I really like the idea of test deployment of IPv6 in the LAN and I would also test IPv6-only or at least IPv6-mostly setup.

For this to happen, I need NAT64 and related DNS version, but found none of it in ROS. Looks like IPv6 is not a priority at all.

The same thing is for external VPN links: I wanted to test VPN over IPv6 but can not use these addresses as tunnel source or destination for ipip or ovpn or sstp links.

So please comment on terms when it'll be close to ready, for I will plan if ROS or other hardware to use for the case.

I always loved ROS for its features but IPv6 is not its strong point, or maybe I'm wrong?

I would also like to see a nat64 implementation.
I have a dual stack connection, so I have an ip4 range and an ip6 range. I have a VM running tayga which is very easy to setup. I can run an ip6 only network using this and the google dns64 servers https://developers.google.com/speed/pub ... docs/dns64. i would really like to run nat64 on the router instead of needing to setup a separate interface, VM and lots of routing rules. Is this on the routeros roadmap at all?
The implementation is pretty simple. Listen for connections on an ip6 address, extract the bottom 4 bytes and send the packet onwards. The tough bit seems to be finding a suitable ip4 address to send it from, but tayga has an existing implementation that runs on different hardware (intel+raspberrypi).
Would anyone from mikrotik be able to comment?
Pete

IPIP won't carry or work with v6 it literally means IPv4 in IPv4. I think Cisco supports IP in IPv6 and MikroTik might too but it'd be a separate tunnel type.

Right now GRE can be used to use IPv6 as transport and either IPv4, IPv6 or both (dual stack) inside the tunnel.

That said, yes MikroTik has a lot of work to do on their IPv6 implementation. The CLI cannot even ping an IPv6 only host by name.

That is correct, I am using GRE over IPv6, both with and without IPsec, successfully on MikroTik routers.
It is the GRE6 Tunnel interface type in add interface.
And IPIPv6 and EoIPv6 are supported as well. So IPIP is possible too when you select the proper interface type.

But NAT64 and so many other required and easy-to-implement features (like route marking, route rules, L7 matching etc etc)
are not available, and there is little visible development (ipv6 is a very rare item in changelogs).
That indeed is unfortunate....

So to say, you can not establish many vpns to ipv6 (ovpn as an example), so little use to deploy ipv6 only in remote office.

ovpn is a toy anyway. maybe useful as a management vpn.
For inter-office VPN you would not use it.

I use parallel GRE and GRE6 tunnels (over IPsec transport) between offices for redundancy.
When IPv4 routing is down between the internet connections and IPv6 still works, VPN function continues.
This has sometimes saved our inter-office connectivity during ISP problems.
(there is an additional L2TP/IPsec over 4G backup in case the entire internet connection fails)

So to say, you can not establish many vpns to ipv6 (ovpn as an example), so little use to deploy ipv6 only in remote office.

Yes basically anything outside of the tunnel protocols does not listen on IPv6. It's either because their developers are inept or they simply refuse to setup the service underneath the hood to listen on both protocols.

They don't seem to realize it's costing them market share but it is and that will only accelerate as people can no longer fail back to IPv4.

I would say, don't hold up your deployment of IPv6. Find another product like PFSense or Cisco's FirePower. Use that and let MikroTik sales know why. The most effective agent of change will be the head of sales walking over to the devs and slapping them of their high horse with a quick smack to the back of the head.

So to say, all I can do with IPv6 on Mikrotik is to set ip IPIPv6 and EoIPv6 tunnels. Neither client PPP links are available to IPv6 server, nor IPv6 PPP server can be set up.

When I have whle network built on Mikrotik it is only natural to look for a way to set up dual-stack or plain IPv6 within LAN, but yet I'm not sure if the support is mature.

Yes basically anything outside of the tunnel protocols does not listen on IPv6. It's either because their developers are inept or they simply refuse to setup the service underneath the hood to listen on both protocols.

The reason likely is that IPv6 support is still an optional package that isn't even enabled by default.
It is probably tricky to have that optional package provide IPv6 features for other protocols that are optional as well (such as PPP).
And they don't want to have a host of IPv6 optional packages, such as PPPv6.

IPv6 should be made a standard part of the system so any other package can rely on its availability.
And then firewall and routing features implemented for IPv4 should be available in IPv6 as well.