Does Mikrotik support getting an address and prefix only via SLAAC or not?
If support exist - how to set up address searching without DHCP?
Please give me any instructions, I can't found nothing useful.
Getting IPv6 only through SLAAC (without DHCP)
My ISP provide IPv6 addresses only through SLAAC (without DHCP).
Does Mikrotik support getting an address and prefix only via SLAAC or not?
If support exist - how to set up address searching without DHCP?
Please give me any instructions, I can't found nothing useful.
Does Mikrotik support getting an address and prefix only via SLAAC or not?
If support exist - how to set up address searching without DHCP?
Please give me any instructions, I can't found nothing useful.
Re: Getting IPv6 only through SLAAC (without DHCP)
My provider gives a /56 per client, using prefix delegation.
All I had to do is to add a
to get the /56. If it does not work with your provider, try "request=address"
After you get a prefix you can get your own address as:
and by default it will advertise the prefix, so any SLAAC capable device in the network will get another address or permanent/temporary addresses from the same /64
Even if you use the dhcp-client, it is doing prefix delegation + SLAAC, not stateful DHCP.
All I had to do is to add a
Code: Select all
ipv6 dhcp-client
add add-default-route=yes interface=ether1 pool-name=mypool request=prefix
After you get a prefix you can get your own address as:
Code: Select all
/ipv6 address
add address=::1 from-pool=mypool interface=bridge
Even if you use the dhcp-client, it is doing prefix delegation + SLAAC, not stateful DHCP.
Re: Getting IPv6 only through SLAAC (without DHCP)
My provider gives a /56 per client, using prefix delegation.
All I had to do is to add a
to get the /56. If it does not work with your provider, try "request=address"Code: Select allipv6 dhcp-client add add-default-route=yes interface=ether1 pool-name=mypool request=prefix
After you get a prefix you can get your own address as:
and by default it will advertise the prefix, so any SLAAC capable device in the network will get another address or permanent/temporary addresses from the same /64Code: Select all/ipv6 address add address=::1 from-pool=mypool interface=bridge
Even if you use the dhcp-client, it is doing prefix delegation + SLAAC, not stateful DHCP.
It's not working. I tried every possible setting. "ipv6 dhcp-client" menu does not work at all, because there is no DHCP.
I don't see IPv6 address, but I can ping IPv6 address.
I don't know how to set it right.
Re: Getting IPv6 only through SLAAC (without DHCP)
There's nothing to support, SLAAC doesn't provide prefixes. If you want your own prefix (which is a sensible thing), you need to convince ISP to rethink their IPv6 strategy.
Excessive quoting is useless and annoying. If you use it, please consider if you could do without it.
Re: Getting IPv6 only through SLAAC (without DHCP)
If the ISP uses SLAAC on the point to point link between you and them then there is a setting that allows the router to get an address that way. I believe it is global though. Makes your device behave like a client as in IPv6 those are the devices that should react to other routers RAs.
They "should" give you a usable prefix some other way like DHCPv6 prefix delegation. They may do SLAAC and DHCPv6 PD but that would be an odd combination at least here in the US.
They "should" give you a usable prefix some other way like DHCPv6 prefix delegation. They may do SLAAC and DHCPv6 PD but that would be an odd combination at least here in the US.
EoIP / MTU Guidance #1 viewtopic.php?f=2&t=121200#p596498
EoIP / MTU Guidance #2 viewtopic.php?f=2&t=121318&p=596676&hil ... tu#p596676
EoIP / MTU Guidance #2 viewtopic.php?f=2&t=121318&p=596676&hil ... tu#p596676
Re: Getting IPv6 only through SLAAC (without DHCP) [SOLVED]
It is probablyIf the ISP uses SLAAC on the point to point link between you and them then there is a setting that allows the router to get an address that way. I believe it is global though. Makes your device behave like a client as in IPv6 those are the devices that should react to other routers RAs.
They "should" give you a usable prefix some other way like DHCPv6 prefix delegation. They may do SLAAC and DHCPv6 PD but that would be an odd combination at least here in the US.
