Seems to me like the only reason,
neither dhcpv6 or static IPv6 get to work:
root@OpenWrt:~# odhcp6c -s /lib/netifd/dhcpv6.script -Ntry -P0 -t120 eth1.836
Command failed: Not found
^Croot@OpenWrt:~# Command failed: Not found
could be a script bug.
any help ?
ps: i tryed with isc-dhcpcv6, the error was "no such device"...
Can you give more information what you are trying to do? And what device you are using?
simple gw hooked on a ONT in france, the ISP has the IP traffic on vlan 836,
works fine if i plug my PC into it, as a dhcpv6 client.
with openwrt, dhcpcv6 fails, and in static mode I get No traffic at all.
From the vlan 836 do you get an ipv4 address? Are you sure that is the corect vlan?
yes IPV4 work fine: as static on openwrt and the PC and dhcpv4 on the PC and openwrt.
when I say PC, I mean the PC connected directly to the ONT: fiber/ethernet of the ISP
Are you sure that your isp providers you with ipv6 address then bc moust isp dosent give ipv6 address by default, other thing some isp give limited ip addresses are you sure that your isp dosent have a limit of the ip addresses you get?
they do, it is listed in my account interface, and it matches what my PC picks up as ipv6 address
Can you share a screenshot of the
network > interfaces
In your router web panel, ofc blur any public information like public ip/mac
You did not hide your ipv4 public ip as i told YA, this may result in unwanted things, but other then that i dont see a single reasson why your router dosent get ipv6 address 
Do you know why would
odhcp6c -s /lib/netifd/dhcpv6.script -Ntry -P0 -t120 eth1.836 throws "command failed"
and isc-dhcpv6 errors-out: no such device ?
To me the bug is around there, probably "device.XXX" not handled correctly ?
Are you sure that you have odhcp6c installed?
yup:
root@OpenWrt:~# which odhcp6c
/usr/sbin/odhcp6c
root@OpenWrt:~# odhcp6c -V
odhcp6c: option requires an argument: V
Usage: odhcp6c [options] <interface>
Feature options:
-S <time> Wait at least <time> sec for a DHCP-server (0)
-D Discard advertisements without any address or prefix proposed
-N <mode> Mode for requesting addresses [try|force|none]
-P <length> Request IPv6-Prefix (0 = auto)
-F Force IPv6-Prefix
-V <class> Set vendor-class option (base-16 encoded)
-u <user-class> Set user-class option string
-x <opt>:<val> Add option opt (with value val) in sent packets (cumulative)
Examples of IPv6 address, string and base-16 encoded options:
-x dns:2001:2001::1,2001:2001::2 - option 23
-x 15:office - option 15 (userclass)
-x 0x1f4:ABBA - option 500
-x 202:'"file"' - option 202
-c <clientid> Override client-ID (base-16 encoded 16-bit type + value)
-i <iface-id> Use a custom interface identifier for RA handling
-r <options> Options to be requested (comma-separated)
-R Do not request any options except those specified with -r
-s <script> Status update script (/usr/sbin/odhcp6c-update)
-a Don't send Accept Reconfigure option
-f Don't send Client FQDN option
-k Don't send a RELEASE when stopping
-t <seconds> Maximum timeout for DHCPv6-SOLICIT (120)
-m <seconds> Minimum time between accepting RA updates (3)
-L Ignore default lifetime for RDNSS records
-U Ignore Server Unicast option
Invocation options:
-p <pidfile> Set pidfile (/var/run/odhcp6c.pid)
-d Daemonize
-e Write logmessages to stderr
-v Increase logging verbosity
-h Show this help
root@OpenWrt:~# cat /etc/os-release
NAME="OpenWrt"
VERSION="22.03.3"
ID="openwrt"
ID_LIKE="lede openwrt"
PRETTY_NAME="OpenWrt 22.03.3"
VERSION_ID="22.03.3"
HOME_URL="https://openwrt.org/"
BUG_URL="https://bugs.openwrt.org/"
SUPPORT_URL="https://forum.openwrt.org/"
BUILD_ID="r20028-43d71ad93e"
OPENWRT_BOARD="ath79/generic"
OPENWRT_ARCH="mips_24kc"
OPENWRT_TAINTS=""
OPENWRT_DEVICE_MANUFACTURER="OpenWrt"
OPENWRT_DEVICE_MANUFACTURER_URL="https://openwrt.org/"
OPENWRT_DEVICE_PRODUCT="Generic"
OPENWRT_DEVICE_REVISION="v0"
OPENWRT_RELEASE="OpenWrt 22.03.3 r20028-43d71ad93e"
root@OpenWrt:~#
Please run the following commands (copy-paste the whole block) and paste the output here, using the "Preformatted text </> " button:
Remember to redact passwords, MAC addresses and any public IP addresses you may have
ubus call system board; \
uci export network; uci export firewall; \
nft list ruleset; \
ip -6 addr ; ip -6 ro li tab all ; ip -6 ru
Also, when you switch between devices connected on the ONT, make sure you power it off and wait for 10 minutes. Some ISPs are binding the MAC address to the leased addresses.
