Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
22.1 Legacy Series
»
Load balancing for IPv4+IPv6 - making lemonade out of lemons
« previous
next »
Print
Pages: [
1
]
Author
Topic: Load balancing for IPv4+IPv6 - making lemonade out of lemons (Read 993 times)
GrapplingHero
Newbie
Posts: 3
Karma: 0
Load balancing for IPv4+IPv6 - making lemonade out of lemons
«
on:
May 01, 2022, 01:21:43 am »
I live in a condo and unfortunately I have no way of changing ISPs.
What I do have is two separate symmetric 100Mbps pipes, with very different properties.
The first one is native IPv6, and it delivers a dynamic - albeit fairly sticky - /56 but no separate WAN IP address. IPv4 is delivered via DS-Lite only, which means CG-NAT.
The second is the exact opposite: one public static IPv4 (that I pay extra for but at least the option is there), no DHCP but no support for IPv6 at all. Connectivity to anything that is not a major CDN or out of the country is atrocious using these guys, to boot.
What I have managed so far is to get both pipes running, the first with IPv4 and IPv6 via establishing a GIF tunnel for DS-Lite, and the second as IPv4 only.
I then managed to setup IPv4 load balancing via adding the resulting two IPv4 gateways to a group with monitoring, appropriate firewall rules and some additions to force traffic to some IPv4 destinations through the first ISP.
Is there a way I can set up a second GIF tunnel with TunnelBroker to have IPv6 connectivity on the second pipe and balance IPv6 traffic as well?
Two things worry me:
I cannot see a way to have NPT rules track prefix delegations, which means that every time ISP 1's assigned /56 changes the setup breaks
Is there a way to ensure IPv6 traffic to establish the DS-Lite gif tunnel only ever goes through ISP 1 instead of TunnelBroker? And to ensure IPv4 traffic to establish the TunnelBroker tunnel only goes through ISP2 instead of the DS-Lite tunnel?
The second one in particular would break everything if it goes wrong.
RANT FOLLOWS
As a aside, why is it so hard to get IPv6 in general (ISPs being absolute dicks in how they provide it) and load balancing in particular working? I've gone through EdgeOS (I used an Ubiquiti EdgeRouter Lite before ISP1 moved to DS-Lite, which broke hardware offload and made it unable to keep up), VyOS and now OPNSense (I still have to try OpenWRT, but it refuses to boot on the box I have available) and there is always something along the way that blocks me.
«
Last Edit: May 01, 2022, 01:26:26 am by d3rf3l
»
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
22.1 Legacy Series
»
Load balancing for IPv4+IPv6 - making lemonade out of lemons