Need help with IPv6 config

Installing and Using OpenWrt Network and Wireless Configuration
1

Hi!

I am new to LEDE and OpenWRT and just set up my router (WNDR3700).
My problem is that i do not have IPv6 connectivity.
In the Diagnostics tab in the webinterface everything seems to work:

PING lede-project.org (2a03:b0c0:3:d0::1af1:1): 56 data bytes
64 bytes from 2a03:b0c0:3:d0::1af1:1: seq=0 ttl=52 time=7.847 ms

and on Windows i also get an IPv6 address:

Ethernet-Adapter Ethernet:
Verbindungsspezifisches DNS-Suffix (Connection Specific DNS Suffix) : lan
IPv6-Address. . . . . . . . . . . : fdb9:fea5:36a9::f89
IPv6-Address. . . . . . . . . . . : fdb9:fea5:36a9:0:3991:7af4:a0fb:3cea
Temporäre IPv6-Adresse (Temporary IPv6 Address). . . . . . : fdb9:fea5:36a9:0:4dff:e16a:6caf:1776
Verbindungslokale IPv6-Adresse (Link Local Address) . : fe80::3991:7af4:a0fb:3cea%14
IPv4-Adresse . . . . . . . . . . : 192.168.1.102
Subnetzmaske (Subnet Mask) . . . . . . . . . . : 255.255.255.0
Standardgateway (Default Gateway). . . . . . . . . : 192.168.1.1

(I hope this is still understandable despite it being german, i don't know how to quickly change my system language...)

But when i ping lede-project.org on windows, the name does not get resolved and even when i copy the IP address from the webinterface output, i get an error. I also noticed the Default Gateway field in the windows network config is empty.
Could this be a LEDE firewall problem? Or just the DHCP config? Can't seem to figure it out...

2

It is, but for future reference, try translate.google.com

Is the IPv6 WAN interface in LEDE connected?

1 Like
3

Your Windows PC gets only link-local IPv6 addresses (fdxx:xxxx....) instead of proper routable IPv6 addresses.

Looks like you have somehow mixed the IPv6 settings for LAN.

https://wiki.openwrt.org/doc/uci/network6#downstream_configuration_for_lan-interfaces
You are either missing the ip6assign from LAN network config, or DHCP IPv6 options are not set to "server". Those should be ok by default, but if you have sysupgraded from an really old version, those might be wrong.

And naturally, the correct setting will depend on your ISP's IPv6 connectivity mode. (but as your router has proper IPv6, I think that you have the basic connectivity ok)

4

Question, is this by any chance a deutsche telekom link (potentially even via a reseller like 1&1)? In that case IPv6 will not work out of the box. Could you post the wan6 section of /etc/config/network please?

5

@moeller0 I have a internet connection over my university.

config interface 'wan6'
        option ifname 'eth1'
        option proto 'dhcpv6'

@hnyman I did a clean install and also reset the configuration through LuCi, so i should be on default settings...
While looking through /etc/config/network i found this:

config interface 'lan'
    option type 'bridge'
    option ifname 'eth0'
    option proto 'static'
    option ipaddr '192.168.1.1'
    option netmask '255.255.255.0'
    option ip6assign '60'

So there is a "ip6assign".

I'm unfortunately not that familiar with how IPv6 works and which addresses are local and which not, reading through the linked wiki page right now.

Edit: The dhcpv6 option is also set to server

config dhcp 'lan'
    option interface 'lan'
    option start '100'
    option limit '150'
    option leasetime '12h'
    option dhcpv6 'server'
    option ra 'server'
6

Ah, then my idea was wrong, and all I can offer is the question whether your university assigns you a IPv6 prefix or just a /64. What does "ifstatus wan6" show?

Best Regards

7

See what this IPv6 test site says...

http://test-ipv6.com/

8

Since the output of ifstatus wan6 is a bit long, i put it in a pastebin:
https://pastebin.com/7DHZYDK2

Where i put "IP1" there was an IPv6 address, when i run a whois on the address i see the details of my ISP(/uni).

test-ipv6.com shows the following when connected through the router:

Test with IPv4 DNS record
ok (0.058s) using ipv4
Test with IPv6 DNS record
bad (0.008s)
Test with Dual Stack DNS record
ok (0.052s) using ipv4
Test for Dual Stack DNS and large packet
ok (0.044s) using ipv4
Test IPv4 without DNS
ok (0.148s) using ipv4
Test IPv6 without DNS
bad (0.008s)
Test IPv6 large packet
bad (0.030s)
Test if your ISP's DNS server uses IPv6
ok (0.069s) using ipv4
Find IPv4 Service Provider
ok (0.537s) using ipv4 ASN 553
Find IPv6 Service Provider
bad (0.043s)

Interestingly, when connecting my PC directly:

Test with IPv4 DNS record
ok (0.104s) using ipv4
Test with IPv6 DNS record
ok (0.088s) using ipv6
Test with Dual Stack DNS record
ok (0.051s) using ipv6
Test for Dual Stack DNS and large packet
ok (0.043s) using ipv6
Test IPv4 without DNS
ok (0.049s) using ipv4
Test IPv6 without DNS
ok (0.045s) using ipv6
Test IPv6 large packet
ok (0.037s) using ipv6
Test if your ISP's DNS server uses IPv6
ok (0.048s) using ipv6
Find IPv4 Service Provider
ok (0.178s) using ipv4 ASN 553
Find IPv6 Service Provider
ok (0.167s) using ipv6 ASN 553
9

From what I can understand from your "ifstatus wan6":

    "ipv6-address": [
            {
                    "address": "IP1",
                    "mask": 64,
                    "preferred": 604771,
                    "valid": 2591971
            }
    ],
    "ipv6-prefix": [

    ],

You do not get assigned an IPv6-prefix at all, but just a "measly" /64 (well it could be worse like a /128).
Now, maybe the ndp relay or dhcpv6 relay (or maybe hybrid instead of relay) options might still allow you to get working IPv6 on machines behind your lede router (see [https://wiki.openwrt.org/doc/techref/odhcpd for details).](https://wiki.openwrt.org/doc/techref/odhcpd for details).

10

What are your LEDE firewall settings for IPv6?

11

Ok, i seem to understand a bit more how all of this works... :smiley:

I just read this: https://stackoverflow.com/a/15266701/4162386
and am a bit concerned thet the following might be the case:

Edit: Looking again at your example I see that you explicitly specify the last 64 bits of the address. This might also mean that your ISP gave you one IPv6 address in a shared /64 (LAN) that the ISP operates.

Is this possible/likely?

12

default, which seem to apply to both v4 and v6

13

See this article on OpenWRT's site...

https://wiki.openwrt.org/doc/uci/network6

It appears your university is using a "native" IPv6 connection.

Your ISP may be using something else, like a "6rd tunnel", "6to4 tunnel", "ds-lite".