Сделал все по ниструкции, тесты проходит IPV6 работает!
Но на некоторые сайты не открываются, в частности reddit, github, все остальные сайты вроде открываются, выявлены по мере посещения!
Также не получает обновления через winbox [ERROR: connection time out]
Код: Выделить всё
# 2024-08-26 19:42:44 by RouterOS 7.15.3
# software id = 7365-DEHA
# model = C53UiG+5HPaxD2HPaxD
/ipv6 dhcp-server option
add code=23 name=option23-dns value=0x3f0c13400f1111110000000000000001
add code=23 name=dns-google value="'2001:4860:4860::8888'"
add code=23 name=dns-google2 value="'2001:4860:4860::8844'"
add code=23 name=CloudFlare value="'2606:4700:4700::1111'"
add code=23 name=CloudFlare2 value="'2606:4700:4700::1001'"
/ipv6 address
add address=0000:e2c0:4b3f::2 advertise=no interface=sit1
add address=0000:e2c0:4b3f:5555:: interface=bridge
add address=fd00::1 advertise=no disabled=yes interface=bridge
/ipv6 dhcp-server
add address-pool="" dhcp-option=dns-google,dns-google2 disabled=yes \
interface=bridge name=dhcp-ipv6
/ipv6 firewall filter
add action=passthrough chain=output comment=\
"accept dhcpv6 request from domru" dst-port=547 out-interface-list=WAN \
protocol=udp src-port=546
add action=accept chain=input comment="Allow established,relate connections" \
connection-state=established,related,untracked
add action=drop chain=input comment="drop invalid connections" \
connection-state=invalid
add action=accept chain=input comment="Accept ICMP (50/sec)" limit=\
10,20:packet protocol=icmpv6
add action=accept chain=input comment=\
"accept DHCPv6-Client prefix delegation." dst-port=546 in-interface-list=\
WAN protocol=udp src-port=547
add action=drop chain=input in-interface-list=!LAN
add action=log chain=input disabled=yes log-prefix=ipv6
add action=drop chain=input comment="Block All" log=yes log-prefix=IPV6
add action=accept chain=forward in-interface-list=WAN limit=20,50:packet \
protocol=icmpv6
add action=drop chain=forward in-interface-list=WAN protocol=icmpv6
add action=accept chain=forward comment=\
"Allow established,relate connections" connection-state=\
established,related,untracked
add action=drop chain=forward comment="drop invalid connections" \
connection-state=invalid
add action=accept chain=forward in-interface-list=LAN out-interface-list=WAN
add action=accept chain=forward in-interface-list=WAN out-interface-list=LAN
add action=log chain=forward disabled=yes log-prefix=ipv6-fw
add action=drop chain=forward comment="Block All" in-interface-list=!LAN
/ipv6 firewall mangle
add action=change-mss chain=forward disabled=yes in-interface=sit1 new-mss=\
clamp-to-pmtu passthrough=yes protocol=tcp tcp-flags=syn
add action=change-mss chain=forward disabled=yes new-mss=clamp-to-pmtu \
out-interface=sit1 passthrough=yes protocol=tcp tcp-flags=syn
add action=change-mss chain=forward dst-prefix=::/0 new-mss=clamp-to-pmtu \
out-interface=sit1 passthrough=yes protocol=tcp src-prefix=::/0 \
tcp-flags=syn
add action=change-mss chain=output new-mss=clamp-to-pmtu out-interface=sit1 \
passthrough=yes protocol=tcp tcp-flags=syn
/ipv6 nd
set [ find default=yes ] disabled=yes
add advertise-mac-address=no dns=2620:fe::fe,2620:fe::9 interface=bridge
/ipv6 nd prefix default
set preferred-lifetime=1h valid-lifetime=2h
/ipv6 route
add disabled=no distance=1 dst-address=2000::/3 gateway=0000:e2c0:4b3f::1 \
routing-table=main scope=30 suppress-hw-offload=no target-scope=10
/ipv6 settings
set accept-redirects=no accept-router-advertisements=no max-neighbor-entries=\
1024
