Community discussions

MikroTik App
  4. Other topics
  5. Containers

IPv6 default route not added on a container instance Topic is solved

Post Reply
 
diasdm
newbie
Topic Author
Posts: 31
Joined: Fri Sep 22, 2023 4:48 pm

IPv6 default route not added on a container instance

Fri Apr 26, 2024 3:47 am

I've set up an AdGuard Home container on my HAP Ax3 router and it works fine for IPv4 addresses, but not for IPv6.
As a result, I can't reach any IPv6 upstream DNS servers.
Server "https://[2001:4860:4860::8888]:443/dns-query": could not be used, please check that you've written it correctly

The container has a valid IPv6 under the router.
Code: Select all
# ip -6 add show dev eth0
2: eth0@if4: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 state UP qlen 1000
    inet6 fd08:192:168:8:9cd3:83ff:fec8:599b/64 scope global dynamic flags 100
       valid_lft 2591995sec preferred_lft 604795sec
    inet6 fd08:192:168:8::5/128 scope global
       valid_lft forever preferred_lft forever
    inet6 fe80::9cd3:83ff:fec8:599b/64 scope link
       valid_lft forever preferred_lft forever

I can ping LAN IPv6 addresses, but not remote ones.
Code: Select all
# ping 2001:4860:4860::8844
--- 2001:4860:4860::8844 ping statistics ---
5 packets transmitted, 0 packets received, 100% packet loss

Then I realized that the container did not have a default IPv6 gateway set up.
Code: Select all
04-22 23:33:40 container,info,debug 2024/04/23 02:33:40.190436 [error] dnsproxy: upstream tls://[2620:fe::fe:10]:853 failed to exchange ;domain.name.tINt AAAA in 3.148431845s: getting conn to tls://[2620:fe::fe:10]:853: connecting to 2620:fe::fe:10: dial tcp [2620:fe::fe:10]:853: connect: no route to host

Code: Select all
# ip -6 route show
fd08:192:168:8::5 dev eth0  metric 256
fd08:192:168:8::/64 dev eth0  metric 256  expires 0sec
fe80::/64 dev eth0  metric 256
ff00::/8 dev eth0  metric 256

The container interface was configured with an IPv6 gateway, but it was not set as the default gateway inside the container.
Code: Select all
[@MikroTik] > interface/veth/print detail
 0  R name="veth1" address=192.168.8.5/24,fd08:192:168:8::5/128 gateway=192.168.8.1 gateway6=fd08:192:168:8::1

Only if I manually add the default route, the container can reach IPv6 addresses.
Code: Select all
ip -6 route add default via fd08:192:168:8::1 dev eth0 metric 1

However, if the router is rebooted or the container is reset, the default route is lost.

It seems that the router is unable to set enable IPv6 for a default bridge network.
Any idea why it is unable to add the IPv6 default route?
Top
 
vovan700i
newbie
Posts: 33
Joined: Wed Jun 06, 2012 8:34 am

Re: IPv6 default route not added on a container instance  Topic is solved

Sat Apr 27, 2024 2:57 pm

Hi,

Your IPv6 netmask might be the root of the problem. What if you replace /128 with /64 for this veth? Naturally, your router must also have fd08:192:168:8::1/64 assigned on the bridge this veth is a port of.
Code: Select all
[@MikroTik] > interface/veth/print detail
 0  R name="veth1" address=192.168.8.5/24,fd08:192:168:8::5/128 gateway=192.168.8.1 gateway6=fd08:192:168:8::1
Top
 
diasdm
newbie
Topic Author
Posts: 31
Joined: Fri Sep 22, 2023 4:48 pm

Re: IPv6 default route not added on a container instance

Mon Apr 29, 2024 6:16 am

Your IPv6 netmask might be the root of the problem. What if you replace /128 with /64 for this veth? Naturally, your router must also have fd08:192:168:8::1/64 assigned on the bridge this veth is a port of.

Spot on, buddy.
That was it.
Thank you.
Top
Post Reply

Who is online

Users browsing this forum: No registered users and 2 guests
  4. Other topics
  5. Containers