IPv6 access after pinging the global address of the LAN side

Installing and Using OpenWrt
1

Hi everyone,

My setup is:

  • OpenWRT 21.02 within a Proxmox VM
  • Passthrough of PCIe NIC for WAN
  • Using Proxmox bridge for LAN side

My ISP is providing me a /60 with PD. For the moment, I keep things simple I am using SLAAC with RA.
The results are:

  • WAN IPv6 connection works flawlessly
  • Windows and iOS/tvOS hosts have no problem using IPv6 connectivity as far I noticed
  • GNU/Linux OSes and derivatives (Android) cannot use IPv6 at boot (in most cases, NetworkManager seems to add an extra difficulty by taking time to grab an IPv6) and need to ping LAN IPv6 global address in order to use IPv6. The weird thing is that RA are properly received, do not expire and autoconfiguration (with or without privacy extension) works well but after a certain period of inactivity, IPv6 connection will drop and pinging again the global address of the LAN bridge is required (i.e. maintaining an IPv6 activity prevents this issue to occur).

I am wondering what can the cause:

  • Proxmox bridge?
  • some sysctl variable to be tuned?
  • a package?
  • something else?

My OpenWRT setup with, I believe, the most interesting sections are:
/etc/config/network

config interface 'loopback'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'
	option device 'lo'

config globals 'globals'
	option packet_steering '1'

config interface 'lan'
	option proto 'static'
	option ipaddr '192.168.1.1'
	option netmask '255.255.255.0'
	list dns '192.168.1.33'
	list dns '192.168.1.4'
	list dns '80.67.169.40'
	option ip6ifaceid '::e1'
	option ip6assign '64'
	option device 'br-lan'

config interface 'wan'
	option proto 'dhcp'
	option macaddr '28:9E:FC:xx:xx:xx'
	option vendorid 'BYGTELIAD'
	option device 'eth1.100'
	option ip6assign '64'
	option delegate '0'

config interface 'wan6'
	option macaddr '28:9E:FC:xx:xx:xx'
	option proto 'dhcpv6'
	option clientid '00030001289EFCxxxxxx'
	option reqprefix 'auto'
	option reqaddress 'try'
	option device 'eth1.100'
	option ip6assign '64'
	option ip6ifaceid '::1'

config interface 'telephone'
	option proto 'static'
	option ipaddr '192.168.9.1'
	option netmask '255.255.255.0'
	option device 'br-telephone'

config interface 'ONT'
	option proto 'static'
	option ipaddr '192.168.100.99'
	option netmask '255.255.255.0'
	option device 'eth1'

config device
	option name 'br-lan'
	option type 'bridge'
	list ports 'eth0'
	list ports 'eth2'
	option igmp_snooping '1'
	option igmpversion '2'
	option acceptlocal '1'
	option sendredirects '0'

config device
	option name 'br-telephone'
	option type 'bridge'
	list ports 'br-lan.100'
	option igmp_snooping '1'
	option igmpversion '2'

config device
	option name 'eth1.100'
	option type '8021q'
	option ifname 'eth1'
	option vid '100'
	option igmpversion '2'
	option macaddr '28:9E:FC:xx:xx:xx'

/etc/config/dhcp

config dnsmasq
	option domainneeded '1'
	option localise_queries '1'
	option rebind_protection '1'
	option rebind_localhost '1'
	option local '/lan/'
	option domain 'lan'
	option expandhosts '1'
	option authoritative '1'
	option readethers '1'
	option leasefile '/tmp/dhcp.leases'
	option resolvfile '/tmp/resolv.conf.auto'
	option localservice '1'
	option filterwin2k '1'
	option quietdhcp '1'
	option tftp_root '/etc/perso/tftp'
	option enable_tftp '1'
	list server '80.67.169.40'
	list server '80.67.169.12'
	list server '192.168.1.33'

config dhcp 'lan'
	option interface 'lan'
	option limit '150'
	option start '10'
	list dhcp_option '6,192.168.1.33,192.168.1.4'
	option force '1'
	option ndp 'hybrid'
	option ndproxy_routing '0'
	option dhcpv6 'relay'
	option ra 'server'
	option leasetime '2h'
	list ra_flags 'none'

config dhcp 'wan'
	option interface 'wan'
	option ignore '1'
	list ra_flags 'none'

config odhcpd 'odhcpd'
	option maindhcp '0'
	option leasefile '/tmp/hosts/odhcpd'
	option leasetrigger '/usr/sbin/odhcpd-update'
	option loglevel '4'

config dhcp 'telephone'
	option start '100'
	option leasetime '12h'
	option limit '150'
	option interface 'telephone'

I am using OpenWRT default options for IPv6 firewalling

Concerning each host by itself, nothing strange:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 state UNKNOWN qlen 1000
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0@if35: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
    inet6 2001:861:1234:df60:1808:29ff:fedd:7edb/64 scope global dynamic mngtmpaddr 
       valid_lft 5876sec preferred_lft 4076sec
    inet6 fe80::1808:29ff:fedd:7edb/64 scope link 
       valid_lft forever preferred_lft forever

2001:861:490d:df60::/64 dev eth0 proto kernel metric 256 expires 5877sec pref medium
fe80::/64 dev eth0 proto kernel metric 256 pref medium
default via fe80::5401:adff:fe4e:a759 dev eth0 proto ra metric 1024 expires 1769sec hoplimit 64 pref medium

I did some captures but I am struggling to find an evidence of what is going bad.
Any idea will be appreciated. :wink:

Cheers !