My ISP provides a /64 prefix via DHCPv6 on the pppoe-out interface which I enable and configure to set a default route. I offer this via SLAAC on the LAN bridge0 interface and LAN clients receive a GUA from the /64 and IPv6 works.
I wished to use HE's routed /64 as a secondary IPv6 route with a much higher routing metric / distance.
This is the suggested configuration by HE:
/interface 6to4 add comment="Hurricane Electric IPv6 Tunnel Broker" disabled=no local-address=1xx.xxx.xxx.xx0 mtu=1280 name=sit1 remote-address=216.218.221.42
/ipv6 route add comment="" disabled=no distance=1 dst-address=2000::/3 gateway=2001:470:35:30c::1 scope=30 target-scope=10
/ipv6 address add address=2001:470:35:30c::2/64 advertise=no disabled=no eui-64=no interface=sit1
This is what I setup on my router which receives a /64 (sadly no /56) via a PPPoE tunnel from my ISP:
/interface 6to4 add comment="Hurricane Electric IPv6 Tunnel Broker" disabled=no local-address=1xx.xxx.xxx.xx0 mtu=1280 name=sit1 remote-address=216.218.221.42
/ipv6 route add comment="" disabled=no distance=15 dst-address=2000::/3 gateway=2001:470:35:30c::1 scope=30 target-scope=10
/ipv6 address add address=2001:470:35:30c::2/64 advertise=no disabled=no eui-64=no interface=sit1
I only change distance=15 since that is the only routing parameter used on this router for its 3 WAN uplinks.
But when the tunnel's sit0 interface goes up, LAN clients lose connectivity.
I have confirmed that disabling HE's suggested route fixes IPv6 connectivity:
/ipv6 route add comment="" disabled=no distance=15 dst-address=2000::/3 gateway=2001:470:35:30c::1 scope=30 target-scope=10
Shouldn't my ISP provided IPv6 connectivity continue to work since it has a routing distance of 1, compared to 15 for the HE route?
I tested this some more and the issue appears to only affect failing over to the HE.net tunnel route.
- Disabled HE's suggested (2000::/3) route with a default gw (::/0) instead, assigned it a distance of 2.
- Instead of trying to route the standard /64 prefix, I took a /64 from the /48 HE assigns and announced it via bridge0.
Here's what I found:
If I disable the pppoe-out1 interface and reboot the router, the HE.net tunnel works
If pppoe-out1 is now brought online, it moves LAN clients off the HE.net tunnel, as expected.
However, if I now disable pppoe-out1, the HE.net tunnel takes 10-15 mins to switch to / come online for LAN clients, all IPv6 traffic fails without any ICMP messages for ping etc.
Happy to hear any tips to troubleshoot this :/