Hi,
I have ipv6 fully working on my internal network, but I've encountered an issue relating to my ISP's use of dynamic ipv6.
The ipv6 addresses, issued to my local devices, incorporate the /48 network assigned by my ISP. When a new ipv6 /48 address is issued by the ISP, this breaks ipv6 on my internal network. I have to disconnect/reconnect the local devices to force them to receive a new ipv6 address in the new range.
Is there a way to automate this in OpenWrt - i.e. the router detects an ipv6 address change on the WAN interface and forces all ipv6 devices to update their addresses?
I have marked the other thread as resolved, because ipv6 is up and running on my home network.
Hi,
I recently renewed my 1Gbps fibre with my ISP and was switched to a CGNAT connection. I asked to be switched back to a Dynamic IP and they have kindly actioned my request.
This got me thinking about futureproofing my network. I don't think there are any guarantees that I will remain on a Dynamic IP in the longer term. CGNAT appears to be the only way newer ISPs can expand, so I will probably be forced to move to ipv6 at some point.
I've dipped my toe in the water by creating a new ipv6 WA…
This is a new/different issue and I've not been able to find any similar threads.
All the subnet addresses are being automatically updated when the new /48 block is received from the ISP, but the network hosts (e.g. my Windows PC) aren't updating their ipv6 addresses unless I manually reconnect the device by disabling and then enabling the LAN port.
Perhaps this is more of a Windows issue, but maybe there is an OpenWrt fix?
Working here on Windows 10 and 11.
OK, well please provide the output of:
ubus call system board
cat /etc/config/network
cat /etc/config/dhcp
1 Like
root@rp4-openwrt:~# ubus call system board
{
"kernel": "5.10.176",
"hostname": "rp4-openwrt",
"system": "ARMv8 Processor rev 3",
"model": "Raspberry Pi 4 Model B Rev 1.4",
"board_name": "raspberrypi,4-model-b",
"rootfs_type": "ext4",
"release": {
"distribution": "OpenWrt",
"version": "22.03.5",
"revision": "r20134-5f15225c1e",
"target": "bcm27xx/bcm2711",
"description": "OpenWrt 22.03.5 r20134-5f15225c1e"
}
}
root@rp4-openwrt:~# cat /etc/config/network
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option packet_steering '1'
config device
option name 'br-lan'
option type 'bridge'
list ports 'eth0.1'
config interface 'lan'
option device 'br-lan'
option proto 'static'
option netmask '255.255.255.0'
option ipaddr '192.168.0.1'
option delegate '0'
option ip6assign '64'
option ip6ifaceid '::1'
option ip6hint '1'
config interface 'vlan20'
option device 'eth0.20'
option proto 'static'
option netmask '255.255.255.0'
option ipaddr '192.168.20.1'
option ip6assign '64'
option ip6hint '20'
config interface 'vlan30'
option proto 'static'
option device 'eth0.30'
option ipaddr '192.168.30.1'
option netmask '255.255.255.0'
option ip6assign '64'
option ip6hint '30'
config interface 'vlan40'
option proto 'static'
option device 'eth0.40'
option ipaddr '192.168.40.1'
option netmask '255.255.255.0'
option ip6assign '64'
option ip6hint '40'
config interface 'vlan50'
option proto 'static'
option device 'eth0.50'
option ipaddr '192.168.50.1'
option netmask '255.255.255.0'
option ip6assign '64'
option ip6hint '50'
config interface 'wan_ipv4'
option device 'eth1'
option proto 'dhcp'
option hostname '*'
option peerdns '0'
list dns '1.1.1.1'
list dns '1.0.0.1'
config interface 'wan_ipv6'
option proto 'dhcpv6'
option device 'eth1'
option reqaddress 'try'
option reqprefix 'auto'
option peerdns '0'
config device
option name 'wlan0'
root@rp4-openwrt:~# cat /etc/config/dhcp
config dnsmasq
option domainneeded '1'
option localise_queries '1'
option rebind_localhost '1'
option expandhosts '1'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option localservice '1'
option ednspacket_max '1232'
option confdir '/tmp/dnsmasq.d'
option noresolv '1'
option doh_backup_noresolv '-1'
list doh_backup_server ''
list doh_backup_server '127.0.0.1#5054'
list doh_backup_server '127.0.0.1#5053'
list doh_backup_server '/use-application-dns.net/'
list server '127.0.0.1#5054'
list server '127.0.0.1#5053'
list server '/use-application-dns.net/'
list server '/mask.icloud.com/'
list server '/mask-h2.icloud.com/'
option domain 'homelan'
option local '/homelan/'
option rebind_protection '1'
option sequential_ip '1'
list address '/homelan/192.168.0.1'
config dhcp 'lan'
option interface 'lan'