root@OpenWrt:~# ubus call system board; \
> uci export network; uci export firewall; \
> nft list ruleset; \
> ip -6 addr ; ip -6 ro li tab all ; ip -6 ru
+ ubus call system board
{
"kernel": "5.10.161",
"hostname": "OpenWrt",
"system": "Atheros AR7161 rev 2",
"model": "Netgear WNDR3700",
"board_name": "netgear,wndr3700",
"rootfs_type": "squashfs",
"release": {
"distribution": "OpenWrt",
"version": "22.03.3",
"revision": "r20028-43d71ad93e",
"target": "ath79/generic",
"description": "OpenWrt 22.03.3 r20028-43d71ad93e"
}
}
+ uci export network
package network
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fdac:0abc:615c::/48'
config interface 'wan'
option proto 'dhcp'
option device 'eth1.836'
config interface 'wan6'
option proto 'dhcpv6'
option device 'eth1.836'
option reqaddress 'try'
option reqprefix 'auto'
option force_link '1'
config device
option name 'br-lan'
option type 'bridge'
list ports 'eth0'
config device
option name 'eth0'
option macaddr 'c2:3f:0e:7a:8a:bc'
config interface 'lan'
option device 'br-lan'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
option ip6assign '60'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
option blinkrate '2'
config switch_vlan
option device 'switch0'
option vlan '1'
option ports '0 1 2 3 5'
config switch_port
option device 'switch0'
option port '1'
option led '6'
config switch_port
option device 'switch0'
option port '2'
option led '9'
config switch_port
option device 'switch0'
option port '5'
option led '2'
config device
option type '8021q'
option ifname 'eth1'
option vid '836'
option name 'eth1.836'
+ uci export firewall
package firewall
config defaults
option syn_flood '1'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
config zone
option name 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
list network 'lan'
config zone
option name 'wan'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
list network 'wan'
list network 'wan6'
config forwarding
option src 'lan'
option dest 'wan'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-IGMP'
option src 'wan'
option proto 'igmp'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-MLD'
option src 'wan'
option proto 'icmp'
option src_ip 'fe80::/10'
list icmp_type '130/0'
list icmp_type '131/0'
list icmp_type '132/0'
list icmp_type '143/0'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-IPSec-ESP'
option src 'wan'
option dest 'lan'
option proto 'esp'
option target 'ACCEPT'
config rule
option name 'Allow-ISAKMP'
option src 'wan'
option dest 'lan'
option dest_port '500'
option proto 'udp'
option target 'ACCEPT'
+ nft list ruleset
table inet fw4 {
chain input {
type filter hook input priority filter; policy accept;
iifname "lo" accept comment "!fw4: Accept traffic from loopback"
ct state established,related accept comment "!fw4: Allow inbound established and related flows"
tcp flags syn / fin,syn,rst,ack jump syn_flood comment "!fw4: Rate limit TCP syn packets"
iifname "br-lan" jump input_lan comment "!fw4: Handle lan IPv4/IPv6 input traffic"
iifname "eth1.836" jump input_wan comment "!fw4: Handle wan IPv4/IPv6 input traffic"
}
chain forward {
type filter hook forward priority filter; policy drop;
ct state established,related accept comment "!fw4: Allow forwarded established and related flows"
iifname "br-lan" jump forward_lan comment "!fw4: Handle lan IPv4/IPv6 forward traffic"
iifname "eth1.836" jump forward_wan comment "!fw4: Handle wan IPv4/IPv6 forward traffic"
jump handle_reject
}
chain output {
type filter hook output priority filter; policy accept;
oifname "lo" accept comment "!fw4: Accept traffic towards loopback"
ct state established,related accept comment "!fw4: Allow outbound established and related flows"
oifname "br-lan" jump output_lan comment "!fw4: Handle lan IPv4/IPv6 output traffic"
oifname "eth1.836" jump output_wan comment "!fw4: Handle wan IPv4/IPv6 output traffic"
}
chain prerouting {
