I am having trouble configuring an IPv6 pool provided by my ISP. They assigned me a /56 pool, and I want to break it into /64 networks. However, I am facing an issue: when I add the addresses to interfaces, I do not have external access. I have done similar configurations with another provider and also via a Hurricane Electric tunnel without any issues. From what I can tell, the addresses I add only work on the interface where the ISP connection arrives, which is ether1. On other interfaces, the addresses I assign do not work. If I take a new /64 pool that I defined and add it to ether1, it works; but if I assign it to ether4 or ether6, it stops working.
All configurations are being done statically since this is how the ISP provides the addresses. I plan to pass the addresses to my internal network via SLAAC after getting everything working. I also tried assigning an IPv6 address from the /64 prefix of ether4 to another device on the network statically, but it did not work.
The configurations provided by my ISP are as follows:
(Fictitious addresses used for documentation purposes)
Prefix: 2001:db8:/56
WAN IP: 2001:db8:2/64 (ether1)
Gateway: 2001:db8:1/64
With this configuration, my router is remotely accessible via SSH and Winbox, and I can ping various IPv6 sites from it.
When I try to configure the LAN and define new prefixes, I simply have no connection, as if there were no routing from the ISP for them through other interfaces or as if the IPv6 forward option in RouterOS was not working. For example:
LAN1: 2001:db8a1::5/64 (ether4)
LAN2: 2001:db8b1::5/64 (ether6)
These prefixes work perfectly when assigned to my WAN interface directly connected to the ISP's router but not on other interfaces. Since this is a simple configuration, I don’t understand why it doesn’t work on other interfaces. I even disabled the firewall, but I still couldn’t make this configuration work.
Below are my interface and IPv6 configurations.
/ipv6 settings
set accept-redirects=yes-if-forwarding-disabled accept-router-advertisements=yes-if-forwarding-disabled disable-ipv6=no forward=yes max-neighbor-entries=8192 multipath-hash-policy=l3
/ipv6 nd
set [ find default=yes ] advertise-dns=yes advertise-mac-address=yes disabled=yes hop-limit=unspecified interface=ether4 managed-address-configuration=no mtu=unspecified other-configuration=yes ra-delay=3s ra-interval=3m20s-10m ra-lifetime=\
30m ra-preference=medium reachable-time=unspecified retransmit-interval=unspecified
/ipv6 nd prefix default
set autonomous=yes preferred-lifetime=1w valid-lifetime=4w2d
/ipv6 address
add address=2001:db8:20a0::2/64 advertise=no disabled=no eui-64=no from-pool="" interface=ether1 no-dad=no
add address=2001:db8:20a0:a1::5/64 advertise=no disabled=no eui-64=no from-pool="" interface=ether4 no-dad=no
add address=2001:db8:20a0:b1::5/64 advertise=no disabled=no eui-64=no from-pool="" interface=ether6 no-dad=no
/ipv6 route
add disabled=no distance=1 dst-address=::/0 gateway=2001:db8:20a0::1 routing-table=main scope=30 suppress-hw-offload=no target-scope=10
/interface ethernet
set [ find default-name=ether1 ] advertise=10M-baseT-half,10M-baseT-full,100M-baseT-half,100M-baseT-full,1G-baseT-half,1G-baseT-full arp=enabled arp-timeout=auto auto-negotiation=yes bandwidth=unlimited/unlimited comment=\
"ISP 01" disabled=no l2mtu=1592 loop-protect=default loop-protect-disable-time=5m loop-protect-send-interval=5s mac-address=DC:2C:6E:37:6F:67 mtu=1500 name=ether1 orig-mac-address=\
DC:2C:6E:37:6F:67 rx-flow-control=off tx-flow-control=off
set [ find default-name=ether4 ] advertise=10M-baseT-half,10M-baseT-full,100M-baseT-half,100M-baseT-full,1G-baseT-half,1G-baseT-full arp=enabled arp-timeout=auto auto-negotiation=yes bandwidth=unlimited/unlimited comment="LAN 01" disabled=no \
l2mtu=1592 loop-protect=default loop-protect-disable-time=5m loop-protect-send-interval=5s mac-address=DC:2C:6E:37:6F:6A mtu=1500 name=ether4 orig-mac-address=DC:2C:6E:37:6F:6A rx-flow-control=off tx-flow-control=off
set [ find default-name=ether6 ] advertise=10M-baseT-half,10M-baseT-full,100M-baseT-half,100M-baseT-full,1G-baseT-half,1G-baseT-full arp=enabled arp-timeout=auto auto-negotiation=yes bandwidth=unlimited/unlimited comment=\
"LAN 02" disabled=no l2mtu=1592 loop-protect=default loop-protect-disable-time=5m loop-protect-send-interval=5s mac-address=DC:2C:6E:37:6F:6C mtu=1500 name=ether6 orig-mac-address=DC:2C:6E:37:6F:6C \
rx-flow-control=off tx-flow-control=off
RouterOS Version: 7.16.1
Modelo: RB4011
Thank you in advance for your assistance.