I have two PPPoE WANs which have been successfully load-balanced for IPv4 via mwan3, however ipv6 is particularly tricky to get working it currently says offline on both wan6 and wanb6 virtual interfaces.
The setup I have consist of two ISP-Provided GPON units which provide "triple-play" service, such that I cannot easily just skip those GPONs and plug the Optical cables into my ER605v2 load balancer (doesn't have SPF anyway). The point being that the GPONs are doing the PPPoE negotiation, and are supposed to obtain an IPv6 IP for me.
However my virtual interfaces wan6 and wanb6 don't seem to work properly.
They are both showing a global IPv6 address with a /64 at the end
They both have a ULA. I tried turning ULA off to see if it made any difference and it didnt.
The other caveat is that I cannot seem to simply forward my IPs via the ISP provided GPON. I also couldn't find any "Bridging" option. It can only be used in Router mode.
I tried turning DHCPv6 server off on the GPONs and the mwan3 status showed wan6 and wanb6 as online (green) but when I load an ipv6 test page it still shows ipv6 as not working
Also, in the LAN, you have to configure ip6class to only contain local, i.e., use only ULAs. In some cases (depending on the script), disabling of the source-based routing is needed.
In short, load-balancing or even fail-over with multiple IPv6 uplink is not a solved problem in OpenWrt. My recommendation these days (especially after talking to cybersecurity auditors) is to disable IPv6 altogether.
That is unfortunate but not unexpected. The openwrt documentation does seem to suggest something is off with NAT6 and mwan3, but there is no definitive statement out there like this about it, so I appreciate the conciseness of your response.
Well, I would rather reset your expectations. The topic that mwan3, for its IPv6 fail-over support, depends on something which is not in OpenWrt (unless you are OK with NATing everything to a single IPv6 address) has been raised before, but this did not lead to an understanding of a definite way forward. Please check these topics:
So are you saying that the only way to get ipv6 load balancing working is if it behave like ipv4 which inherently beats the purpose of ipv6, since the whole point of ipv6 is to avoid NAT overhead? Do I understand you correctly?
I don't have issue with having to implement NAT6 so that everything on the LAN gets sent to a single IPv6 (per load-balanced WAN interface), especially if it is the only way to make load-balancing work for IPv6, the problem is that I don't know how to do it on my own.