Community discussions

MikroTik App
 
ajgnet
newbie
Topic Author
Posts: 35
Joined: Wed Apr 27, 2022 1:57 am

IPv6 with multiple ISPs how can I provide multiple GUAs (one for each network) with SLAAC and get routing working?

Tue Oct 04, 2022 10:28 pm

I have two ISPs at home, each provides a ::/56 prefix delegation via dhcpv6. My ISPs don't support BGP or anything. I know I can assign ULAs internally and use NPTv6 or NAT66 to map them but it's a hassle since hosts with ULAs revert to IPv4 first by default and frankly, I'd rather not use NAT. Additionally, stateful netmap isn't supported until RouterOS uses Kernel 5.8+. So in the meantime, I am thinking of assigning two GUA prefixes to my internal LAN clients along with a ULA prefix for communication with internal hosts (not routable to internet).
1111:2222:3333:4444::/56 - ISP1
AAAA:BBBB:CCCC:DDDD::/56 - ISP2
fc00::/56 - LAN ULA (not routable to internet)
neighbor discovery
[adm@gw01] > /ipv6/nd/print
Flags: X - disabled, I - invalid; * - default

 0  * interface=sfp-sfpplus1-LAN ra-interval=1m-3m ra-delay=3s mtu=unspecified reachable-time=unspecified
      retransmit-interval=unspecified ra-lifetime=30m ra-preference=medium hop-limit=unspecified advertise-mac-address=yes
      advertise-dns=yes managed-address-configuration=no other-configuration=no dns=fc00::4,fc00::5
One prefix for each ISP along with a ULA prefix that I use for internal hosts
[adm@gw01] > /ipv6/nd/prefix/print
Flags: X - disabled, I - invalid; D - dynamic

 0    prefix=fc00::/64 6to4-interface=none interface=sfp-sfpplus1-LAN on-link=yes autonomous=yes valid-lifetime=infinity
      preferred-lifetime=infinity

 1  D prefix=1111:2222:3333:4444::/64 6to4-interface=none interface=sfp-sfpplus1-LAN on-link=yes autonomous=yes valid-lifetime=5m
      preferred-lifetime=2m30s

 2  D prefix=AAAA:BBBB:CCCC:DDDD::/64 6to4-interface=none interface=sfp-sfpplus1-LAN on-link=yes autonomous=yes valid-lifetime=5m
      preferred-lifetime=2m30s
And here are the 3 networks and addresses on my LAN interface:
[adm@gw01] > /ipv6/address/print where interface=sfp-sfpplus1-LAN
Flags: D - DYNAMIC; G, L - LINK-LOCAL
Columns: ADDRESS, FROM-POOL, INTERFACE, ADVERTISE
 #    ADDRESS                       FROM-POOL         INTERFACE         ADVERTISE
13  G fc00::1/64                                      sfp-sfpplus1-LAN  yes
27  G 1111:2222:3333:4444::1/64     VerizonFios-Pool  sfp-sfpplus1-LAN  yes
32 DL fe80::de2c:6eff:fed6:9866/64                    sfp-sfpplus1-LAN  no
43  G AAAA:BBBB:CCCC:DDDD::1/64     SpectrumTWC-Pool  sfp-sfpplus1-LAN  yes
Hosts on the network get addresses on the 3 networks, as below:
fc00::1428:bbcd:3ef7:6a51
1111:2222:3333:4444:890:4f2d:81dd:5dee
1111:2222:3333:4444:e9a3:bc1f:7377:f63f
AAAA:BBBB:CCCC:DDDD:8b:1ff3:ea74:5804
AAAA:BBBB:CCCC:DDDD:7ba2:7682:23b3
Is this the a good way to do things? I'd like for hosts to be accessible from the internet using the IPs on both networks, and for there to be redundancy of some kind if one of the networks go down. I am not really sure how to set up the routing so that both networks are properly routed at all times. Right now, only 1111: 2222: 3333: 4444:: /56 is able to route through to the internet.
 
Sob
Forum Guru
Forum Guru
Posts: 9119
Joined: Mon Apr 20, 2009 9:11 pm

Re: IPv6 with multiple ISPs how can I provide multiple GUAs (one for each network) with SLAAC and get routing working?

Wed Oct 05, 2022 2:55 am

You'd need policy routing, i.e. two routing tables (one with ISP1 as gateway and another with ISP2 as gateway) and tell router that packets from prefix1 should use one (be routed to ISP1) and packets from prefix2 should use the other (go to ISP2). It can be done using either firewall mangle rules (mark routing) or routing rules. The annoying part is DHCP, because prefixes can change, so you'd need lease scripts to update config.
 
ajgnet
newbie
Topic Author
Posts: 35
Joined: Wed Apr 27, 2022 1:57 am

Re: IPv6 with multiple ISPs how can I provide multiple GUAs (one for each network) with SLAAC and get routing working?

Wed Oct 05, 2022 3:43 am

You'd need policy routing, i.e. two routing tables (one with ISP1 as gateway and another with ISP2 as gateway) and tell router that packets from prefix1 should use one (be routed to ISP1) and packets from prefix2 should use the other (go to ISP2). It can be done using either firewall mangle rules (mark routing) or routing rules. The annoying part is DHCP, because prefixes can change, so you'd need lease scripts to update config.
Thanks, very helpful. Before I go down this path tomorrow, is this commonly accepted practice or is there a better way? If a client has multiple IPv6 GUA addresses, how does it choose which one to use (which in this case, would determine which ISP is used)?

And lastly, I'm familiar with how to set this up using mangle rules but how would one set this up using routing rules? The reason I ask is eventually my router will have l3hw offload support, and my understanding is the l3hw offload bypasses the switch chip, but perhaps if I could do this with routing rules I'd be able to (eventually) use ipv6 l3hw offload.

Who is online

Users browsing this forum: No registered users and 82 guests