Meraki

thomasthomsen

So .. Im trying to configure some IPv6 on my MX, but it behaves very strangely.

So, I configured my IPv6 address on the WAN interface, and its up and active, all good.

My provider routes a /48 to my MX

So on the status page IPv6 Prefixes i define this /48 for WAN1.

On the VLAN page, i then enable IPv6 and manually set for WAN1 a /64 of that /48 prefix.

This seems all good, the MX does not say that this does not work.

I do this for the 4 vlans I have on the LAN side, each with a seperate /64 of course.

Then funny thing happens.

Some interfaces seems to get the ::1 address I have given them

But no link-local and Solicited node multicast addresses.

Others seems to pick a random network in the /48

These interfaces also gets a link-local and Solicited node multicast address.

On the prefix page, some networks show up in vlan binding , others to not (and the ones that do not seems to work - ping -6 from a client works towards the internet).

On the DHCP page, the networks not in the vlan binding prefix status page are not IPv6 available.

The kicker is of course, that at some point it fails, and IPv6 stops working, and I cant figure our why.

But there seems to be something missing, like something is not being provisioned to the MX.

Is this "just a bug" ? anyone got any pointers ?

Thanks

Thomas

thomasthomsen

After applying the correct IPv6 addresses over and over to one of the VLANs it finally showed up correctly in the VLAN assignments on the prefix page, and that vlan now also has link local address and so on.

But the other vlans, not so much.

The fun thing, I can still do ping -6 from these vlans, and I get the correct IPv6 address as I expect.

But for how long .... time will tell.

thomasthomsen

Hmmm perhaps my ISP does do PD ..... I was told they did not.

Stand by 🙂

PhilipDAth

Definately use this method.

You shouldn't need to assign a prefix to each VLAN. You should be able to just allocate a pool, and a subnet out of that pool will get allocated to each VLAN.

thomasthomsen

Well i add a prefix, a /48 for WAN1, on the IPv6 Prefix page of appliance status.

Then I go add a /64 from that /48 on each vlan setting it as manual WAN1 on the vlan page.

And then it behaves strangely.

thomasthomsen

This is what the IPv6 Prefix page looks like now, after waiting and reboots.

I have NO idea where the Reserved prefixes came from.

thomasthomsen

Even the vlan page looks more "right" now. With Link local and Solicited-node multicast address (they where not there before, only the manual IPv6 address I assigned).

What happened ? reboots and patience ?

I have no idea

thomasthomsen

My second site. Same provider. Is also broken on IPv6.

No VLAN assignments on the prefix page, even though the IP subnet has been added on each vlan.

All VLANs do not have the link local or multicast address.

Removed IPv6 network from all VLANs. - or rather I set it to auto.

Removed the prefix from the IPv6 prefix page.

Set the WAN connection to auto for fun.

Set it back to Static

Added prefix again on the prefix page.

Waited to see what would happen.

After a while, all VLANs now have an auto assigned /64 from the /48 prefix seems fine.

I will now try to set the vlan to static IPv6 to see if I can get this to break again, and start over.

There seems to be a "order of operation" that breaks something somewhere.

thomasthomsen

Set the static IPv6 on the VLAN interface.

After a while they where also changed on the IPv6 prefix VLAN assignment page.

VLAN interfaces still have a link local and multicast address.

Should be fine ?

I dont quite know if the MX supports IPv6 pinging from a VLAN interface

thomasthomsen

Well cant get the MX to ping Umbrella from its VLAN interfaces.

But I can get an AP on the management VLAN to ping Umbrella IPv6 ... so I guess everything works.

Meraki

Community

IPv6 - whats going on ?

IPv6 - whats going on ?