Code: Select all
/ipv6 settings print
forward: yes
accept-redirects: yes-if-forwarding-disabled
accept-router-advertisements: yes-if-forwarding-disabled
max-neighbor-entries: 8192
Re: Getting IPv6 only through SLAAC (without DHCP)
There is one further issue. The DHCPv6 client needs to be able to receive UDP packets on Port 546 through the relevant interface, and your firewall configured as necessary.
Re: Getting IPv6 only through SLAAC (without DHCP)
Not really. It will only allow router to configure address based on RA. But that's it, only one address (*), no prefix. It's not a RouterOS bug or missing feature, SLAAC simply doesn't provide prefixes by design.It will get you a /64, which I hope you can advertise again.
(*) "Speciality" of current RouterOS is that you won't see the address anywhere in user interface.
Excessive quoting is useless and annoying. If you use it, please consider if you could do without it.
Re: Getting IPv6 only through SLAAC (without DHCP)
My ISP refused to support DHCP. I can't use IPv6 yet. I do not want to tune everything by hand without automatic. Addresses change constantly and I need to constantly change the settings, it is not convenient. I'll wait until the ISP turns on DHCP support for IPv6, it will probably be in a couple of years.
Re: Getting IPv6 only through SLAAC (without DHCP)
The problem is not lack of dhcp (personally I prefer manual static config, because unlike with dhcp, it's not so easy to change anytime ISP feels like it, so it's really static), but the lack of your own prefix. That's how it's supposed to work, connect router to ISP, get a prefix and have own separate subnet(s) behind your router. If you can get addresses only using SLAAC, there's no place for your router and your whole subnet is accessible for ISP. It's possible to solve that by using router with ND proxy (RouterOS doesn't have that) or perhaps something can be done with bridge and filters (I didn't test it with IPv6, only with IPv4 in the past), but it's still not good enough.
Excessive quoting is useless and annoying. If you use it, please consider if you could do without it.
Re: Getting IPv6 only through SLAAC (without DHCP)
Did you tried enable router advertisements?
Code: Select all
/ipv6 settings set accept-router-advertisements=yesRe: Getting IPv6 only through SLAAC (without DHCP)
yes, enable.Did you tried enable router advertisements?
Code: Select all/ipv6 settings set accept-router-advertisements=yes
now I had to use manual settings. automatic settings do not work because your ISP does not support DHCP.The problem is not lack of dhcp (personally I prefer manual static config, because unlike with dhcp, it's not so easy to change anytime ISP feels like it, so it's really static), but the lack of your own prefix. That's how it's supposed to work, connect router to ISP, get a prefix and have own separate subnet(s) behind your router. If you can get addresses only using SLAAC, there's no place for your router and your whole subnet is accessible for ISP. It's possible to solve that by using router with ND proxy (RouterOS doesn't have that) or perhaps something can be done with bridge and filters (I didn't test it with IPv6, only with IPv4 in the past), but it's still not good enough.
The problem is solved. but the solution is very inconvenient. you need to adjust your hands.
Re: Getting IPv6 only through SLAAC (without DHCP)
I do realize that it's more than a year after this was a hot topic, but as I got here googling while dealing with the same subject: it obviously depends on how the ISP has implemented it at their side, but normally SLAAC assumes that the prefix advertised by the upstream router is a /64 one, so the ISP should be able to send traffic for the whole /48 (or maybe just /56 depending on what they actually give out to customers) down this line to any neighbor which advertises itself as a router within that /64 (assuming there will be only one such neighbor). If this is the case, there is a way to learn the prefix and use it to update the configuration using a periodically scheduled script....The problem is not lack of dhcp (personally I prefer manual static config, because unlike with dhcp, it's not so easy to change anytime ISP feels like it, so it's really static), but the lack of your own prefix. That's how it's supposed to work, connect router to ISP, get a prefix and have own separate subnet(s) behind your router. If you can get addresses only using SLAAC, there's no place for your router and your whole subnet is accessible for ISP. It's possible to solve that by using router with ND proxy (RouterOS doesn't have that) or perhaps something can be done with bridge and filters (I didn't test it with IPv6, only with IPv4 in the past), but it's still not good enough.