type filter hook prerouting priority filter; policy accept;
iifname "br-lan" jump helper_lan comment "!fw4: Handle lan IPv4/IPv6 helper assignment"
}
chain handle_reject {
meta l4proto tcp reject with tcp reset comment "!fw4: Reject TCP traffic"
reject comment "!fw4: Reject any other traffic"
}
chain syn_flood {
limit rate 25/second burst 50 packets return comment "!fw4: Accept SYN packets below rate-limit"
drop comment "!fw4: Drop excess packets"
}
chain input_lan {
jump accept_from_lan
}
chain output_lan {
jump accept_to_lan
}
chain forward_lan {
jump accept_to_wan comment "!fw4: Accept lan to wan forwarding"
jump accept_to_lan
}
chain helper_lan {
}
chain accept_from_lan {
iifname "br-lan" counter packets 1440 bytes 113592 accept comment "!fw4: accept lan IPv4/IPv6 traffic"
}
chain accept_to_lan {
oifname "br-lan" counter packets 616 bytes 44896 accept comment "!fw4: accept lan IPv4/IPv6 traffic"
}
chain input_wan {
meta nfproto ipv4 udp dport 68 counter packets 0 bytes 0 accept comment "!fw4: Allow-DHCP-Renew"
icmp type echo-request counter packets 1470 bytes 53734 accept comment "!fw4: Allow-Ping"
meta nfproto ipv4 meta l4proto igmp counter packets 0 bytes 0 accept comment "!fw4: Allow-IGMP"
meta nfproto ipv6 udp dport 546 counter packets 0 bytes 0 accept comment "!fw4: Allow-DHCPv6"
ip6 saddr fe80::/10 icmpv6 type . icmpv6 code { mld-listener-query . no-route, mld-listener-report . no-route, mld-listener-done . no-route, mld2-listener-report . no-route } counter packets 0 bytes 0 accept comment "!fw4: Allow-MLD"
icmpv6 type { destination-unreachable, time-exceeded, echo-request, echo-reply, nd-router-solicit, nd-router-advert } limit rate 1000/second counter packets 24 bytes 1256 accept comment "!fw4: Allow-ICMPv6-Input"
icmpv6 type . icmpv6 code { packet-too-big . no-route, parameter-problem . no-route, parameter-problem . admin-prohibited, nd-neighbor-solicit . no-route, nd-neighbor-advert . no-route } limit rate 1000/second counter packets 0 bytes 0 accept comment "!fw4: Allow-ICMPv6-Input"
jump reject_from_wan
}
chain output_wan {
jump accept_to_wan
}
chain forward_wan {
icmpv6 type { destination-unreachable, time-exceeded, echo-request, echo-reply } limit rate 1000/second counter packets 0 bytes 0 accept comment "!fw4: Allow-ICMPv6-Forward"
icmpv6 type . icmpv6 code { packet-too-big . no-route, parameter-problem . no-route, parameter-problem . admin-prohibited } limit rate 1000/second counter packets 0 bytes 0 accept comment "!fw4: Allow-ICMPv6-Forward"
meta l4proto esp counter packets 0 bytes 0 jump accept_to_lan comment "!fw4: Allow-IPSec-ESP"
udp dport 500 counter packets 0 bytes 0 jump accept_to_lan comment "!fw4: Allow-ISAKMP"
jump reject_to_wan
}
chain accept_to_wan {
oifname "eth1.836" counter packets 2817 bytes 295294 accept comment "!fw4: accept wan IPv4/IPv6 traffic"
}
chain reject_from_wan {
iifname "eth1.836" counter packets 1602 bytes 76870 jump handle_reject comment "!fw4: reject wan IPv4/IPv6 traffic"
}
chain reject_to_wan {
oifname "eth1.836" counter packets 0 bytes 0 jump handle_reject comment "!fw4: reject wan IPv4/IPv6 traffic"
}
chain dstnat {
type nat hook prerouting priority dstnat; policy accept;
}
chain srcnat {
type nat hook postrouting priority srcnat; policy accept;
oifname "eth1.836" jump srcnat_wan comment "!fw4: Handle wan IPv4/IPv6 srcnat traffic"
}
chain srcnat_wan {
meta nfproto ipv4 masquerade comment "!fw4: Masquerade IPv4 wan traffic"
}
chain raw_prerouting {
type filter hook prerouting priority raw; policy accept;
}
chain raw_output {
type filter hook output priority raw; policy accept;
}
chain mangle_prerouting {
type filter hook prerouting priority mangle; policy accept;
}
chain mangle_postrouting {
type filter hook postrouting priority mangle; policy accept;
}
chain mangle_input {
type filter hook input priority mangle; policy accept;
}
chain mangle_output {
type route hook output priority mangle; policy accept;
