Alors pour le DNS je suis en Dual-Stack donc normalement c'est mon DNS ipv4 qui répond pour les IPv6, normalement ce n'est pas un soucis.
Pour les tests de firewall j'ai testé sans aucune règle dans le firewall du mikrotik après j'ai des règles simple, mais si le firewall était le soucis aucun ping ne passerait non ?
Pour la COS6 c'est fait avec :
add action=set-priority chain=output dst-port=547 ip-protocol=udp mac-protocol=ipv6 new-priority=6 out-interface=vlan832-internet
Un petit traceroute avec resolution DNS
traceroute -6 dns.google.com
traceroute to dns.google.com (2001:4860:4860::8888), 30 hops max, 80 byte packets
1 2a01cb05XXXX00000001.ipv6.abo.wanadoo.fr (2a01:cb05:XXXX::1) 0.078 ms 0.065 ms *
2 2a01cb08a004020f0193025300760193.ipv6.abo.wanadoo.fr (2a01:cb08:a004:20f:193:253:76:193) 1.403 ms 1.465 ms 1.534 ms
3 2a01:cfc4:0:200::b (2a01:cfc4:0:200::b) 8.642 ms 8.686 ms *
4 * * *
5 2001:4860:1:1::4b0 (2001:4860:1:1::4b0) 8.556 ms 8.598 ms 2001:688:0:3:8::17a (2001:688:0:3:8::17a) 8.524 ms
6 2a00:1450:80c7::1 (2a00:1450:80c7::1) 8.348 ms 2a00:1450:8121::1 (2a00:1450:8121::1) 7.957 ms 2a00:1450:812f::1 (2a00:1450:812f::1) 8.152 ms
7 2001:4860:0:1::51fb (2001:4860:0:1::51fb) 7.816 ms dns.google (2001:4860:4860::8888) 7.668 ms 8.491 ms
Encore un ping ce matin (depuis un linux au lieu du mac BSD)
PING dns.google.com(dns.google (2001:4860:4860::8888)) 56 data bytes
64 bytes from dns.google (2001:4860:4860::8888): icmp_seq=1 ttl=116 time=9.21 ms
From gecko-arch (2a01:cb05:XXXX:ee38) icmp_seq=7 Destination unreachable: Address unreachable
From gecko-arch (2a01:cb05:XXXX:ee38) icmp_seq=8 Destination unreachable: Address unreachable
From gecko-arch (2a01:cb05:XXXX:ee38) icmp_seq=9 Destination unreachable: Address unreachable
64 bytes from dns.google (2001:4860:4860::8888): icmp_seq=10 ttl=116 time=8.50 ms
From gecko-arch (2a01:cb05:XXXX:ee38) icmp_seq=20 Destination unreachable: Address unreachable
From gecko-arch (2a01:cb05:XXXX:ee38) icmp_seq=21 Destination unreachable: Address unreachable
From gecko-arch (2a01:cb05:XXXX:ee38) icmp_seq=22 Destination unreachable: Address unreachable
64 bytes from dns.google (2001:4860:4860::8888): icmp_seq=23 ttl=116 time=9.12 ms
64 bytes from dns.google (2001:4860:4860::8888): icmp_seq=24 ttl=116 time=8.63 ms
^C
--- dns.google.com ping statistics ---
24 packets transmitted, 4 received, +6 errors, 83.3333% packet loss, time 23282ms
rtt min/avg/max/mdev = 8.496/8.865/9.211/0.307 ms
Mes routes ipv6 sur la machine
ip -6 route show dev enp6s0
2a01:cb05:XXXX::/64 proto ra metric 100 pref medium
fe80::/64 proto kernel metric 100 pref medium
default via fe80::2ec8:1bff:febb:f927 proto ra metric 20100 pref medium
fe80::2ec8:1bff:febb:f927 c'est l'IP que j'ai sur mon interface br-wan sur le CCR
Flags: X - disabled, I - invalid, D - dynamic, G - global, L - link-local
# ADDRESS FROM-POOL INTERFACE ADVERTISE
0 DL fe80::2ec8:1bff:febb:f927/64 br-wan no
1 DL fe80::2ec8:1bff:febb:f931/64 sfpplus10-WAN no
2 G 2a01:cb05:xxxxxxxxx::1/64 pool_FT_6 br-wan yes