Mikrotik Ipv6 config home Time Warner, Run Runner and Spectrum

Configurando Ipv6 en Mikrotik router esta configuración funciona para Time Warner, Run Runner y Spectrum.

Espero que otros puedan resolver su problema al igual que yo
Configuración ipv6 cliente de un ISP y sus clientes de lan interno.








Wan = ether1
Lan = ether2-master
Spectrum = Nombre del pool


# jan/17/2017 07:40:20 by RouterOS 6.38
#

/ipv6 dhcp-server
add address-pool=Spectrum disabled=no interface=ether2-master lease-time=3d name=\
    ipv6 preference=255 rapid-commit=yes


/ipv6 address
add address=/64 advertise=yes disabled=no eui-64=no from-pool=Spectrum interface=\
    ether2-master no-dad=no


/ipv6 dhcp-client
add add-default-route=yes disabled=no interface=ether1 pool-name=Spectrum \
    pool-prefix-length=56 prefix-hint=::/0 request=prefix use-peer-dns=yes


/ipv6 firewall filter
add action=accept chain=input comment="Router  Allow IPv6 ICMP" \
    !connection-bytes !connection-limit !connection-mark !connection-rate \
    !connection-state !connection-type !content disabled=no !dscp \
    !dst-address !dst-address-list !dst-limit !dst-port !headers !hop-limit \
    !icmp-options !in-bridge-port !in-bridge-port-list !in-interface \
    !in-interface-list !ingress-priority !ipsec-policy !limit log=no \
    log-prefix="" !nth !out-bridge-port !out-bridge-port-list !out-interface \
    !out-interface-list !packet-mark !packet-size !per-connection-classifier \
    !port !priority protocol=icmpv6 !random !src-address !src-address-list \
    !src-mac-address !src-port !tcp-flags !tcp-mss !time
add action=accept chain=input comment=\
    "Router  Accept established connections" !connection-bytes \
    !connection-limit !connection-mark !connection-rate connection-state=\
    established !connection-type !content disabled=no !dscp !dst-address \
    !dst-address-list !dst-limit !dst-port !headers !hop-limit !icmp-options \
    !in-bridge-port !in-bridge-port-list !in-interface !in-interface-list \
    !ingress-priority !ipsec-policy !limit log=no log-prefix="" !nth \
    !out-bridge-port !out-bridge-port-list !out-interface !out-interface-list \
    !packet-mark !packet-size !per-connection-classifier !port !priority \
    !protocol !random !src-address !src-address-list !src-mac-address \
    !src-port !tcp-flags !tcp-mss !time
add action=accept chain=input comment="Router  Accept related connections" \
    !connection-bytes !connection-limit !connection-mark !connection-rate \
    connection-state=related !connection-type !content disabled=no !dscp \
    !dst-address !dst-address-list !dst-limit !dst-port !headers !hop-limit \
    !icmp-options !in-bridge-port !in-bridge-port-list !in-interface \
    !in-interface-list !ingress-priority !ipsec-policy !limit log=no \
    log-prefix="" !nth !out-bridge-port !out-bridge-port-list !out-interface \
    !out-interface-list !packet-mark !packet-size !per-connection-classifier \
    !port !priority !protocol !random !src-address !src-address-list \
    !src-mac-address !src-port !tcp-flags !tcp-mss !time
add action=drop chain=input comment="Router  Drop invalid connections" \
    !connection-bytes !connection-limit !connection-mark !connection-rate \
    connection-state=invalid !connection-type !content disabled=no !dscp \
    !dst-address !dst-address-list !dst-limit !dst-port !headers !hop-limit \
    !icmp-options !in-bridge-port !in-bridge-port-list !in-interface \
    !in-interface-list !ingress-priority !ipsec-policy !limit log=no \
    log-prefix="" !nth !out-bridge-port !out-bridge-port-list !out-interface \
    !out-interface-list !packet-mark !packet-size !per-connection-classifier \
    !port !priority !protocol !random !src-address !src-address-list \
    !src-mac-address !src-port !tcp-flags !tcp-mss !time
add action=accept chain=input comment="Router- UDP" !connection-bytes \
    !connection-limit !connection-mark !connection-rate !connection-state \
    !connection-type !content disabled=no !dscp !dst-address \
    !dst-address-list !dst-limit !dst-port !headers !hop-limit !icmp-options \
    !in-bridge-port !in-bridge-port-list !in-interface !in-interface-list \
    !ingress-priority !ipsec-policy !limit log=no log-prefix="" !nth \
    !out-bridge-port !out-bridge-port-list !out-interface !out-interface-list \
    !packet-mark !packet-size !per-connection-classifier !port !priority \
    protocol=udp !random !src-address !src-address-list !src-mac-address \
    !src-port !tcp-flags !tcp-mss !time
add action=accept chain=input comment="Router  From our LAN" \
    !connection-bytes !connection-limit !connection-mark !connection-rate \
    !connection-state !connection-type !content disabled=no !dscp \
    !dst-address !dst-address-list !dst-limit !dst-port !headers !hop-limit \
    !icmp-options !in-bridge-port !in-bridge-port-list in-interface=bridge \
    !in-interface-list !ingress-priority !ipsec-policy !limit log=no \
    log-prefix="" !nth !out-bridge-port !out-bridge-port-list !out-interface \
    !out-interface-list !packet-mark !packet-size !per-connection-classifier \
    !port !priority !protocol !random !src-address !src-address-list \
    !src-mac-address !src-port !tcp-flags !tcp-mss !time
add action=drop chain=input comment="Router  Drop other traffic" \
    !connection-bytes !connection-limit !connection-mark !connection-rate \
    !connection-state !connection-type !content disabled=no !dscp \
    !dst-address !dst-address-list !dst-limit !dst-port !headers !hop-limit \
    !icmp-options !in-bridge-port !in-bridge-port-list !in-interface \
    !in-interface-list !ingress-priority !ipsec-policy !limit log=no \
    log-prefix="" !nth !out-bridge-port !out-bridge-port-list !out-interface \
    !out-interface-list !packet-mark !packet-size !per-connection-classifier \
    !port !priority !protocol !random !src-address !src-address-list \
