Multi-WAN with IPv6 not working

Started by mape2k, July 05, 2019, 01:30:40 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
July 05, 2019, 01:30:40 PM
Hi,

we're running IPv4 multi-wan setup which works as expected. Next step: IPv6.

We have 2 WANs:
- WAN 1: DHCPv6 with Prefix Delegation
- WAN 2: static ipv6 configuration and /58 (Router-Subnet is inside the /58)

Both WANs are running flawelessly.
In our LANs we have configured an ULA-Prefix and NPTv6 which also works.
DNS-Servers, Single Gateways and Gateway Groups are configured like IPv4.

Firewall has a rule to use Gateway Group like we do with IPv4. There is a rule for ipv6 to use GW-Group as gateway.

The problem:
IPv6-routing uses always the default route of opnsense. I'm not able to route LAN1 via WAN1 (as Tier1) and LAN2 via WAN2 (as Tier1). For now we activate Systems - Settings - General - Allow default gateway switching and IPv6-Traffic will always leave default gateway and failover works.

We want to seperate traffic if both WANs are up.

Is this a config issue? Or a bug?
Any hints?
If you need more informations please ask.

TIA,
Marcel

July 05, 2019, 01:34:51 PM #1
Can you disabe shared forwarding for testing in Firewall : Settings : Advanced?
July 05, 2019, 02:24:49 PM #2
Quote from: mimugmail on July 05, 2019, 01:34:51 PM
Can you disabe shared forwarding for testing in Firewall : Settings : Advanced?

If disabled routing and failover works for IPv4 and IPv6. In IPv4 Traceroute now the LAN-gateway is missing.
What is the impact of disabling this option?
July 05, 2019, 04:28:01 PM #3
It's written in the Helptext. Should not affect traceroute
July 08, 2019, 08:11:48 AM #4
Traceroute is affected. Also Traffic shaper seems not to work for IPv6 if this option is disabled.

Is this "a feature" that option needs to be disabled or could this be interpreted as bug because it is not workting with ipv6?
July 08, 2019, 10:29:08 AM #5
- It's a known issue that MultiWAN with v6 only works with shared forwarding disabled
- It's a known limitation that Traffic Shaper only works with shared forwarding.

It's complicated :/

If you want to help out, can you install an 18.7 image, import your config.xml and test again?

https://github.com/opnsense/src/issues/38
July 08, 2019, 10:33:42 AM #6
Thank you for the github link.

The system will go "live" (with or without ipv6) on Wednesday. I'll try my best testing version 18.7. Otherwise I'll try to setup a demo system...
July 08, 2019, 11:27:53 AM #7
Quote from: mimugmail on July 08, 2019, 10:29:08 AM
If you want to help out, can you install an 18.7 image, import your config.xml and test again?

Same problem with 18.7.10.
And Traffic shaper for ipv6 does not work with or withour shared forwarding disabled.
Print
Go Up Pages1
User actions