Page 1 of 1

6rd and direct communication inside ISP IPv6 prefix

Posted: Wed Feb 03, 2021 12:40 am
by onovy
Hi,

my ISP have IPv6 using 6rd (sit) tunnel.

I have 6to4 interface:
/interface 6to4
add !keepalive \
  local-address=<my public IPv4 address> \
  mtu=1479 \
  name=6rd \
  remote-address=<6rd gateway ISP IPv4 address>
IPv6 address:
/ipv6 address
add address=<my public IPv6 address> interface=LAN
ISP IPv6 prefix is 2a01:4240::/32.

<my public IPv6 address> is computed:
2a01:4240:<my public IPv4 address>::1/64
Example:
IPv4: 10.1.2.3
IPv6: 2a01:4240:a01:203::/64

IPv6 route:
/ipv6 route
add distance=1 dst-address=2000::/3 gateway=6rd
IPv6 connection to internet works perfectly fine. But problem is when i try to communicate with IP in 2a01:4240:/32 subnet (other than my local network).

So for example:

Location 1:
IPv4: 10.1.2.3
IPv6: 2a01:4240:a01:203::/64

communicates with:

Location 2:
IPv4: 10.1.2.4
IPv6: 2a01:4240:a01:204::/64

2a01:4240:a01:203::1 send icmpv6 to 2a01:4240:a01:204::1. IPv6 packet is encapsulated inside 6in4 packet, src ipv4 is 10.1.2.3 and dst ipv4 is <6rd gateway ISP IPv4 address>. But that's wrong, because communication inside ISP IPv6 prefix should not go to <6rd gateway ISP IPv4 address> but directly to other location, thus dst ipv4 should be 10.1.2.4. Obviously still encapsulated inside 6in4 packet.

This picture shows how data should flow (not my image):
Image

This setup worked fine before, but ISP upgraded 6rd gateway to new Linux kernel, which blocks communication inside 2a01:4240:/32. Details: https://patchwork.ozlabs.org/project/ne ... ktion.org/

Is there any way to route IPv6 traffic directly without 6rd gateway, encapsulate in 6in4 but only when it's "inside ISP network"? And use 6rd gateway otherwise.

Thanks.