IPV6 and openwrt AP

erpomata · January 23, 2026, 3:25pm

Hello everyone,
I would like to have my OpenWrt 24.10.5 AP (no DHCP server, no firewall, no DNS) receive an IPv6 address assigned by my ISP.
The router seems able to assign addresses to my NAS, a Linux PC, and an Android phone, and all of these pass online tests, so I don’t think the problem is the router.
This is my network file:

config interface 'loopback'
	option device 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option packet_steering '2'

config device
	option type '8021q'
	option ifname 'lan1'
	option vid '11'
	option name 'lan1.11'

config interface 'iot'
	option proto 'static'
	option device 'br-iot'
	option ipaddr '192.168.11.253'
	option netmask '255.255.255.0'
	option gateway '192.168.11.254'
	list dns '192.168.11.254'
	list dns '1.1.1.1'
	list dns '8.8.8.8'
	list dns_search 'linux.pg'
	option ipv6 '0'

config device
	option type 'bridge'
	option name 'br-iot'
	list ports 'lan1.11'

config device
	option type '8021q'
	option ifname 'lan1'
	option vid '10'
	option name 'lan1.10'

config device
	option type 'bridge'
	option name 'br-lan10'
	list ports 'lan1.10'

config interface 'lan10'
	option proto 'static'
	option device 'br-lan10'
	option ipaddr '192.168.10.253'
	option netmask '255.255.255.0'
	option gateway '192.168.10.254'
	list dns '192.168.10.254'
	list dns '1.1.1.1'
	list dns '8.8.8.8'
	list dns_search 'linux.pg'
	option ipv6 '1'
	option delegate '0'
        option ip6assign '64'

config device
	option type 'bridge'
	option name 'br_recovery'
	list ports 'lan2'

config interface 'recovery'
	option proto 'static'
	option device 'br_recovery'
	option ipaddr '192.168.3.254'
	option netmask '255.255.255.0'
	option ipv6 '0'

config device
	option name 'lan2'

config device
	option type '8021q'
	option ifname 'lan1'
	option vid '9'
	option name 'lan1.9'

config device
	option type 'bridge'
	option name 'br-guest'
	list ports 'lan1.9'

config interface 'guest'
	option proto 'static'
	option device 'br-guest'
	option ipaddr '192.168.9.253'
	option netmask '255.255.255.0'
	option gateway '192.168.9.254'
	list dns '192.168.9.254'
	list dns '8.8.8.8'
	list dns '1.1.1.1'
	list dns_search 'linux.pg'
	option ipv6 '0'

This is the output of ip -6 route:

 ip -6 route
fe80::/64 dev eth0  metric 256 
fe80::/64 dev lan1  metric 256 
fe80::/64 dev br-guest  metric 256 
fe80::/64 dev br-lan10  metric 256 
fe80::/64 dev br-iot  metric 256 
fe80::/64 dev br_recovery  metric 256 
anycast fe80:: dev eth0  metric 0 
anycast fe80:: dev lan1  metric 0 
anycast fe80:: dev br-guest  metric 0 
anycast fe80:: dev br-iot  metric 0 
anycast fe80:: dev br-lan10  metric 0 
anycast fe80:: dev br_recovery  metric 0 
multicast ff00::/8 dev eth0  metric 256 
multicast ff00::/8 dev lan1  metric 256 
multicast ff00::/8 dev br-guest  metric 256 
multicast ff00::/8 dev br-lan10  metric 256 
multicast ff00::/8 dev br-iot  metric 256 
multicast ff00::/8 dev br_recovery  metric 256

What I want is for lan10 to have a static IPv4 address (as it does now) and also an IPv6 address.

Unfortunately, I can’t get it to work. Could you please help me?

Thank you.

MisterW · January 23, 2026, 4:27pm

You need the IPv6 options removed from the lan interface and an additional lan6 interface added , aliased to the lan interface. Set the lan6 protocol to dhcpv6 , reqaddress to ‘try’ , reqprefix to ‘no’

Here’s the extract of my network config fro my Openwrt bridged AP below although mines much simpler as I dont have any VLANs

config interface 'lan'
	option device 'br-lan'
	option proto 'static'
	option ipaddr '192.168.5.5'
	option netmask '255.255.255.0'
	option gateway '192.168.5.1'
	list dns '192.168.5.1'
	option delegate '0'

...

config interface 'lan6'
	option proto 'dhcpv6'
	option device '@lan'
	option reqaddress 'try'
	option reqprefix 'no'
	option norelease '1'
	option delegate '0'

my guess would be that you need to use @lan10 as the device in the lan6 config

NB I got my info from here https://openwrt.org/docs/guide-user/network/wifi/wifiextenders/bridgedap

HTH

mk24 · January 23, 2026, 4:58pm

Yes that is how to do it, use an alias interface. If working, ip addr show dev br-lan10 should report both types of addresses.

A bridged AP with multiple network VLANs should only hold an IP on the one network that will be used for administration. The untrusted Interfaces should be set to proto none ("Unmanaged" in the GUI). This prevents IoTs or guests from attempting to access the AP's IP address, as it does not have one.

There should also only be at most one option gateway in the whole configuration (if using DHCP for v4 and v6, zero option gateway since DHCP sets the gateway automatically).

_bernd · January 23, 2026, 10:51pm

If I'm not mistaken then router advertisement hence the name is only done via router advertisement. Dhcpv6 only hands out address and options.

In a hurry I only find this https://www.isc.org/blogs/routing-configuration-over-dhcpv6-2/

_bernd · January 23, 2026, 10:59pm

https://www.ietf.org/archive/id/draft-ietf-mif-dhcpv6-route-option-02.html this draft never has been flown?

erpomata · January 24, 2026, 7:52am

Hi, I followed your suggestion and everything went well. Thanks.