I have a setup where WLANs receive (periodically changing)
DHCPv6 nets from the DSL router und some LANs receive static
public IPv6 addresses via a OpenVPN tunnel which also provides
the route to the internet for them.
This setup works (for me) only if I have deleted the IPv4 address
of the WAN interface (keeping only the virtual address).
Unfortunately this breaks connectivity of the backup system and
needs some hack (route through master system) to do firmware update.
How can I replace the hack through some automatic gateway config
change, e.g. gateway monitoring/scripting ?
Is there a better solution for may dual IPv6 WAN setup ?
Thanks, ajr
PS: some details:
HA configuration (master/backup)
All interfaces have VIPs via CARP
All IPv4 addresses use NAT
LAN nets
IPv4: static (rfc1918)
IPv6: static (subnet from VPN)
WLAN nets (via APs)(all have VIPs via CARP)
IPv4: static (rfc1918)
IPv6: Track interface (DHCPv6)
WAN Interface (transfer net to VDSL router)
IPv4: none
IPv6: DHCPv6
Gateways
IPv4: VDSL router (if master, VIP, Monitor IP router))
IPv6: DHCPv6
OpenVPN client(legacy)
Server Mode: Peer to Peer
Interface: WAN VIP
IPv6 Remote Network: ::/1,8000::/1
Quote from: ajr on March 01, 2025, 09:33:52 PMThis setup works (for me) only if I have deleted the IPv4 address
of the WAN interface (keeping only the virtual address).
Can anybody please explain, why it works only with this setup ?
ajr
Quote from: ajr on March 01, 2025, 09:33:52 PMUnfortunately this breaks connectivity of the backup system and
needs some hack (route through master system) to do firmware update.
Unfortunately I can't get selection of backup gateway as default gateway working.
Even if gateway monitoring is on and "Allow default gateway switching" is on in system->settings->general.
It seems that gateway priority always takes precedence. See attached screenshot.
root@opn2:~ # netstat -rnfinet | grep default
default 192.168.178.1 UGS igb1
How can I fix this ?