Much of my existing work and documentation has been done under the following thread: Fibocom FM350-GL Support - #195 by mrhaav just in case anyone wants to go back and look. But the CLAT/XLAT discussion will continue here.
After doing some further testing to rule things out, here's the gist of what I am running into:
I currently have a T-Mobile (US) Prepaid data only SIM and intend to use it with my FM350-GL. Using the available packages to interact with it both in PCI and USB mode I can get a working connection and routable V6 addresses all day long but under SA mode it won't provide a V4 address. If I set it to do NSA only, it's more reliable but in some cases I still don't get an address.
In comparison, I have a couple Quectel EC25-AF LTE only cards and those I get a V4 address out of the gate no issues. I do have an RM520N-GL coming in that I'm also going to test with to see if maybe this issue is specific to the FM350.
From the research I've done, it seems at least on consumer lines like mine with T-Mobile they do V6 only and rely on CLAT for V4. However adding the 464xlat package to facilitate this, it always automatically props up a virtual interface for this but in the logs it constantly cycles up/down with no progress.
I originally had a much longer wall of text below, but I've read more into how CLAT works and through some tinkering I think I've narrowed down the culprit. As @AndrewZ mentioned in the other thread, it seems to be DNS related.
By default it appears T-Mobile is providing the two following V6 DNS addresses:
nameserver fd00:976a::9
nameserver fd00:976a::10
I also see this on my Pixel 6a connected to 5G. However if I try to do a lookup from OWRT, it is unable to reach their DNS servers. My phone can, however.
root@OpenWrt:~# nslookup -debug -type=aaaa ipv4only.arpa fd00:976a::9
nslookup: can't connect to remote host: Network unreachable
root@OpenWrt:~# ping -6 fd00:976a::9
PING fd00:976a::9 (fd00:976a::9): 56 data bytes
ping: sendto: Network unreachable
root@OpenWrt:~# nslookup -debug -type=aaaa ipv4only.arpa fd00:976a::10
nslookup: can't connect to remote host: Network unreachable
root@OpenWrt:~# ping -6 fd00:976a::10
PING fd00:976a::10 (fd00:976a::10): 56 data bytes
ping: sendto: Network unreachable
But what I found as a workaround is that I'm able to provide Google's DNS64 addresses through the main interface and after that the automatic 464 virtual interface comes up properly and V4 connections are routable.
config interface 'test'
option proto 'atc'
option device '/dev/ttyUSB1'
option apn 'fast.t-mobile.com'
option auth '0'
option pdp 'IPV4V6'
option atc_debug '2'
list dns '2001:4860:4860::64'
list dns '2001:4860:4860::6464'
root@OpenWrt:~# nslookup -type=aaaa ipv4only.arpa '2001:4860:4860::64'
Server: 2001:4860:4860::64
Address: [2001:4860:4860::64]:53
Non-authoritative answer:
Name: ipv4only.arpa
Address: 64:ff9b::c000:ab
Name: ipv4only.arpa
Address: 64:ff9b::c000:aa
root@OpenWrt:~# ping -4 google.com
PING google.com (142.250.190.142): 56 data bytes
64 bytes from 142.250.190.142: seq=0 ttl=52 time=41.228 ms
64 bytes from 142.250.190.142: seq=1 ttl=52 time=58.225 ms
^C
--- google.com ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 41.228/49.726/58.225 ms
root@OpenWrt:~# traceroute -4 google.com
traceroute to google.com (142.250.190.142), 30 hops max, 46 byte packets
1 192.0.0.1 (192.0.0.1) 0.051 ms 0.052 ms 0.051 ms
2 192.0.0.1 (192.0.0.1) 16.082 ms 24.253 ms 28.196 ms
3 192.0.0.1 (192.0.0.1) 16.399 ms 17.223 ms 23.710 ms
4 192.0.0.1 (192.0.0.1) 12.724 ms 24.277 ms 19.023 ms
5 192.0.0.1 (192.0.0.1) 12.730 ms 35.986 ms 19.147 ms
6 10.160.107.42 (10.160.107.42) 11.733 ms 17.317 ms 10.343 ms
7 10.177.56.16 (10.177.56.16) 23.561 ms 13.178 ms 23.819 ms
8 10.177.8.25 (10.177.8.25) 29.648 ms 42.738 ms 24.413 ms
9 10.177.9.69 (10.177.9.69) 29.268 ms 27.878 ms 19.274 ms
10^C
root@OpenWrt:~#
I'm not sure if this will induce any performance penalties going through Google's gateway vs T-Mobile's. If there's any recommended tests or potential fixes to getting T's DNS to respond, that'd be awesome. My OWRT install I'm currently testing with here is basically a stock out of the box config with the WAN/LAN zones and default firewall rules already preconfigured.