    !src-mac-address !src-port !tcp-flags !tcp-mss !time
add action=drop chain=forward comment="LAN  Drop invalid Connections" \
    !connection-bytes !connection-limit !connection-mark !connection-rate \
    connection-state=invalid !connection-type !content disabled=no !dscp \
    !dst-address !dst-address-list !dst-limit !dst-port !headers !hop-limit \
    !icmp-options !in-bridge-port !in-bridge-port-list !in-interface \
    !in-interface-list !ingress-priority !ipsec-policy !limit log=no \
    log-prefix="" !nth !out-bridge-port !out-bridge-port-list !out-interface \
    !out-interface-list !packet-mark !packet-size !per-connection-classifier \
    !port !priority !protocol !random !src-address !src-address-list \
    !src-mac-address !src-port !tcp-flags !tcp-mss !time
add action=accept chain=forward comment="LAN  Accept UDP" !connection-bytes \
    !connection-limit !connection-mark !connection-rate !connection-state \
    !connection-type !content disabled=no !dscp !dst-address \
    !dst-address-list !dst-limit !dst-port !headers !hop-limit !icmp-options \
    !in-bridge-port !in-bridge-port-list !in-interface !in-interface-list \
    !ingress-priority !ipsec-policy !limit log=no log-prefix="" !nth \
    !out-bridge-port !out-bridge-port-list !out-interface !out-interface-list \
    !packet-mark !packet-size !per-connection-classifier !port !priority \
    protocol=udp !random !src-address !src-address-list !src-mac-address \
    !src-port !tcp-flags !tcp-mss !time
add action=accept chain=forward comment="LAN  Accept ICMPv6 " \
    !connection-bytes !connection-limit !connection-mark !connection-rate \
    !connection-state !connection-type !content disabled=no !dscp \
    !dst-address !dst-address-list !dst-limit !dst-port !headers !hop-limit \
    !icmp-options !in-bridge-port !in-bridge-port-list !in-interface \
    !in-interface-list !ingress-priority !ipsec-policy !limit log=no \
    log-prefix="" !nth !out-bridge-port !out-bridge-port-list !out-interface \
    !out-interface-list !packet-mark !packet-size !per-connection-classifier \
    !port !priority protocol=icmpv6 !random !src-address !src-address-list \
    !src-mac-address !src-port !tcp-flags !tcp-mss !time
add action=accept chain=forward comment="LAN  Accept established Connections" \
    !connection-bytes !connection-limit !connection-mark !connection-rate \
    connection-state=established !connection-type !content disabled=no !dscp \
    !dst-address !dst-address-list !dst-limit !dst-port !headers !hop-limit \
    !icmp-options !in-bridge-port !in-bridge-port-list !in-interface \
    !in-interface-list !ingress-priority !ipsec-policy !limit log=no \
    log-prefix="" !nth !out-bridge-port !out-bridge-port-list !out-interface \
    !out-interface-list !packet-mark !packet-size !per-connection-classifier \
    !port !priority !protocol !random !src-address !src-address-list \
    !src-mac-address !src-port !tcp-flags !tcp-mss !time
add action=accept chain=forward comment="LAN  Accept related connections" \
    !connection-bytes !connection-limit !connection-mark !connection-rate \
    connection-state=related !connection-type !content disabled=no !dscp \
    !dst-address !dst-address-list !dst-limit !dst-port !headers !hop-limit \
    !icmp-options !in-bridge-port !in-bridge-port-list !in-interface \
    !in-interface-list !ingress-priority !ipsec-policy !limit log=no \
    log-prefix="" !nth !out-bridge-port !out-bridge-port-list !out-interface \
    !out-interface-list !packet-mark !packet-size !per-connection-classifier \
    !port !priority !protocol !random !src-address !src-address-list \
    !src-mac-address !src-port !tcp-flags !tcp-mss !time
add action=log chain=forward comment="LAN  Log everything else" \
    !connection-bytes !connection-limit !connection-mark !connection-rate \
    !connection-state !connection-type !content disabled=no !dscp \
    !dst-address !dst-address-list !dst-limit !dst-port !headers !hop-limit \
    !icmp-options !in-bridge-port !in-bridge-port-list !in-interface \
    !in-interface-list !ingress-priority !ipsec-policy !limit log=no \
    log-prefix="Log IPv6" !nth !out-bridge-port !out-bridge-port-list \
    !out-interface !out-interface-list !packet-mark !packet-size \
    !per-connection-classifier !port !priority !protocol !random !src-address \
    !src-address-list !src-mac-address !src-port !tcp-flags !tcp-mss !time
add action=reject chain=forward comment="LAN  Drop everything else" \
    !connection-bytes !connection-limit !connection-mark !connection-rate \
    connection-state=new !connection-type !content disabled=no !dscp \
    !dst-address !dst-address-list !dst-limit !dst-port !headers !hop-limit \
    !icmp-options !in-bridge-port !in-bridge-port-list in-interface=ether1 \
    !in-interface-list !ingress-priority !ipsec-policy !limit log=no \
    log-prefix="" !nth !out-bridge-port !out-bridge-port-list !out-interface \
    !out-interface-list !packet-mark !packet-size !per-connection-classifier \
    !port !priority !protocol !random reject-with=icmp-no-route !src-address \
    !src-address-list !src-mac-address !src-port !tcp-flags !tcp-mss !time
add action=accept chain=forward comment="LAN  Internal traffic" \
    !connection-bytes !connection-limit !connection-mark !connection-rate \
    !connection-state !connection-type !content disabled=no !dscp \
    !dst-address !dst-address-list !dst-limit !dst-port !headers !hop-limit \
    !icmp-options !in-bridge-port !in-bridge-port-list in-interface=bridge \
    !in-interface-list !ingress-priority !ipsec-policy !limit log=no \
    log-prefix="" !nth !out-bridge-port !out-bridge-port-list !out-interface \
    !out-interface-list !packet-mark !packet-size !per-connection-classifier \
    !port !priority !protocol !random !src-address !src-address-list \
    !src-mac-address !src-port !tcp-flags !tcp-mss !time


