WiFi clients can then connect to that hAP ax³ and get an IPv6 address within that pool. These clients then get successful results when visiting the usual IPv6 test sites.
My problem is, none of the wired clients are able to do the same thing, not even the CRS328 connected directly to that router:
The "client" in that diagram is a macOS machine with both wired and wireless interfaces. It gets a publicly-routable IPv6 on its WiFi interface, but on its Ethernet link it gets only link-local addresses. When I went digging to find out why, I found that the CRS328 isn't getting a routable IPv6 address, either.
I can manually assign both of these devices IPv6 addresses from the PD pool my ISP gave me, and it does work, but I thought IPv6 was supposed to distribute addresses from that pool automatically via ND. It's important to me that it do this because my ISP doesn't guarantee that these prefixes are permanently assigned. I've seen it change at least once, and I need that change to ripple through the LAN automatically when this happens.
I do have all ports along the diagram's path marked as "Trusted" and to allow flooding of unknown multicast, to allow the NDP messages through. IGMP snooping is enabled on all RouterOS devices, with the MLD version set to 2.
I tried looking at the docs and searching the web, but everything I found talks only about the border gateway router case. Nobody seems to want to talk about the next obvious steps, getting the switch(es) behind the router addressed, then the clients behind those switches.
The output of "/ipv6/export" on the CRS328 is empty unless you give "verbose" to give the default ND rules:
Code: Select all
/ipv6 nd
set [ find default=yes ] advertise-dns=yes advertise-mac-address=yes disabled=no hop-limit=\
unspecified interface=all managed-address-configuration=no mtu=unspecified \
other-configuration=no ra-delay=3s ra-interval=3m20s-10m ra-lifetime=30m ra-preference=medium \
reachable-time=unspecified retransmit-interval=unspecified
/ipv6 nd prefix default
set autonomous=yes preferred-lifetime=1w valid-lifetime=4w2dI would have thought that would be enough to get an IPv6 address on the CRS328 from the ax³ at least. Doesn't the autonomous=yes bit tell the switch to send NDP messages and obey whatever stateless IPv6 config results?
I doubt the problem is with the hAP ax³ since if that were the case, why are WiFi clients working properly? The radios' interfaces are bridged together with the wired interfaces. There isn't anything clever going on with VLANs; it's a flat LAN.
All RouterOS devices are running 7.17beta2. I doubt this is a beta bug, and there is no report of it from others in the beta thread, but I will allow the possibility that this used to work and I simply didn't make a note of it. I believe a more likely explanation is that my sense that this used to work owes everything to the grace of dynamic routing. That is, on all prior tests from the Mac, I happened to have the WiFi interface as the default route to the Internet, so it worked. Hard to prove retroactively, though.
