I was thinking about making a script that will ping different IPv6 addresses and change the advertise flag of the pools from each WAN link to yes or no depending on their availability.
I’m not sure if I’m making this more complicated that it is or if the workstations/devices in my local network will be able to change the IPv6/router quickly but that’s the only solution that I thought so far.
I couldn’t find any information about this, so sharing your ideas/setup would be nice
That’s not viable in IPv6 because there’s no NAT functionality for IPv6 in ROS.
If they did at least offer prefix translation, then you could use NAT-prefix-translation (I forget which NAT acronym it is) to masquerade the source when going out the backup ISP…
You could have multiple concurrent prefixes - one from each ISP, and use policy routing to force each prefix over the correct ISP. You’d need a really short lifetime in the RA messages so that hosts would drop the bad prefix very quickly if the primary fails, though.
Ideally, the world would be running on MPTCP and SCTP and thus be able to benefit from both paths on their own without fancy involvement from the router.
There is no technical difference between regular IPv6 addresses and Unique Local Addresses (RFC 4193 https://tools.ietf.org/html/rfc4193). You can use both at the same time on your LAN without any problem. To prevent ULA’s from leaking to the outside world, the RFC instructs to block them at the site border:
Site border routers should respond with the appropriate ICMPv6 Destination Unreachable message to inform the source that the packet was not forwarded. [ICMPV6]. This feedback is important to avoid transport protocol timeouts.
In RouterOS this is achieved by adding this line to the routing table:
Wouldn’t it be feasible to take the same approach when it comes to IPv6 WAN failover? Just advertise and use the prefixes from both ISP’s on the LAN, use policy routing to force each prefix over the correct ISP and block at the border router the prefix that shouldn’t be used at that time? It probably takes some scripting to detect the failover situation and to subsequently change the corresponding rules in the routing table.
I haven’t tested this setup yet, but I suppose it could work this way without too much overhead, at least if your site isn’t too big. I think I’ll give it a try later this or next week.
Yeah - I hadn’t noticed that either, but I’m not surprised. Basic functionality in IPv6 is there for ROS, but most of the “fancy” behaviors we’re used to doing in v4 just aren’t available in v6 - some of this is due to the differences in v6, but many things just feel “under-implemented” at the moment.
I’m really anticipating ROSv7 and hoping that a lot of functionality is added in v6.