/ipv6 nd
set [ find default=yes ] advertise-dns=yes advertise-mac-address=yes \
    disabled=no hop-limit=64 interface=bridge managed-address-configuration=\
    yes mtu=unspecified other-configuration=yes ra-delay=3s ra-interval=\
    3m20s-10m ra-lifetime=30m reachable-time=unspecified retransmit-interval=\
    unspecified


/ipv6 nd prefix default
set autonomous=yes preferred-lifetime=4h valid-lifetime=4h


/ipv6 route
add !bgp-as-path !bgp-atomic-aggregate !bgp-communities !bgp-local-pref \
    !bgp-med !bgp-origin !bgp-prepend !check-gateway disabled=no distance=1 \
    dst-address=2605:6000:1021:cf::/128 gateway=bridge !route-tag scope=30 \
    target-scope=10


/ipv6 settings
set accept-redirects=yes-if-forwarding-disabled accept-router-advertisements=\
    yes forward=yes max-neighbor-entries=8192

Nota:
Al comienzo de mi configuración utilice de otros medios parte de su configuración:

https://technotes.seastrom.com/2016/08/22/mikrotik-cable-ipv6.html
http://www.netdaily.org/tag/mikrotik-ipv6-home-example/

Comentarios

Entradas más populares de este blog

BBS - Boletin Board Sistem

Synchronet bbs software