Scenario:
My ISP provides me with multiple DSL connections that have the same IP blocks routed through them which is downstream load balanced by my ISP and upstream is load balanced by the WAN load balancing
Problem:
When IPv6 is enabled on multiple PPPoE interfaces the default gateway for IPv6 is rejected by Zebra and no IPv6 connectivity is possible.
Bringing down a single PPPoE Interface or removing IPv6 configuration from one results in the route being installed successfully.
Removing wan load balancing configuration has no effect, the IPv6 routes are always rejected.
IPv6 addresses on the interfaces are link local but do have the same gateway as each other. I have also tried the same setup with PD enabled and non link-local addresses assigned to the interfaces.
Config: (Sensitive information [REMOVED])
firewall {
ipv4 {
input {
filter {
rule 10 {
action "jump"
inbound-interface {
name "pppoe0"
}
jump-target "WAN_LOCAL"
}
rule 20 {
action "jump"
inbound-interface {
name "pppoe1"
}
jump-target "WAN_LOCAL"
}
}
}
name WAN_LOCAL {
default-action "drop"
rule 10 {
action "accept"
state "established"
state "related"
}
}
}
ipv6 {
input {
filter {
rule 10 {
action "jump"
inbound-interface {
name "pppoe0"
}
jump-target "WAN_LOCAL"
}
rule 20 {
action "jump"
inbound-interface {
name "pppoe1"
}
jump-target "WAN_LOCAL"
}
}
}
name WAN_LOCAL {
default-action "drop"
rule 10 {
action "accept"
state "established"
state "related"
}
rule 20 {
action "accept"
protocol "ipv6-icmp"
}
rule 30 {
action "accept"
destination {
port "546"
}
protocol "udp"
source {
port "547"
}
}
}
}
}
interfaces {
ethernet eth0 {
description "WAN"
offload {
gro
gso
sg
tso
}
vif 201 {
description "AAISP-1 VLAN"
}
vif 202 {
description "AAISP-2 VLAN"
}
}
ethernet eth1 {
address "[REMOVED]/64"
address "[REMOVED]/29"
description "LAN"
offload {
gro
gso
sg
tso
}
}
loopback lo {
}
pppoe pppoe0 {
authentication {
password "[REMOVED]"
username "[REMOVED]"
}
description "AAISP-1"
dhcpv6-options
ip {
adjust-mss "1452"
}
ipv6 {
address {
autoconf
}
adjust-mss "1432"
}
mtu "1492"
source-interface "eth0.201"
}
pppoe pppoe1 {
authentication {
password "[REMOVED]"
username "[REMOVED]"
}
description "AAISP-2"
dhcpv6-options
ip {
adjust-mss "1452"
}
ipv6 {
address {
autoconf
}
adjust-mss "1432"
}
mtu "1492"
source-interface "eth0.202"
}
}
load-balancing {
wan {
interface-health pppoe0 {
nexthop "dhcp"
test 0 {
target "8.8.8.8"
}
}
interface-health pppoe1 {
nexthop "dhcp"
test 0 {
target "8.8.4.4"
}
}
rule 1 {
inbound-interface "eth1"
interface pppoe0 {
}
interface pppoe1 {
}
per-packet-balancing
}
}
}
service {
ntp {
allow-client {
address "127.0.0.0/8"
address "169.254.0.0/16"
address "10.0.0.0/8"
address "172.16.0.0/12"
address "192.168.0.0/16"
address "::1/128"
address "fe80::/10"
address "fc00::/7"
}
server time1.vyos.net {
}
server time2.vyos.net {
}
server time3.vyos.net {
}
}
ssh
}
system {
config-management {
commit-revisions "100"
}
console {
device ttyS0 {
speed "115200"
}
}
host-name "router.huskynet"
login {
user vyos {
authentication {
encrypted-password "[REMOVED]"
plaintext-password ""
}
}
}
syslog {
global {
facility all {
level "info"
}
facility local7 {
level "debug"
}
}
}
}Version:
vyos@router:~$ show version Version: VyOS 1.5-rolling-202409120007 Release train: current Release flavor: generic Built by: [email protected] Built on: Thu 12 Sep 2024 00:07 UTC Build UUID: ab6885a1-1970-4021-a315-dbbce3831676 Build commit ID: 55c17f9283f32d Architecture: x86_64 Boot via: installed image System type: bare metal Hardware vendor: Dell Inc. Hardware model: PowerEdge R210 II Hardware S/N: DXGH9X1 Hardware UUID: 4c4c4544-0058-4710-8048-c4c04f395831 Copyright: VyOS maintainers and contributors
Vtysh:
vyos@router:~$ vtysh Hello, this is FRRouting (version 9.1.1). Copyright 1996-2005 Kunihiro Ishiguro, et al. router# show run Building configuration... Current configuration: ! frr version 9.1.1 frr defaults traditional hostname router log syslog log facility local7 service integrated-vtysh-config ! ip route 0.0.0.0/0 pppoe0 tag 210 210 ip route 0.0.0.0/0 pppoe1 tag 210 210 ipv6 route ::/0 pppoe0 tag 210 210 ipv6 route ::/0 pppoe1 tag 210 210 ipv6 route [REMOVED]::/56 [REMOVED]::2 ! rpki exit ! end
Routes:
vyos@router:~$ show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP,
O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
T - Table, v - VNC, V - VNC-Direct, A - Babel, F - PBR,
f - OpenFabric,
> - selected route, * - FIB route, q - queued, r - rejected, b - backup
t - trapped, o - offload failure
S>* 0.0.0.0/0 [210/0] is directly connected, pppoe0, weight 1, 00:08:38
* is directly connected, pppoe1, weight 1, 00:08:38
vyos@router:~$ show ipv6 route
Codes: K - kernel route, C - connected, S - static, R - RIPng,
O - OSPFv3, I - IS-IS, B - BGP, N - NHRP, T - Table,
v - VNC, V - VNC-Direct, A - Babel, F - PBR,
f - OpenFabric,
> - selected route, * - FIB route, q - queued, r - rejected, b - backup
t - trapped, o - offload failure
S>r ::/0 [210/0] is directly connected, pppoe0, weight 1, 00:08:41
r is directly connected, pppoe1, weight 1, 00:08:41Log Output:
Nov 12 13:45:32 router zebra[1492]: [HSYZM-HV7HF] Extended Error: IPv6 routes can not use an IPv4 nexthop Nov 12 13:45:32 router zebra[1492]: [WVJCK-PPMGD][EC 4043309093] netlink-dp (NS 0) error: Invalid argument, type=RTM_NEWROUTE(24), seq=367, pid=3533212616 Nov 12 13:45:32 router zebra[1492]: [VYKYC-709DP] default(0:254):::/0: Route install failed