I recently setup an X86 PC with Openwrt and wireguard to route all my network traffic through a VPN. The VPN provider does not provide a /64 prefix and instead /128 so I needed to set up NAT6 in order to route IPV6 traffic through the VPN.
I followed this guide: https://openwrt.org/docs/guide-user/network/ipv6/ipv6.nat6 to set up NAT6. I settled on using the https://openwrt.org/docs/guide-user/network/ipv6/ipv6.nat6#nat6_simplified script instead of the one defined here https://openwrt.org/docs/guide-user/network/ipv6/ipv6.nat6#firewall.
It appears that NAT6 is set up properly when executing all the commands (i.e traffic routes and visiting https://ipv6-test.com/ shows IPv6 connectivity). However upon a system reboot IPv6 connectivity is lost.
If I place the following lines in a Local Startup script NAT6 appears to work on boot.
sleep 10
/etc/init.d/firewall restart
This seems more like a workaround than a real solution. Can someone provide some insight on how to get this to work without adding an arbitrary sleep and then resetting the service? My gut instinct points to the VPN interface must be connected before the NAT6 script executes.