Hello community.
My first Mikrotik but I'm not so new to networking.
I have working ipv4 with no issues.
bridge1 and it`s slave interfaces wifi1 and wifi2 are in internal network - ether1 is wan interface
DHCP client is able to receive ipv6 address and prefix
and configured DHCP server able to deliver it to client (my laptop)
i can ping from router outside world ipv6 addresses (cloudflare dns \ google)
But i cant reach any outside resources from laptops that are behind router
I can ping from laptop router via link-local address (and vice-versa as well)
but sending ping to 2606:4700:4700::1111 (cloudflare dns) not getting any response
what i tried:
adding IPv6 -> Firewall -> Forward policy with "all to all" and "bridge1 to ether1" - no change
adding IPv6 -> Firewall -> Nat - srcnat with accept with dst iface of ether1 - no change
adding IPv6 -> Firewall -> Nat - srcnat with masquerade and dst iface of ether1 - no change
adding IPv6 -> Firewall -> Nat - srcnat with srcnat and setting of ipv6 address i got from dhcp as TOaddress - no change
i have feeling im missing something simple that will actually enable the "routing" of the packets
please help and thank you beforehand for your time
Code:
# 2024-12-30 09:26:09 by RouterOS 7.16.2# software id = NAY9-JVHV## model = C52iG-5HaxD2HaxD# serial number = *******/interface bridgeadd fast-forward=no name=bridge1 port-cost-mode=short/interface wifi channeladd band=2ghz-ax disabled=no name=channel2add band=5ghz-ax disabled=no name=channel5/interface wifi datapathadd bridge=bridge1 disabled=no name=datapath1/interface wifi securityadd authentication-types=wpa2-psk,wpa3-psk disabled=no group-key-update=1h \ name=sec1/interface wifi configurationadd chains=0,1 channel=channel2 country="United States" datapath=datapath1 \ disabled=no mode=ap name=cfg2 security=sec1 ssid=Litevska46 tx-chains=0,1add chains=0,1 channel=channel5 country="United States" datapath=datapath1 \ disabled=no mode=ap name=cfg5 security=sec1 ssid=Litevska46 tx-chains=0,1/interface wifiset [ find default-name=wifi1 ] configuration=cfg5 disabled=noset [ find default-name=wifi2 ] configuration=cfg2 disabled=no/ip pooladd name=dhcp_pool0 ranges=192.168.7.1-192.168.7.200/ip dhcp-serveradd address-pool=dhcp_pool0 interface=bridge1 lease-time=20h30m name=dhcp1/dudeset enabled=yes/interface bridge portadd bridge=bridge1 hw=no interface=ether2 internal-path-cost=10 path-cost=10add bridge=bridge1 hw=no interface=ether3 internal-path-cost=10 path-cost=10add bridge=bridge1 hw=no interface=ether4 internal-path-cost=10 path-cost=10add bridge=bridge1 hw=no interface=ether5 internal-path-cost=10 path-cost=10/ip firewall connection trackingset udp-timeout=10s/ip neighbor discovery-settingsset discover-interface-list=!dynamic lldp-mac-phy-config=yes \ lldp-max-frame-size=yes lldp-med-net-policy-vlan=1 lldp-vlan-info=yes/interface wifi provisioningadd action=create-enabled disabled=no master-configuration=cfg2 \ supported-bands=2ghz-axadd action=create-enabled disabled=no master-configuration=cfg5 \ supported-bands=5ghz-ax/ip addressadd address=10.14.193.82/30 interface=ether1 network=10.14.193.80add address=192.168.7.254/24 interface=bridge1 network=192.168.7.0/ip dhcp-server networkadd address=192.168.7.0/24 dns-server=10.255.255.10,10.255.255.20,8.8.8.8 \ gateway=192.168.7.254/ip dnsset servers=10.255.255.10,10.255.255.20,8.8.8.8/ip firewall natadd action=masquerade chain=srcnat dst-address=!192.168.7.0/24 src-address=\ 192.168.7.0/24/ip ipsec profileset [ find default=yes ] dpd-interval=2m dpd-maximum-failures=5/ip routeadd disabled=no dst-address=0.0.0.0/0 gateway=10.14.193.81 routing-table=main \ suppress-hw-offload=no/ipv6 dhcp-clientadd add-default-route=yes interface=ether1 pool-name=ipool request=\ address,prefix/ipv6 ndset [ find default=yes ] hop-limit=64 interface=bridge1 \ managed-address-configuration=yes other-configuration=yes/ipv6 nd prefixadd autonomous=no interface=bridge1/system clockset time-zone-name=Europe/Prague/system identityset name=AP/system noteset show-at-login=no/system ntp clientset enabled=yes/system ntp client serversadd address=10.255.255.10add address=10.255.255.20/tool snifferI have working ipv4 with no issues.
bridge1 and it`s slave interfaces wifi1 and wifi2 are in internal network - ether1 is wan interface
DHCP client is able to receive ipv6 address and prefix
and configured DHCP server able to deliver it to client (my laptop)
i can ping from router outside world ipv6 addresses (cloudflare dns \ google)
But i cant reach any outside resources from laptops that are behind router
I can ping from laptop router via link-local address (and vice-versa as well)
but sending ping to 2606:4700:4700::1111 (cloudflare dns) not getting any response
what i tried:
adding IPv6 -> Firewall -> Forward policy with "all to all" and "bridge1 to ether1" - no change
adding IPv6 -> Firewall -> Nat - srcnat with accept with dst iface of ether1 - no change
adding IPv6 -> Firewall -> Nat - srcnat with masquerade and dst iface of ether1 - no change
adding IPv6 -> Firewall -> Nat - srcnat with srcnat and setting of ipv6 address i got from dhcp as TOaddress - no change
i have feeling im missing something simple that will actually enable the "routing" of the packets
please help and thank you beforehand for your time
Statistics: Posted by masaykh — Mon Dec 30, 2024 9:52 pm