Community discussions

MikroTik App
 
mremme
just joined
Topic Author
Posts: 12
Joined: Tue Sep 01, 2020 12:06 pm

[SOLVED] IPv6 TunnelBroker route issue

Thu May 06, 2021 3:11 pm

Hi,

I'm facing an issue with a routing problem (I suppse) on IPv6 side.

I've activated a tunnel with Hurricane Elettric, the tunnel is up, then I advertise the assigned /64 profeix on my lan bridge... clients are getting it but something goes worng in routing:
clients are unable to exit the LAN with the v6 address....

here is the configuration:
[routeradmin@RB4011-Main] > interface 6to4 export
# may/06/2021 13:56:39 by RouterOS 6.48.2
# software id = T0SG-3J8Q
#
# model = RB4011iGS+5HacQ2HnD
# serial number = xxxxxxxxxxxxxx
/interface 6to4
add comment="Hurricane Elettric IPv6 Tunnel Broker" !keepalive local-address=84.bbb.ccc.ddd mtu=1280 name=v6Tunnel-LDN remote-address=216.66.80.26
[routeradmin@RB4011-Main] > ipv6 export
# may/06/2021 13:58:51 by RouterOS 6.48.2
# software id = T0SG-3J8Q
#
# model = RB4011iGS+5HacQ2HnD
# serial number = xxxxxxxxxxxxxx
/ipv6 pool
add name=IPv6-LDN prefix=2001:470:bbbb:26::/64 prefix-length=64
/ipv6 address
add address=2001:470:aaaa:26::2 advertise=no interface=v6Tunnel-LDN
add address=::1 from-pool=IPv6-LDN interface=bridge-LAN
/ipv6 nd
set [ find default=yes ] disabled=yes
add interface=bridge-LAN
/ipv6 nd prefix
add interface=bridge-LAN prefix=2001:470:bbbb:26::/64
/ipv6 nd prefix default
set preferred-lifetime=1d valid-lifetime=1d
/ipv6 route
add distance=1 dst-address=2000::/3 gateway=2001:470:aaaa:26::1
/ipv6 settings
set accept-redirects=no accept-router-advertisements=no forward=no
2 more routes have been dinamically created:
[routeradmin@RB4011-Main] > ipv6 route print
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, o - ospf, b - bgp, U - unreachable 
 #      DST-ADDRESS              GATEWAY                  DISTANCE
 0 A S  2000::/3                 2001:470:1f08:26::1             1
 1 ADC  2001:470:aaaa:26::/64    v6Tunnel-LDN                    0
 2 ADC  2001:470:bbbb:26::/64    bridge-LAN                      0
on RB terminal the ping succeed
[routeradmin@RB4011-Main] > ping 2001:4860:4860::8844
  SEQ HOST                                     SIZE TTL TIME  STATUS                                                                                         
    0 2001:4860:4860::8844                       56 120 23ms  echo reply                                                                                     
    1 2001:4860:4860::8844                       56 120 23ms  echo reply                                                                                     
    2 2001:4860:4860::8844                       56 120 24ms  echo reply                                                                                     
    3 2001:4860:4860::8844                       56 120 52ms  echo reply                                                                                     
    sent=4 received=4 packet-loss=0% min-rtt=23ms avg-rtt=30ms max-rtt=52ms 
there ane no firewall rules yet, there is no dhcpv6 server running on the LAN side

on LAN side, clients are able to ping the bridge interface IPv6 address, the tunnel local v6 address and the remote v6 address, but are unable to connect the internet and the ipv6 test site fail

I'm wondering what I am missing to finalize the configuration for the client side

The neighborhood list start populating with some fe80:: addresses in STALE staus.
But some other devices acquire the correct prefix and became REACHABLE (the are actually Alexa devices), but I'm not sure how to check their connectivity

thanks
regards
Marco
Last edited by mremme on Thu May 06, 2021 6:41 pm, edited 1 time in total.
 
tdw
Forum Guru
Forum Guru
Posts: 1841
Joined: Sat May 05, 2018 11:55 am

Re: IPv6 TunnelBroker route issue

Thu May 06, 2021 5:34 pm

There should not be a need to specify the prefix under /ipv6 nd prefix, normally these are dynamically added based on the interface address.

Nothing obvious, as you can ping the HE gateway [2001:470:aaaa:26::1] from your LAN clients routing is working - have you tried an online traceroute to 2001:470:bbbb:26::1
 
mremme
just joined
Topic Author
Posts: 12
Joined: Tue Sep 01, 2020 12:06 pm

Re: IPv6 TunnelBroker route issue

Thu May 06, 2021 6:02 pm

looks like it's really wired....

traceroute to HE endpoint works fine
C:\Users\marco>tracert 2001:470:1f08:26::1

Traccia instradamento verso tunnel635699.tunnel.tserv5.lon1.ipv6.he.net [2001:470:1f08:26::1]
su un massimo di 30 punti di passaggio:

  1     2 ms    <1 ms    <1 ms  2001:470:1f09:26::1
  2    76 ms    24 ms    24 ms  tunnel635699.tunnel.tserv5.lon1.ipv6.he.net [2001:470:1f08:26::1]

Traccia completata.


traceroute to google DNS fails at first hop, but if I try it from RB, it works fine even calling it from the bridge interface
[routeradmin@RB4011-Main] > /tool traceroute 2001:4860:4860::8844 interface=bridge-LAN 
 # ADDRESS                          LOSS SENT    LAST     AVG    BEST   WORST STD-DEV STATUS                                                                 
 1 2001:470:1f08:26::1                0%    8  25.8ms    25.3    24.9    25.8     0.3                                                                        
 2 2001:470:0:67::1                   0%    8  23.7ms    23.6    23.4    23.8     0.1                                                                        
 3 2001:7f8:4::3b41:1                 0%    8  24.2ms    26.2    23.8      33     3.8                                                                        
 4 2001:4860:0:1100::1                0%    8  24.2ms      24    23.8    24.2     0.1                                                                        
 5 2001:4860:0:1::41db              85..    8 timeout    24.4    24.4    24.4       0                                                                        
 6 2001:4860:4860::8844               0%    7  23.7ms    23.6      23      24     0.3                                                                        
-- [Q quit|D dump|C-z pause]
 
mremme
just joined
Topic Author
Posts: 12
Joined: Tue Sep 01, 2020 12:06 pm

Re: IPv6 TunnelBroker route issue

Thu May 06, 2021 6:40 pm

UPDATE AND FIXED....

looks like is a Windows10 issue....
rebooted the PC did the trick.... I still have problems assignignin prefixes to mobile devices, but for now that's enough!

the configuration looks fine as it is like now.. :P :P

thanks for your help!

Who is online

Users browsing this forum: No registered users and 69 guests