option limit '150'
option leasetime '12h'
option dhcpv4 'server'
option ra_management '1'
option start '10'
option force '1'
option dhcpv6 'server'
option ra 'server'
config dhcp 'wan'
option interface 'wan'
option ignore '1'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '4'
config dhcp 'LAN'
option interface 'LAN'
option start '10'
option limit '150'
option leasetime '12h'
config dhcp 'Wireless'
option interface 'Wireless'
option start '100'
option limit '150'
option leasetime '12h'
config dhcp 'vlan20'
option interface 'vlan20'
option limit '150'
option leasetime '12h'
option start '10'
option dhcpv6 'server'
option ra 'server'
config dhcp 'vlan30'
option interface 'vlan30'
option start '100'
option limit '150'
option leasetime '12h'
option dhcpv6 'server'
option ra 'server'
config dhcp 'vlan40'
option interface 'vlan40'
option start '100'
option limit '150'
option leasetime '12h'
option dhcpv6 'server'
option ra 'server'
config dhcp 'vlan50'
option interface 'vlan50'
option start '100'
option limit '150'
option leasetime '12h'
option dhcpv6 'server'
option ra 'server'
Chatmandu:
ip6hint
I think you can remove this, you don't have a Static prefix.
Does your issue only occur on Windows machines?
Add: option ra_slaac '1'
Your stateless router announcements are off (i.e. that provide/force the new prefix).
That was added so that the vlan number would be used for the vlan subnets.
VLAN 402a02:xxxx:xxxx:40::1/64
No. Android phones also need to disconnect/reconnect. Internet remains functional, but the devices fallback to ipv4.
Thanks I'll give that a try.
I did notice in my cat /etc/config/dhcp output that there are two lan entries - lan and LAN.
Can the LAN entry be safely deleted?
config dhcp 'lan'
option interface 'lan'
option limit '150'
option leasetime '12h'
option dhcpv4 'server'
option ra_management '1'
option start '10'
option force '1'
option dhcpv6 'server'
option ra 'server'
config dhcp 'LAN'
option interface 'LAN'
option start '10'
option limit '150'
option leasetime '12h'
_bernd
September 28, 2023, 11:36am
8
Ip6hint works perfectly fine as intended also for dynamic prefix delegation.
4 Likes
Is that working - as you don't have a static prefix?
Then you need SLAAC - TBH, I didn't know Androids worked with SLAAC off.
Odd, cool I'll have to re-test here. It's been a while.
_bernd
September 28, 2023, 11:39am
10
Re: ip6hint. I have these since years in use for ULA and /56 dynamic gua. Btw this is one of the killer features from Openwrt regarding IPv6
3 Likes
Thanks, there's a LuCI parsing issue where it adds it subsequently to a config (I'm comparing a test device). It is indeed on by default.
Any ideas on OP's issue - given SLAAC is on?
I strongly believe that there is some problem in my IPv6 too of similar nature. But I can't exclude my provider either. I already caught him delaying prefix announcement occasionally. At the moment I added option ra_useleasetime '1' to my config dhcp 'lan' section and monitoring if it appears again.
I've just rebooted my router and been assigned a new ipv6 address.
The new address range is listed as a Temporary IPv6 Address, but all the other ipv6 addresses are using the old range.
The connection has fallen back to ipv4.
If I disconnect and reconnect the ethernet port, the old addresss are purged.
ipv6 is then operational again.
Proper way would be to check (tcpdump) if router actually makes announcement (after reboot and on intervals defined in configs). I believe we are having 5.2 from https://www.ripe.net/publications/docs/ripe-690#5-2--why-non-persistent-assignments-are-considered-harmful
2 Likes
Generally I'm a bit sick of IPv6 even after two years of using it. Phones don't have DHCPv6, there is an app you can use after rooting... but it knows nothing but IP addresses. SystemD had its own implementation issue in Debian 10 (the one used at the moment). Provider has (?) some announcement irregularities.
Try to run netsh interface ipv6 show address on the Windows machine to see the state and lifetime of each address after the prefix changes.
1 Like
I think that is exactly the issue that I am facing. Is there a way to force OpenWrt to 'send out RA packets with a prefix valid lifetime of 0 to tell all devices that the old addresses are no longer valid.'?
Could this be added as a startup task?
We should start with tcpdumping it. Could be three scenarios actually: a) RA after reboot b) Prefix change c) Expired lease time.
