I'm facing an issue with a routing problem (I suppse) on IPv6 side.
I've activated a tunnel with Hurricane Elettric, the tunnel is up, then I advertise the assigned /64 profeix on my lan bridge... clients are getting it but something goes worng in routing:
clients are unable to exit the LAN with the v6 address....
here is the configuration:
Code: Select all
[routeradmin@RB4011-Main] > interface 6to4 export
# may/06/2021 13:56:39 by RouterOS 6.48.2
# software id = T0SG-3J8Q
#
# model = RB4011iGS+5HacQ2HnD
# serial number = xxxxxxxxxxxxxx
/interface 6to4
add comment="Hurricane Elettric IPv6 Tunnel Broker" !keepalive local-address=84.bbb.ccc.ddd mtu=1280 name=v6Tunnel-LDN remote-address=216.66.80.26
[routeradmin@RB4011-Main] > ipv6 export
# may/06/2021 13:58:51 by RouterOS 6.48.2
# software id = T0SG-3J8Q
#
# model = RB4011iGS+5HacQ2HnD
# serial number = xxxxxxxxxxxxxx
/ipv6 pool
add name=IPv6-LDN prefix=2001:470:bbbb:26::/64 prefix-length=64
/ipv6 address
add address=2001:470:aaaa:26::2 advertise=no interface=v6Tunnel-LDN
add address=::1 from-pool=IPv6-LDN interface=bridge-LAN
/ipv6 nd
set [ find default=yes ] disabled=yes
add interface=bridge-LAN
/ipv6 nd prefix
add interface=bridge-LAN prefix=2001:470:bbbb:26::/64
/ipv6 nd prefix default
set preferred-lifetime=1d valid-lifetime=1d
/ipv6 route
add distance=1 dst-address=2000::/3 gateway=2001:470:aaaa:26::1
/ipv6 settings
set accept-redirects=no accept-router-advertisements=no forward=no
Code: Select all
[routeradmin@RB4011-Main] > ipv6 route print
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, o - ospf, b - bgp, U - unreachable
# DST-ADDRESS GATEWAY DISTANCE
0 A S 2000::/3 2001:470:1f08:26::1 1
1 ADC 2001:470:aaaa:26::/64 v6Tunnel-LDN 0
2 ADC 2001:470:bbbb:26::/64 bridge-LAN 0
Code: Select all
[routeradmin@RB4011-Main] > ping 2001:4860:4860::8844
SEQ HOST SIZE TTL TIME STATUS
0 2001:4860:4860::8844 56 120 23ms echo reply
1 2001:4860:4860::8844 56 120 23ms echo reply
2 2001:4860:4860::8844 56 120 24ms echo reply
3 2001:4860:4860::8844 56 120 52ms echo reply
sent=4 received=4 packet-loss=0% min-rtt=23ms avg-rtt=30ms max-rtt=52ms
on LAN side, clients are able to ping the bridge interface IPv6 address, the tunnel local v6 address and the remote v6 address, but are unable to connect the internet and the ipv6 test site fail
I'm wondering what I am missing to finalize the configuration for the client side
The neighborhood list start populating with some fe80:: addresses in STALE staus.
But some other devices acquire the correct prefix and became REACHABLE (the are actually Alexa devices), but I'm not sure how to check their connectivity
thanks
regards
Marco