Hi,
I'm running a dual router configuration with my ISP router and OpenWRT 19.07.2 on a Meraki Z1. However, after a period of a few hours to a day the LAN clients lose their IPv6 connectivity. I'm not sure about the time period.
I do not run an exotic setup. It's just your standard configuration with the RA server enabled for stateless client auto-configuration and the DHCPv6 server disabled. The IPv6 prefix is requested via DHCPv6-PD and I successfully get a /60 prefix (which is dynamic but hasn't changed yet). Out of that prefix a /64 prefix is assigned to my LAN interface.
From the router's perspective, the router still has a working IPv6 connection. The requested delegated prefix still remains valid and mentioned on the OpenWRT status page. I can still ping to public IPv6 addresses from OpenWRT. A restart of the WAN6 interface resolves my problems till it happens again. I've read it could be a multicast problem, but ifconfig
reports multicast is still running on all interfaces. It seems more like a routing problem for me.
Here are the relevant parts of my configuration.
# /etc/config/dhcp
config dhcp 'lan'
option interface 'lan'
option start '100'
option limit '150'
option leasetime '12h'
list domain 'home.shibe.nl'
list dns '2001:aaaa:aaaa:bbf0::1'
option ra 'server'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '4'
# /etc/config/
config interface 'lan'
option type 'bridge'
option ifname 'eth0.1'
option proto 'static'
option ipaddr '192.168.200.1'
option netmask '255.255.255.0'
option ip6ifaceid '::1'
option ip6hint '0'
option ip6assign '64'
config interface 'wan6'
option ifname 'br-wan'
option proto 'dhcpv6'
list dns '2606:4700:4700::1111'
list dns '2606:4700:4700::1001'
option reqprefix 'auto'
option reqaddress 'try'
option peerdns '0'
These are the routes on my OpenWRT router in a working state (2001:aaaa:aaaa:bb00::/64
is the prefix assigned to my ISP router, 2001:aaaa:aaaa:bbf0::/64
is the prefix assigned to my OpenWRT router via DHCPv6-PD). Both come from a delegated prefix length of /60.
default from 2001:aaaa:aaaa:bb00:cccc:cccc:cccc:5460 via fe80::dddd:dddd:dddd:b650 dev br-wan metric 512
default from 2001:aaaa:aaaa:bb00::/64 via fe80::dddd:dddd:dddd:b650 dev br-wan metric 512
default from 2001:aaaa:aaaa:bbf0::/60 via fe80::dddd:dddd:dddd:b650 dev br-wan metric 512
2001:aaaa:aaaa:bb00::/64 dev br-wan metric 256
2001:aaaa:aaaa:bbf0::/64 dev br-lan metric 1024
unreachable 2001:aaaa:aaaa:bbf0::/60 dev lo metric 2147483647 error -148
fddc:404e:e9ed::/64 dev br-lan metric 1024
unreachable fddc:404e:e9ed::/48 dev lo metric 2147483647 error -148
fe80::/64 dev eth0 metric 256
fe80::/64 dev br-wan metric 256
fe80::/64 dev br-lan metric 256
anycast 2001:aaaa:aaaa:bb00:: dev br-wan metric 0
anycast 2001:aaaa:aaaa:bbf0:: dev br-lan metric 0
anycast fddc:404e:e9ed:: dev br-lan metric 0
anycast fe80:: dev eth0 metric 0
anycast fe80:: dev br-wan metric 0
anycast fe80:: dev br-lan metric 0
ff00::/8 dev eth0 metric 256
ff00::/8 dev br-lan metric 256
ff00::/8 dev br-wan metric 256
These are the routes on my OpenWRT router in a non-working state.
