IPv6 and Mikrotik, how best to deploy right now?


#1

I need to re-do my Mikrotik enabled distribution of customer IPv6, like today.

Does anyone (Simon) have a suggestion for the best current method to do that, knowing v2 is coming soon and we want to dual stack integration with Sonar?


#2

Other than using PPPoE and DHCPv6 over the PPP tunnel so you can use the RADIUS username to identify the customer, I don’t know of a great way today. Someone mentioned that MikroTik has improved their AAA accounting for IPv6 recently, but I haven’t checked yet. Going to look into it more once 2.0 is public. There isn’t really anything new yet in 2.0 for IPv6, but I’ll devote some time to building out some concrete solutions soon.


#3

I have an IPv6 binding script that manipulates address lists by looking for a matching MAC address in IPv4 DHCP, which is a hack. Really hoping to see proper support soon.


#4

What we do (PPPoE+IPv6) is use RADIUS groups to control rate limiting (instead of address lists), and then we use an interface list for delinquent/inactive customers. Sonar adds the customer to the interface list when they are delinquent or inactive, and the interface list has IPv6 firewall rules associated to block the customer from getting online. That way it doesn’t matter that Sonar doesn’t know the customers IPv6 block. Of course, that also means you need to send CoA on delinquency/active status change, but I don’t think that is a big deal for most people. We’ve been running this for about a year now and it is a nice simple reliable workaround until the support improves.