KPN fiber config with working IPv4 + IPTV, IPv6 not working

rb5009_kpn.rsc

# 2024-07-10 09:06:10 by RouterOS 7.15.2
# software id = BNE6-LLMM
#
# See https://gist.github.com/kcleong/426ae7a5c3c5ecb4870bb82966e80ef4 for a working config
#
# model = RB5009UPr+S+
# serial number = HF50964FXXX
/interface bridge
add arp=proxy-arp igmp-snooping=yes name=local
/interface vlan
add comment=TV interface=sfp-sfpplus1 name=vlan1.4 vlan-id=4
add comment=WAN interface=sfp-sfpplus1 name=vlan1.6 vlan-id=6
/interface pppoe-client
add add-default-route=yes allow=pap disabled=no interface=vlan1.6 \
    keepalive-timeout=20 name=pppoe-kpn user=kpn
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik

/ip dhcp-client option
add code=60 name=option60-vendorclass value="'IPTV_RG'"
/ip dhcp-server option
add code=60 name=option60-vendorclass value="'IPTV_RG'"
add code=28 name=option28-broadcast value="'192.168.22.255'"
/ip dhcp-server option sets
add name=IPTV options=option60-vendorclass,option28-broadcast
/ip pool
add name=dhcp_pool0 ranges=192.168.22.50-192.168.22.200
/ip dhcp-server
add address-pool=dhcp_pool0 interface=local lease-time=4h name=dhcp1

/ppp profile
set *0 remote-ipv6-prefix-pool=kpn-pool

/interface detect-internet
set detect-interface-list=all
/interface list member
add comment=defconf interface=pppoe-kpn list=WAN

/ip address
add address=192.168.22.1/24 interface=local network=192.168.22.0
/ip dhcp-client
add default-route-distance=210 dhcp-options=option60-vendorclass interface=\
    vlan1.4 use-peer-dns=no use-peer-ntp=no
/ip dhcp-server lease
add address=192.168.22.197 client-id=1:c4:eb:42:65:d7:60 comment=\
    "KPN TV decoder #1" dhcp-option-set=IPTV mac-address=C4:EB:42:65:D7:60 \
    server=dhcp1
/ip dhcp-server network
add address=192.168.22.0/24 dns-server=192.168.22.1 gateway=192.168.22.1
/ip dns
set allow-remote-requests=yes servers=\
    45.90.28.40,45.90.30.40,195.121.1.34,195.121.1.66

/ip firewall filter
add action=fasttrack-connection chain=forward comment=\
    "fast-track for established,related" connection-state=established,related \
    hw-offload=yes
add action=accept chain=input comment="accept established,related" \
    connection-state=established,related
add action=accept chain=input comment="IPTV IGMP" dst-address=224.0.0.0/4 \
    in-interface=vlan1.4 protocol=igmp
add action=drop chain=input connection-state=invalid
add action=accept chain=input comment="allow ICMP" in-interface=pppoe-kpn \
    protocol=icmp
add action=drop chain=input comment="block everything else" in-interface=\
    pppoe-kpn
add action=fasttrack-connection chain=forward comment=\
    "fast-track for established,related" connection-state=established,related \
    hw-offload=yes
add action=accept chain=forward comment="accept established,related" \
    connection-state=established,related
add action=drop chain=forward connection-state=invalid
add action=drop chain=forward comment=\
    "drop access to clients behind NAT from WAN" connection-nat-state=!dstnat \
    connection-state=new in-interface=pppoe-kpn
/ip firewall nat
add action=masquerade chain=srcnat out-interface=pppoe-kpn
add action=masquerade chain=srcnat comment=IPTV dst-address=213.75.112.0/21 \
    out-interface=vlan1.4
add action=masquerade chain=srcnat comment=IPTV dst-address=217.166.0.0/16 \
    out-interface=vlan1.4
add action=masquerade chain=srcnat comment=IPTV dst-address=10.207.0.0/20 \
    out-interface=vlan1.4
add action=dst-nat chain=dstnat comment=torrent dst-port=16881 \
    in-interface-list=WAN protocol=tcp to-addresses=192.168.22.2 to-ports=\
    16881
add action=dst-nat chain=dstnat comment=zerotier dst-port=9993 \
    in-interface-list=WAN protocol=tcp to-addresses=192.168.22.26 to-ports=\
    9993
add action=dst-nat chain=dstnat comment=wireguard dst-port=51820 \
    in-interface-list=WAN protocol=tcp to-addresses=192.168.22.28 to-ports=\
    51820
add action=dst-nat chain=dstnat comment=plex dst-port=32400 \
    in-interface-list=WAN protocol=tcp to-addresses=192.168.22.199 to-ports=\
    32400
add action=dst-nat chain=dstnat comment=http dst-port=80 in-interface-list=\
    WAN protocol=tcp to-addresses=192.168.22.8 to-ports=8080
add action=dst-nat chain=dstnat comment=https dst-port=443 in-interface-list=\
    WAN protocol=tcp to-addresses=192.168.22.8 to-ports=4443

/ipv6 address
add address=::1 from-pool=kpn-pool interface=local
/ipv6 dhcp-client
add add-default-route=yes interface=pppoe-kpn pool-name=kpn-pool \
    pool-prefix-length=48 request=prefix use-peer-dns=no

/ipv6 firewall filter
add action=accept chain=input comment="defconf: accept ICMPv6 after RAW" \
    protocol=icmpv6
add action=accept chain=input comment=\
    "defconf: accept established,related,untracked" connection-state=\
    established,related,untracked
add action=accept chain=input comment="defconf: accept UDP traceroute" \
    dst-port=33434-33534 protocol=udp
add action=accept chain=input comment=\
    "defconf: accept DHCPv6-Client prefix delegation." dst-port=546 protocol=\
    udp src-address=fe80::/10
add action=accept chain=input comment="defconf: accept IKE" dst-port=500,4500 \
    protocol=udp
add action=drop chain=input comment="defconf: drop all not coming from LAN" \
    in-interface-list=!LAN
/ipv6 nd
set [ find default=yes ] advertise-mac-address=no hop-limit=64 interface=\
    local

/routing igmp-proxy
set quick-leave=yes
/routing igmp-proxy interface
add interface=local
add alternative-subnets=0.0.0.0/0 interface=vlan1.4 upstream=yes

/snmp
set enabled=yes
/system clock
set time-zone-name=Europe/Amsterdam
/system note
set show-at-login=no