Community discussions

MikroTik App
 
eduardosilva
just joined
Topic Author
Posts: 24
Joined: Tue Dec 13, 2011 11:33 pm

Help troubleshooting ipv6

Mon May 03, 2021 6:19 pm

Hello there, finally I received ipv6 at my home and decided to learn more about it.
I've followed the advice on this topic: viewtopic.php?t=136994#p674995 and had some "partial success".

Describing my scenario:
2 ISPs connected to my Mikrotik and one LAN.
I'm using bridges for LAN and also each ISP (WAN-1 and WAN-2). Only WAN-2 is working with ipv6.
RouterOS 6.48.2

/ipv6 dhcp-client
add add-default-route=yes interface=WAN-2 pool-name=wan2-poolv6 rapid-commit=no request=prefix

/ipv6 address
add address=::1 advertise=yes from-pool=wan2-poolv6 interface=LAN

/ipv6 settings print  
                       forward: yes
              accept-redirects: yes-if-forwarding-disabled
  accept-router-advertisements: yes
          max-neighbor-entries: 8192

/ipv6 nd print 
Flags: X - disabled, I - invalid, * - default 
 0  * interface=LAN ra-interval=3m20s-10m ra-delay=3s mtu=unspecified reachable-time=unspecified retransmit-interval=unspecified ra-lifetime=30m 
      hop-limit=unspecified advertise-mac-address=yes advertise-dns=yes managed-address-configuration=no other-configuration=yes 

/ipv6 route print 
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, o - ospf, b - bgp, U - unreachable 
 #      DST-ADDRESS              GATEWAY                  DISTANCE
 0 ADS  ::/0                     fe80::1%WAN-2                   1
 1 ADC  2804:aaaa:bbbb:f400::/64   LAN                             0
 2  DSU 2804:aaaa:bbbb:f400::/64                                   1

/ipv6 firewall filter
add action=accept chain=forward

With this configuration, I do receive ipv6 on my internal network. but I can't reach "the v6 internet".

After some testing, I noticed the following (all ipv6 related):
- My lan devices are able to ping each other
- When I try to ping an outside host, I receive timeout.
- I tried to ping google's dns, and watched the result, using torch on LAN interface, I can see my computer sending the ping packets. If I try to run torch on WAN-2 interface, there is no trace of the ping there.
- I've checked the gateway fe80::1%WAN-2 and it does answer correctly on this interface.
- my ipv6 firewall was empty, just in case, I've added an accept to forward and watched the packet count increase after each ping.

Any ideas of where to look?

Thank you!!