Mwan3 feedback on IPv6 and missing features

@feckert I also have a similar problem as @trendy but it may be unrelated to mwan3. I found out that when 6rd interface is up, I can manually reload firewall to get things working. (at least sometimes)

I also had ipv4 rule in ipv6 section like @trendy ...

Also the 6rd interface is created automatically so I am not able to assign a metric to it..

Also I had a strange problem. I setup the rule but way later in logs I saw this:

Wed Nov 13 01:53:41 2019 user.warn mwan3[25498]: Rule default_rule_ipv6 exceeds max of 15 chars. Not setting rule

This is just bad

Perhaps it is bad that mwan3 is trying to setup ipv6 things right now. It seems broken. Perhaps ipv6 functionality should be developed separately or at least there should be a way to disable it if one desires.

@feckert Can an option to disable mwan3 altogether be added? So system works like it did not exist, perhaps at least after a reboot? This may be useful for testing if mwan3 is causing troubles perhaps?

Without mwan3 it was working fine though, without the route even for the locally generated traffic.
It was when I enabled mwan3 that problems started.
Right now I have disabled mwan3 and I am trying to move to IPv6 from my ISP (more on that on a new thread), so I cannot test it anymore.

Stop mwan3
/etc/init.d/mwan3 stop

Disable mwan3
/etc/init.d/mwan3 disable

@feckert I was stupid to not think about it. But I think there could be a enable/disable checkbox in luci interface. Perhaps not a very important feature request anyway

A post was split to a new topic: Mwan3track not working properly on wireguard

Pls, separate IPv4 and IPv6 related code.
And obey to
make menue config ; Global build settings ; Enable IPv6 support in packages

Unticking this option results in lot of error messages during startup of mwan3. Very annoying.
My 3g-wwan does not support IPv6. But to avoid all the error messages I build custom image incl. IPv6 just because of this.

Thanks for feedback.
That is not so easy. This was not thought of during the implementation. I have to see how elaborate this is.

Just adding my trials with mwan3 and IPv6. My setup is a bit unusual, but I've got two WAN interfaces.

• WAN - IPv4 only fibre connection (DHCP)
• WAN6 - Hurricane Electric 6in4 (6in4)
• WANB - IPv4 from a 4G mobile network (DHCP)
• WANB6 (Virtual interface @wanb) - (DHCPv6 client)

WANB is on it's own VLAN, essentially I've turned one of the LAN ports into a WAN. WAN6 and WANB are attached to the WAN filewall zone.

I can't get mwan3 and 6in4 to co-exist nicely, no matter what I do, mwan3 states the interface is down after about 30 seconds every time of starting it. I'm assuming protocol 41 is being interfered with somewhere. Even setting a rule in mwan3 itself to make sure traffic to the HE tunnel endpoint goes over the right WAN doesn't work, judging by the iptables output, the rule is never hit, so potentially protocol 41 never makes it.

I have also noticed though that for wanb6, I get strange issues with ping6, traceroute6, curl etc with some IPv6 hosts (not all). e.g.

root@linksys-wrt3200acm:~# ping6 -I eth0.3 ifconfig.co
connect: Permission denied

eth0.3 is the network interface created from the VLAN.

This doesn't happen on the 6in4-wan6 interface and other IPv6 sites like ipv6.google.com are OK, so not quite sure why that's the case.

I have had to give up trying to control IPv6 through mwan3 and simply fallback to the main routing table. Rules using IPv4 with WAN and WANB work great though.

Overall, IPv4 works great, IPv6 is a bit hit and miss. I think if I had native IPv6 on WAN6, it would possibly be less of a problem, it seems 6in4 is particularly problematic with the mwan3 routing.

Thank you however, for the work that has been done with mwan3 up to this point.

Probably worth updating, IPv6 only interfaces should work better with mwan3 2.8.4 onwards. Changes to the mwan3track side made more recently mean that the track_ip tests are performed with the IPv6 source address obtained from the interface. This is more reliable than using the interface name as OpenWrt seems to have issues with selecting the right source address in some cases.

