[Solved] Different IPv6 gateways per interface

Started by jimpd, October 18, 2021, 06:46:23 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
October 18, 2021, 06:46:23 PM Last Edit: October 19, 2021, 09:49:32 PM by jimpd
Hello!

I try to set different IPv6 gateways for different interfaces. There is an IPv6 connection from my ISP and from a Tunnelbroker.
Gateways:
Name: ISP, Interface: WAN, Prio: 2 (upstream), Gateway: link local IPv6 of next router(with modem)
Name: Tunnelbroker, Interface: TUNNELBROKER, Prio: 3, Gateway: remote IPv6 from broker

Interfaces:
WAN - IPv6: DHCPv6
OPT2 - IPv6: Track interface, IPv6 Interface: WAN, Prefix ID 0x0
OPT3 - IPv6: Static IPv6, IPv6 address: static IP from Tunnelbroker subnet, IPv6 Upstream Gateway: Autodetect

RA:
OPT3 - Unmanaged (SLAAC)

Firewall: not relevant here (if it is, please tell me)

Now I can successfully connect from clients in OPT2 with IPv6 addresses from the ISP to the Internet. IPv6 traffic gets routed via "ISP" Gateway.

From clients in OPT3 with IPv6 addresses from the Tunnelbroker subnet I can reach the static IPv6 from the OPT3 interface but nothing beyond. All traffic gets routed to the "ISP" gateway (and dropped there) and not to the "Tunnelbroker" gateway.

If I change the prio from "Tunnelbroker" gateway to "1" and try again, the connection to the Internet works from clients in OPT3 through "Tunnelbroker" gateway but connections from clients in OPT2 to the Internet don't work anymore because their traffic gets routed through the "Tunnelbroker" gateway instead of the "ISP" gateway.

I already tried to set both gateways as "upstream" and/or with the same prio. I also tried to configure a custom gateway for OTP3 interface but it gets rejected because:

> The gateway address does not lie within one of the chosen interface's IPv6 subnets.
> The gateway IP address already exists.

Both understandable, gateway address of course does not lie within the subnet and the gateway IP already exists in the "Tunnelbroker" gateway.

Is it somehow possible to get this working?
October 19, 2021, 09:49:15 PM #1
I figured it out:

To get this working the gateway has to be overwritten with a firewall rule. It is possible to configure a custom gateway at the bottom for inbound rules.
Print
Go Up Pages1
User actions