The problem is solved. but the solution is very inconvenient. you need to adjust your hands.
The script first determines the link local address of the ISP's router using /ipv6 neighbor get [find router interface=wan] address and updates the IPv6 default route with that address if it differs from the currently configured one. Then, it pings any public IPv6 address (it is even not necessary that it respons), and lets a rule in /ipv6 firewall mangle capture the source address of the ping echo request to an address-list:
action=add-src-to-address-list address-list=myIpv6Addr address-list-timeout=10s chain=output out-interface=etherX-WAN src-address=2000::/3. What makes this method possible is that the router prefers the global address assigned to the output interface if it is available.
Then, the script cuts the prefix of a required length from the captured address, and uses it as a base to update the /ipv6 pool row (or multiple rows) with possibly longer prefixes. As the prefix may change, the global addresses assigned to router's own interfaces must be configured using the from-pool parameter; to change the prefix of the /ipv6 pool row(s), it is necessary to disable those addresses and re-enable them after the change. The same may be required for DHCP servers using those pools to delegate prefixes to other routers within your internal network.
Instead of writing novels, post /export hide-sensitive. Use find&replace in your favourite text editor to systematically replace all occurrences of each public IP address potentially identifying you by a distinctive pattern such as my.public.ip.1.
Re: Getting IPv6 only through SLAAC (without DHCP)
I'm slightly confused, did you just invent your own non-standard way for assigning prefixes? Not that it couldn't work if both ISP and client agreed on it, but it looks like reinventing the wheel. And critics say that IPv6 is already complicated enough. 
Excessive quoting is useless and annoying. If you use it, please consider if you could do without it.
Re: Getting IPv6 only through SLAAC (without DHCP)
I hesitate to call workarounds inventions. The subject of the OP was that the ISP requests the client to use SLAAC and doesn't support DHCP, and the last update stated that it works the suggested way but the configuration needs to be updated manually whenever the assigned IPv6 prefix changes. This means to me that there is something else connected to the router on IPv6, as otherwise there would be no need to update any configuration (if everything was bridged with WAN, everything would be using SLAAC in the single /64).
So my workaround just covers the part of finding out the complete address generated by SLAAC (which ROS hides from the administrator) and using its prefix.
So my workaround just covers the part of finding out the complete address generated by SLAAC (which ROS hides from the administrator) and using its prefix.
Instead of writing novels, post /export hide-sensitive. Use find&replace in your favourite text editor to systematically replace all occurrences of each public IP address potentially identifying you by a distinctive pattern such as my.public.ip.1.
Re: Getting IPv6 only through SLAAC (without DHCP)
I don't remember if I initially missed OP's last response, but it doesn't make much sense. If ISP has router with SLAAC, then all you get is one directly connected /64. If you connect router's WAN there, then you have nothing to assign to LAN behind it. Not without ND proxy. It could work with something like you described, but I'm not aware of any such standard, so what would ISP configure anything like that when no standard router would support it? I know, people do crazy things, but it's still weird.
Excessive quoting is useless and annoying. If you use it, please consider if you could do without it.
-
-
linGeRvanTAt
just joined
- Posts: 4
- Joined:
Re: Getting IPv6 only through SLAAC (without DHCP)
A bit late but just my experience:
You are right about WAN/LAN and the then required DHCPv6 prefix delegation. However, just to add another scenario for SLAAC-only, because my ISP behaves the same way: I am the ISP. I want to access my MikroTik (which is configured with the QuickSet ‘WISP AP’ / bridge) via IPv6 ULA. My network does not have a stateful DHCPv6 server because I do not have a static but a dynamic IPv6 prefix. And finally, my MikroTik bridge, which does not do any routing, does not need a whole prefix delegated. Consequently, I went for nostromog‘s trick. Thanks!it doesn't make much sense