There are a few documented cases of this being a problem in certain scenarios.

• IPv6 source address selection broken for packets generated on the router
• https://bugs.openwrt.org/index.php?do=details&task_id=2167

This behaviour is also present when using the built in busybox ping utils vs the iputils-ping or iputils-ping6 tools as an example. You can get different outcomes from ping tests with the same commands across both tools (when using interface names). However if you specify the source address explicitly everything is fine.

This should improve compatibility with 6in4 and IPv6 only interfaces generally.

Try this

config rule ipv6_update
option dest_ip 64.62.200.2 #ipv4.tunnelbroker.net
option use_policy wan_only

config rule ipv6_server
option dest_ip 216.66.87.102 #tunnel server ip
option use_policy wan_only

You may need port forward p41 or dmz

I want to "+1" @reinerotto's request, because I want to build an image with no IPv6 to save space, but that breaks mwan3 which requires ip6tables. I can fix it by manually painstakingly removing all references to ip6tables in the scripts, but that is not an optimal solution...

Hello @feckert ,
thank you for this great piece of software. It works perfectly with IPv4 but getting it to work with IPv6 is giving me a headache.
I have two dual stack connections, one is fast and high ping and one is slow but low ping. I want to route Port 80 and 443 via the fast connection, so I'm able to stream video over it and everything else via the slow low ping line. I tried the same rules like for IPv4, but that results in a loss of IPv6 connectivity for port 80 and 443.
Is there a way to get this working somehow? I know that IPv6 multihoming does exist, but that does work only for IPs and not ports as far as I understand.
I'm running OpenWRT 20.204 and 2.8.8-1.0
Thank you for any help and information.

Have you followed the general IPv6 guidance with mwan3 here:

https://openwrt.org/docs/guide-user/network/wan/multiwan/mwan3#mwan3_and_ipv6

The support for IPv6 should be better in 2.8.8 and newer versions thanks to various changes by @aaronjg, but there are still known issues and quirks, some which have been hacked around in mwan3 itself.

I have can confirm I have a working dual stack IPv6 configuration working on the 19.07 branch. I can't comment on 20.x, the kernel is different between these two branches. Have you tried your configuration on the latest stable release to ensure it's not something related to this. There was another case of someone unable to have Wireguard work correctly with mwan3 and it seems to be something different in the 5.x kernel with snapshot builds compared to the 4.14.x release the stable branch is currently.

Yes i have followed it. Basic Setup does work but as soon as you do advanced rules IPv6 stops working.

Can you try version 2.8.11, there was some changes between 2.8.8 and 2.8.11 that might help.

Can you post your mwan3 config and rule that isn't working?

It is not visible from your output. However preparing the wan interfaces with metrics on the default route is the first step before configuring mwan3.

The default route warning might be a bit of red herring to be honest. I'm not sure the LuCI interface is as aware of IPv6 parameters than it could be. I have this error on all of my IPv6 interfaces, but they work OK.

Metrics is definitely one of the first things to look at though.

That are the settings i have done in /etc/config/network
in my mind I have set a metric with that

config interface 'wan6'
option ifname 'eth2'
option proto 'dhcpv6'
option reqprefix 'auto'
option iface_dslite '0'
option reqaddress 'force'
option metric '10'

config interface 'wanb6'
option ifname 'pppoe-wanb'
option proto 'dhcpv6'
option reqaddress 'try'
option reqprefix 'auto'
option metric '20'

config interface 'wan'
option proto 'dhcp'
option ifname 'eth2'
option metric '11'

config interface 'wanb'
option ifname 'lan4'
option proto 'pppoe'
option password 'xxx'
option username 'xxx'
option ipv6 '1'
option metric '21'

Or is something else to do to set it properly?

I would prefer the ifname @wanb, but otherwise it looks fine.