On official openwrt wiki, wireguard server it gives an ipv6 ip with fd... Blah blah ip. But afaik that IP is local ULA Ip, doesnt work on real internet. So, should I just use one of /56 prefixes that my ISP delegated to me, to make ipv6 work just right?
Ok I did just that, but what about if ISP changes prefix? Can't we automatically assign somehow?
when isp delegates a single /64 dynamic prefix on wan6 interface, i have the following saved as /etc/nftables.d/11-ipv6npt.sh
WAN6_IF="wan6"
VPN_IF="vpn"
VPN_PFX="fd80:d00d::/64"
. /lib/functions/network.sh
network_flush_cache
network_get_device WAN6_DEV "${WAN6_IF}"
network_get_prefix6 WAN6_PFX "${WAN6_IF}"
nft delete table ip6 ipv6npt 2>/dev/null
nft add table ip6 ipv6npt
nft add chain ip6 ipv6npt postrouting {type nat hook postrouting priority srcnat\;}
nft add rule ip6 ipv6npt postrouting \
oifname "${WAN6_DEV}" \
ip6 saddr "${VPN_PFX}" \
snat ip6 prefix to ip6 \
saddr map { "${VPN_PFX}" : "${WAN6_PFX}" }
in firewall:
config include 'ipv6npt'
option path '/etc/nftables.d/11-ipv6npt.sh'
may also have to set:
uci set network.wan6.sourcefilter='0'
from : https://openwrt.org/docs/guide-user/firewall/fw3_configurations/fw3_nat#ipv6_npt
Sorry I meant 56. My ISP delegates 56 prefix.
That is exactly why you use an ULA address with NPT or NAT66.
WireGuard Server Setup Guide
Ok if I use that, won't ipv6 behave like ipv4? Isn't what you say similiar to NAT in ipv4? Afaik ipv6 isn't supposed to be behind a NAT. And would I get an ipv6 on WAN?
That is totally unrelated
Yes, although NPT is slightly different but related
Why not?
The fact that it is usually not needed does not mean you cannot use NAT/NPT.
You are free to use anything you want, I linked the guide how to setup a no hassle IPv4 and IPv6 implementation but if you want to use something different please do
I am just trying to use simplest and hassle-free way. If that requires NAT/NPT I will use that too. What about ipv6 DDNS though?
This is of topic for WireGuard but I will answer it anyway
Sure some DDNS services also support AAAA records with IPv6
I use noip.com for that and also dynv6.com but lots of other DDNS providers support AAAA/IPv6
If your problem is solved, please consider marking this topic as [Solved]. See How to mark a topic as [Solved] for a short how-to.
Thanks! 
I've done what is said in the PDF, up until to the advanced section. But now wan6 can't get prefix. Might be the ISP though the ipv6 they give is experimental at best.
I did that exactly same. But, my wireguard clients do get an ipv6, but exact same ip as wan6's IP, which is /64 prefix. Isn't that wrong that /64 is huge block, taken to a one device.
WireGuard should have nothing to do with a Prefix delegated to wan6.
ifstatus wan6 will show you if you have a PD delegated.
The WireGuard clients have their own ULA address but for the outside world they have the IPv6 address of the router your WireGuard server is running on as that is where the traffic enters the internet, just as the IPv4 address
Just last question. My mobile ISP on the phone doesnt have ipv6. So I connect through ipv4, does that make me have ipv6 when connecting to wg? I mean like real outside ipv6, not local.
Yes absolutely, my own phone provider (vodafone) only has IPv4 and when connected from my phone on cellular ipleak.net shows both the IPv4 and IPv6 address of my home WG server and test-ipv6.com shows 10/10
Of course you have to setup correctly as outlined in my notes and your home router which runs the WG server has to have a working IPv4 and IPv6 connection
If your problem is solved, please consider marking this topic as [Solved]. See How to mark a topic as [Solved] for a short how-to.
Thanks!