I had IPv6 working fine, but then I broke it and I don't know how. Now I need help figuring out what is broken so I can fix it.

I have a hEX getting a prefix from the ISP over the WAN port and putting it in a DHCPv6 pool. On the LAN side, there is one ethernet port that runs the regular LAN plus a VLAN.

SLAAC works fine on the VLAN. Where I need help is in figuring out why SLAAC is not working on the LAN.

Both the LAN and VLAN get separate IPv6 prefixes from the DHCPv6-PD server, prefixes show up in the IPv6 address list with "advertise=yes". ND is running on all interfaces with default settings. The fact that SLAAC works on the VLAN and used to work on the LAN gives me comfort that there is not a big problem with my configuration. I checked firewall rules and everything else I could think of on the hEX about what is different between the LAN and VLAN, but it all looks good to me.


So let's approach this from the client side. I have a Macbook with Wireshark. What can I do on the Macbook to manually walk through the SLAAC steps to find the point of failure? The MikroTik Wiki does not say much about it.

What I have so far is that Neighbor Discovery is finding other IPv6 enabled devices on the LAN, but is not discovering the router/interface IPv6 link-local address, even though it is finding the IPv4 address fine.

What can I try next?

You can turn on radvd logging on RB to see if it is sending router advertisements. And then you can try to catch them on Macbook.

Thanks, I didn't know about radvd logging.

RouterOS logs say the interface is receiving Router Solicitation messages and responding with Router Advertisement messages. The log then says "adding link-layer address option" and "adding prefix". So that is good, right?

I haven't seen those packets with wireshark but I'm only looking at stuff coming off a switch right now. Will have to set up port mirroring directly on the hEX to be sure that it's not the switch messing up.

Meanwhile, any other suggestions?