. I was trying to get this working on a CCR2004-a6G-2S+ which is running 7.18.2.
I have defined two bridges
0 R ;;; defconf
name="bridge1" mtu=auto actual-mtu=1500 l2mtu=1596 arp=enabled arp-timeout=auto mac-address=F4:1E:57:6F:77:9C protocol-mode=rstp fast-forward=no igmp-snooping=no
auto-mac=yes ageing-time=5m priority=0x8000 max-message-age=20s forward-delay=15s transmit-hold-count=6 vlan-filtering=no dhcp-snooping=no port-cost-mode=long mvrp=no
max-learned-entries=auto
1 R name="bridge2" mtu=auto actual-mtu=1500 l2mtu=1596 arp=enabled arp-timeout=auto mac-address=F4:1E:57:6F:77:A0 protocol-mode=rstp fast-forward=no igmp-snooping=yes
multicast-router=temporary-query multicast-querier=yes startup-query-count=2 last-member-query-count=2 last-member-interval=1s membership-interval=4m20s
querier-interval=4m15s query-interval=2m5s query-response-interval=10s startup-query-interval=31s250ms igmp-version=3 mld-version=2 auto-mac=yes ageing-time=5m
priority=0x8000 max-message-age=20s forward-delay=15s transmit-hold-count=6 vlan-filtering=no dhcp-snooping=no port-cost-mode=long mvrp=no max-learned-entries=auto
A couple of ports are assigned to each bridge:
0 ether2 bridge1 no 1 0x80 none
1 I ether3 bridge1 no 1 0x80 none
2 I ether4 bridge1 no 1 0x80 none
3 I ether5 bridge2 no 1 0x80 none
4 ether6 bridge2 no 1 0x80 none
5 ether7 bridge2 no 1 0x80 none
6 ether8 bridge2 no 1 0x80 none
And each bridge has an IPv6 address assigned
0 G fd10:dead:beef:1::1/64 pool_ULA_1 bridge1 yes
1 G fd10:dead:beef:2::1/64 pool_ULA_2 bridge2 yes
This setup works fine, devices connected to the respective bridge generate a proper individual IPv6 address via SLAAC. I have enabled IPv6 forwarding, so the devices can reach each other via direct communication like ping. When I execute
ping -6 ff02::bac0
then all the devices on the local IPv6 subnet respond. When I execute
ping -6 ff08::bac0
then the devices from the local subnet respond, but not from the other subnet - which is expected, since by default it is not forwarded.
Looking through the documentation, I think I need to set up PIM SM https://help.mikrotik.com/docs/spaces/ROS/pages/61767728/PIM-SM. So I have configured that:
/routing pimsm instance
add afi=ipv4 disabled=no name=pimsm-instance1 vrf=main
add afi=ipv6 disabled=no name=pimsm-instance-ipv6 vrf=main
/routing pimsm interface-template
add disabled=no instance=pimsm-instance1 interfaces=bridge1,bridge2
add disabled=no instance=pimsm-instance-ipv6 interfaces=bridge1,bridge2
But still,
ping -6 ff08::bac0
leads to no response from the other subnet. I have also seen with Wireshark that the multicast package doesn’t reach the other side.
Does anybody have experience with IPv6 multicast forwarding? Is this supported? Did I just not properly configure that?
Thanks for any advice.