Hi everyone.
I’m relatively new to Mikrotik and RouterOS. I have a Chateau LTE18 ax and I got it setup and running.
However, I’m struggling to get IPv6 working correctly.
This is my setup:
Mikrotik router is behind the main router (FritzBox 7520) which provides internet connection, DHCP and DNS etc.
For my RB, WAN is on ether1 and lte1 (lte1 is currently disabled). ether2 - ether5 are members of a bridge.
The bridge/LAN is configured with IPv4 NAT and IPv6 runs without NAT, firewall is disabled for now.
I was able to get IPv6 prefix (DHCPv6 client on ether1 gets a /62 prefix) and my clients get valid IPv6 addresses.
My RB settings:
/interface bridge
add admin-mac=**ELIDED** auto-mac=no comment=defconf fast-forward=no \
name=bridgeLocal protocol-mode=none
/interface ethernet
set [ find default-name=ether1 ] arp=proxy-arp
/interface lte
set [ find default-name=lte1 ] allow-roaming=no band="" disabled=yes \
sms-read=no
/interface list
add name=WAN
add name=LAN
/interface wifi datapath
add bridge=bridgeLocal comment=defconf disabled=no name=capdp
/ip pool
add name=dhcp ranges=192.168.88.11-192.168.88.245
/ip dhcp-server
add address-pool=dhcp interface=bridgeLocal name=dhcp1
/routing bgp template
set default disabled=yes routing-table=main
/interface bridge port
add bridge=bridgeLocal comment=defconf interface=ether2
add bridge=bridgeLocal comment=defconf interface=ether3
add bridge=bridgeLocal comment=defconf interface=ether4
add bridge=bridgeLocal comment=defconf interface=ether5
/ip neighbor discovery-settings
set discover-interface-list=LAN
/ipv6 settings
set accept-router-advertisements=yes
/interface detect-internet
set detect-interface-list=all internet-interface-list=all lan-interface-list=\
all wan-interface-list=all
/interface list member
add disabled=yes interface=lte1 list=WAN
add interface=bridgeLocal list=LAN
add interface=ether1 list=WAN
/interface wifi cap
set discovery-interfaces=bridgeLocal enabled=yes slaves-datapath=capdp
/ip address
add address=192.168.88.1/24 interface=bridgeLocal network=192.168.88.0
/ip dhcp-client
add interface=ether1
/ip dhcp-server network
add address=192.168.88.0/24 dns-server=\
192.168.88.1,192.168.178.30,192.168.178.1 gateway=192.168.88.1 netmask=24
add address=192.168.178.0/24 dns-server=192.168.178.30,192.168.178.1 gateway=\
192.168.178.1 netmask=24
/ip firewall filter
add action=accept chain=input disabled=yes protocol=icmp
add action=accept chain=input connection-state=established disabled=yes
add action=accept chain=input connection-state=related disabled=yes
add action=drop chain=input disabled=yes in-interface-list=!LAN
/ip firewall nat
add action=masquerade chain=srcnat out-interface-list=WAN
add action=accept chain=dstnat disabled=yes dst-address=192.168.88.0/24 \
in-interface-list=LAN
/ip ssh
set allow-none-crypto=yes always-allow-password-login=yes forwarding-enabled=\
both
/ipv6 address
add from-pool=dhcpv6-pool-eth1 interface=bridgeLocal
/ipv6 dhcp-client
add interface=ether1 pool-name=dhcpv6-pool-eth1 pool-prefix-length=62 \
prefix-hint=::/62 request=prefix use-peer-dns=no
/ipv6 nd
set [ find default=yes ] dns=**ELIDED**,**ELIDED** \
hop-limit=64 interface=bridgeLocal other-configuration=yes ra-interval=\
20s-1m
add disabled=yes
add advertise-dns=no interface=ether1
I’m able to ping devices in my LAN by their IPv6 address, but clients are not able to reach the internet with IPv6. Strangely, from within RouterOS I can ping external servers.
My guess is that I have a missing or invalid route or an invalid prefix, but as far as I can tell, I don’t see an error.
Does anybody have an idea or suggestion?
Thanks in advance and kind regards,
PapaNoah