default from ::/64 via fe80::dddd:dddd:dddd:b650 dev br-wan metric 512
default from 2001:aaaa:aaaa:bb00:cccc:cccc:cccc:5460 via fe80::dddd:dddd:dddd:b650 dev br-wan metric 512
default from 2001:aaaa:aaaa:bb00::/64 via fe80::dddd:dddd:dddd:b650 dev br-wan metric 512
default from 2001:aaaa:aaaa:bbf0::/60 via fe80::dddd:dddd:dddd:b650 dev br-wan metric 512
::/64 dev br-wan metric 256
2001:aaaa:aaaa:bb00::/64 dev br-wan metric 256
2001:aaaa:aaaa:bbf0::/64 dev br-lan metric 1024
unreachable 2001:aaaa:aaaa:bbf0::/60 dev lo metric 2147483647 error -148
fddc:404e:e9ed::/64 dev br-lan metric 1024
unreachable fddc:404e:e9ed::/48 dev lo metric 2147483647 error -148
fe80::/64 dev eth0 metric 256
fe80::/64 dev br-wan metric 256
fe80::/64 dev br-lan metric 256
anycast 2001:aaaa:aaaa:bb00:: dev br-wan metric 0
anycast 2001:aaaa:aaaa:bbf0:: dev br-lan metric 0
anycast fddc:404e:e9ed:: dev br-lan metric 0
anycast fe80:: dev eth0 metric 0
anycast fe80:: dev br-wan metric 0
anycast fe80:: dev br-lan metric 0
ff00::/8 dev eth0 metric 256
ff00::/8 dev br-lan metric 256
ff00::/8 dev br-wan metric 256
Notice that the non-working state has two additional routes.
default from ::/64 via fe80::dddd:dddd:dddd:b650 dev br-wan metric 512
::/64 dev br-wan metric 256
From a clients perspective, the connection reverts back to IPv4. The general behavior is not consistent. Some clients loose all their IPv6 address, including the ULA address. Others loose only their temporary address generated by the privacy extension. In contrast to the router, clients cannot route IPv6 traffic.
These are the routes on a client in a working state. The 7ed0
subfix is the gateway, 16e9
is the stateless auto-configured address, and 1e5
is the temporary address.
IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
4 301 ::/0 fe80::dddd:dddd:dddd:7ed0
1 331 ::1/128 On-link
4 301 2001:aaaa:aaaa:bbf0::/60 fe80::dddd:dddd:dddd:7ed0
4 301 2001:aaaa:aaaa:bbf0::/64 On-link
4 301 2001:aaaa:aaaa:bbf0:dddd:dddd:dddd:16e9/128
On-link
4 301 2001:aaaa:aaaa:bbf0:dddd:dddd:dddd:1e5/128
On-link
4 301 fddc:404e:e9ed::/48 fe80::dddd:dddd:dddd:7ed0
4 301 fddc:404e:e9ed::/64 On-link
4 301 fddc:404e:e9ed:0:dddd:dddd:dddd:16e9/128
On-link
4 301 fddc:404e:e9ed:0:dddd:dddd:dddd:1e5/128
On-link
4 301 fe80::/64 On-link
4 301 fe80::dddd:dddd:dddd:16e9/128
On-link
1 331 ff00::/8 On-link
4 301 ff00::/8 On-link
===========================================================================
These are the routes from a client in a non-working state. The 7ed0
subfix is the gateway, 16e9
is the stateless auto-configured address, and 36a9
is the temporary address.
IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
4 291 ::/0 fe80::dddd:dddd:dddd:7ed0
1 331 ::1/128 On-link
4 291 2001:aaaa:aaaa:bbf0::/60 fe80::dddd:dddd:dddd:7ed0
4 291 2001:aaaa:aaaa:bbf0::/64 On-link
4 291 2001:aaaa:aaaa:bbf0:dddd:dddd:dddd:16e9/128
On-link
4 291 fddc:404e:e9ed::/48 fe80::dddd:dddd:dddd:7ed0
4 291 fddc:404e:e9ed::/64 On-link
4 291 fddc:404e:e9ed:0:dddd:dddd:dddd:36a9/128
On-link
4 291 fddc:404e:e9ed:0:dddd:dddd:dddd:16e9/128
On-link
4 291 fe80::/64 On-link
4 291 fe80::dddd:dddd:dddd:16e9/128
On-link
1 331 ff00::/8 On-link
4 291 ff00::/8 On-link
===========================================================================
Notice that the working state has an additional route.
4 301 2001:aaaa:aaaa:bbf0:dddd:dddd:dddd:1e5/128
On-link
The routing table seems to be messed up on the clients, and I don't know I can even trust this output. Different output on different clients depending on whether IPv6 addresses have disappeared or not from the clients interface. This is just an example of 1 single client.
So anyone knows what happens to cause this problem after a period of time, usually within 24 hours? A restart of the WAN6 interface and a reboot for the clients solves the problems.
Thank you.