1

I'm facing an odd issue with my IPv6 setup. I've configured it as follows:

/interface 6to4
  add comment="SixXS 6to4 tunnel" local-address=zz.yy.xx.94 (my wan ip) mtu=1280 name=6to4-sixxs remote-address=zz.yy.xx.73 (tunnel endpoint)

/ipv6 address
  add address=2001:aaaa:bbbb:123::2/128 (my ipv6) advertise=no interface=6to4-sixxs
  add address=2001:bbbb:cccc:123::1/64 (subnet for my ipv6 prefix) advertise=yes interface=bridge-lan

/ipv6 route
  add distance=1 dst-address=2000::/3 gateway=6to4-sixxs

Now:

  • I can ping servers from the router (f.e. 2a00:1450:400c:c03::5e)
  • Clients obtain an IPv6 via ND in the correct subnet
  • Pings from the router to a client fails (timeout, ping is not dropped by firewall)
  • Pings from a client to servers fail

What am I missing here?

Bjorn
  • 453
  • 1
  • 5
  • 12
  • Does the client have a listing in the router's ARP table? Is there a WAN accelerator anywhere in between the server and the client? – Colyn1337 Apr 28 '14 at 18:18
  • @Colyn1337: Yes, there is. (address=fe80::60c:ceff:abcd:abcd interface=bridge-lan mac-address=04:0C:CE:xx:xx:xx status="stale"). No WAN accelerator active. – Bjorn Apr 28 '14 at 18:22
  • Any firewalling going on? – MichelZ Apr 28 '14 at 18:26
  • @MichelZ: I've added 3 rules which should allow all traffic (just for testing): input -> accept, forward -> accept, output -> accept – Bjorn Apr 28 '14 at 18:29
  • I'm concerned that the ARP entry is "stale". The router hasn't been able to verify the address. Is the firewall between the client and router, or router and server? – Colyn1337 Apr 28 '14 at 18:31
  • @Colyn1337: the firewall is the built-in firewall on the router. No other firewall is active. I see packets being captured (and accepted) by the rules I've created when I start pinging, but I'm not able to receive a response on my ping on the client. – Bjorn Apr 28 '14 at 18:34

1 Answers1

1

Ok, just came across this thread on the Mikrotik Forums, and it mentions things about routing caches being stuck. I've decided the reboot the router and it fixed my issue.

Weird stuff. Thanks for thinking along, @Colyn1337 and @MichelZ.

Bjorn
  • 453
  • 1
  • 5
  • 12