I'm trying to accomplish something and I'm stumped for a solution so I thought I'd see if anyone else here can help. I'm routing IPv6 on my ER-Lite (1.8.5) and I have a need to disable v6 for ONE host identified by mac address because v6 breaks it upstream and the device lacks the ability to turn it off. Initially, I thought I could do this with firewalling, but I don't see an obvious way to identify a host by mac. I can set a static v4 addr by mac to find it that way, but that doesn't do anything for v6 firewalling. I'm using stateless RA for my v6 addressing, and it would be best if I could just keep the bad host from ever getting any RA at all to prevent v6 addressing. Here's what my v6 LAN interface looks like (v6 addr obfuscated):
ethernet eth1 {
address 192.168.254.1/24
address 2602:cf:xxxx:8e00::1/64
description LAN
duplex auto
firewall {
in {
}
}
ipv6 {
dup-addr-detect-transmits 1
router-advert {
cur-hop-limit 64
link-mtu 1472
managed-flag false
max-interval 300
other-config-flag false
prefix 2602:cf:xxxx:8e00::/64 {
autonomous-flag true
on-link-flag true
valid-lifetime 2592000
}
reachable-time 0
retrans-timer 0
send-advert true
}
}
speed auto
}Any help would be appreciated!