Set multiple IPv6's on some adapters?
-
I currently have this config:
(See attachment).Now I want to assign that 6to4 subnet in the WAN network, to LAN, so LAN does have 2 IPv6 subnets. Clients on LAN should still via radv dynamically assign IPs out of the 2001:: space configured, but one server set in LAN will have a static assignment out of the 2002:: space.
But if I only set the server to have a static assignment out of 2002:: space, then traffic will not be routed correctly. So how can I do so my server is multihomed over IPv6 both on a 2001:: and the 2002:: adress?
-
I bet your problem can be solved with VLANs.
I assume the problem is you have several machines, 1 wan, 1 lan and 1 switch and on that switch you want most things on 2001 IPs but just one things on 2002?
So you can create vlans and divide up your ipv6 addressses that way if you have a vlan capable switch. Never done it. Only just recently got IPV6 working correctly myself, but If I had your problem I'd want to divide up those IPV6 subnets by interface and vlans should work, one would think.
Just a thought - Since those machines with be on different IPV6 subnets (Either different /64s or /48s) I would think you would have to add a firewall rule one each gateway interface to allow ipv6 traffic from the other. Not sure, but I would assume so.
-
Also, if you insist on having multiple gateways for IPV6 traffic, I'm not usre if you can have more than 1 default gateway for IPV6. I do know that you can go into your LAN firewall rule, make a rule for allow all IPV6 traffic. Then put the IP of your 2002 computer in as source and then go down to advanced options and change the gateway on that rule to the gateway associated with the 2002 subnet. Never done it, but if you put that rule first in the list it should push all the IPV6 traffic from that 1 computer out to the correct gateway.
Lots of theory I've never had a reason to try.
-
No, on the machine which should have 2002-adress should also have a 2001-adress.
Eg, the server should be multi-homed, and be reachable on both a 2001-adress, AND a 2002-adress.
Thats why I must in some way appy 2 different IPv6 adapter adresses on the same interface.
-
Well - If you have a default ipv6 gateway, all the IPV6 traffic on the lan will try to go there.
So, I think if you put a pass-all firewall rule on the lan for anything originating from a 2002 ip and then at the bottom in the advanced section of that rule change the gateway from default top the correct gateway, your traffic will go out over the correct gateway.
I have not tried this with IPV6 but seems it should work.