Dual-stack, native IPv6, public A & AAAA records and a web proxy

Hello, I have a dual-stack native setup. On my public DNS I have a domain and set up various A and AAAA records pointing to my router.

The problem: I have an internal Web reverse proxy/server. Now, depending on the OS I suppose, in a dual stack internal LAN, mydomain.com resolves either to v6 or v4 adress (v6 has priority most cases).

When using v4 only, mydomain.com resolves properly and the internal proxy serves the website correctly from, as it is behind NAT, and I have ports 80 and 443 forwarded.

But from another remote hosts, when mydomain.com's global ipv6 address is resolved, it is pointing to the routers's global address first, obviously, and of course in this case the website is not served from the proxy. This is due to the router having a [my:global:ipv6:addr::1] and the proxy host has an [my:global:ipv6:addr::2] for example (all adresses assigned with SLAAC, these are not manual).

From my internal network, mydomain.com resolves to... Luci of course.

I tried specifying a subdomain like v6.mydomain.com with an AAAA only to the proxy's global IP, and obviously it does work that way. I suppose I need to point the root domain's (mydomain.com) AAAA to the proxy's address as well.

My question: it is possible to "ask" OpenWrt to somehow try to redirect the incoming IPv6 requests on ports 80, 443 to the web server's global IP? Or I should ask if there is a better solution for this practice (apart from playing with A/AAAA records)?

You should be pointing the AAAA record at the IP for the actual device hosting the service. You then add a traffic rule (rather than forwarding) to the firewall to allow access to the relevant ports.