}
chain mangle_forward {
type filter hook forward priority mangle; policy accept;
iifname "eth1.836" tcp flags syn tcp option maxseg size set rt mtu comment "!fw4: Zone wan IPv4/IPv6 ingress MTU fixing"
oifname "eth1.836" tcp flags syn tcp option maxseg size set rt mtu comment "!fw4: Zone wan IPv4/IPv6 egress MTU fixing"
}
}
+ ip -6 addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 state UNKNOWN qlen 1000
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 fe80::c23f:eff:fe7a:8abd/64 scope link
valid_lft forever preferred_lft forever
6: br-lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 fdac:abc:615c::1/60 scope global noprefixroute
valid_lft forever preferred_lft forever
inet6 fe80::c03f:eff:fe7a:8abc/64 scope link
valid_lft forever preferred_lft forever
7: eth1.836@eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 fe80::c23f:eff:fe7a:8abd/64 scope link
valid_lft forever preferred_lft forever
8: wlan1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 fe80::c23f:eff:fe7a:8abc/64 scope link
valid_lft forever preferred_lft forever
+ ip -6 ro li tab all
fdac:abc:615c::/64 dev br-lan metric 1024
unreachable fdac:abc:615c::/48 dev lo metric 2147483647
fe80::/64 dev br-lan metric 256
fe80::/64 dev eth1 metric 256
fe80::/64 dev eth1.836 metric 256
fe80::/64 dev wlan1 metric 256
local ::1 dev lo table local metric 0
anycast fdac:abc:615c:: dev br-lan table local metric 0
local fdac:abc:615c::1 dev br-lan table local metric 0
anycast fe80:: dev br-lan table local metric 0
anycast fe80:: dev eth1.836 table local metric 0
anycast fe80:: dev eth1 table local metric 0
anycast fe80:: dev wlan1 table local metric 0
local fe80::c03f:eff:fe7a:8abc dev br-lan table local metric 0
local fe80::c23f:eff:fe7a:8abc dev wlan1 table local metric 0
local fe80::c23f:eff:fe7a:8abd dev eth1.836 table local metric 0
local fe80::c23f:eff:fe7a:8abd dev eth1 table local metric 0
multicast ff00::/8 dev br-lan table local metric 256
multicast ff00::/8 dev eth1 table local metric 256
multicast ff00::/8 dev eth1.836 table local metric 256
multicast ff00::/8 dev wlan1 table local metric 256
+ ip -6 ru
0: from all lookup local
32766: from all lookup main
root@OpenWrt:~#
Looks good, try to capture some packets. First install tcpdump:
opkg update
opkg install tcpdump
Then capture the interesting packets and post the output here.
tcpdump -evni any udp port 547 & \
sleep 5; \
killall -SIGUSR1 odhcp6c; \
sleep 5; \
killall tcpdump
Copy paste the whole block of commands.
root@OpenWrt:~# tcpdump -evni any udp port 547 & \
> sleep 5; \
> killall -SIGUSR1 odhcp6c; \
> sleep 5; \
> killall tcpdump
+ sleep 5
+ tcpdump -evni any udp port 547
tcpdump: listening on any, link-type LINUX_SLL (Linux cooked v1), capture size 262144 bytes
+ killall -SIGUSR1 odhcp6c
+ sleep 5
19:20:22.282002 Out c0:3f:0e:7a:8a:bd ethertype IPv6 (0x86dd), length 166: (flowlabel 0xc703b, hlim 1, next-header UDP (17) payload length: 110) fe80::c23f:eff:fe7a:8abd.546 > ff02::1:2.547: [udp sum ok] dhcp6 solicit (xid=8e262e (elapsed-time 0) (option-request SIP-servers-domain SIP-servers-address DNS-server DNS-search-list SNTP-servers NTP-server AFTR-Name opt_67 opt_94 opt_95 opt_96 opt_82) (client-ID hwaddr type 1 c03f0e7a8abd) (reconfigure-accept) (Client-FQDN) (IA_NA IAID:1 T1:0 T2:0) (IA_PD IAID:1 T1:0 T2:0))
19:20:23.356938 Out c0:3f:0e:7a:8a:bd ethertype IPv6 (0x86dd), length 166: (flowlabel 0xc703b, hlim 1, next-header UDP (17) payload length: 110) fe80::c23f:eff:fe7a:8abd.546 > ff02::1:2.547: [udp sum ok] dhcp6 solicit (xid=8e262e (elapsed-time 107) (option-request SIP-servers-domain SIP-servers-address DNS-server DNS-search-list SNTP-servers NTP-server AFTR-Name opt_67 opt_94 opt_95 opt_96 opt_82) (client-ID hwaddr type 1 c03f0e7a8abd) (reconfigure-accept) (Client-FQDN) (IA_NA IAID:1 T1:0 T2:0) (IA_PD IAID:1 T1:0 T2:0))
19:20:25.596930 Out c0:3f:0e:7a:8a:bd ethertype IPv6 (0x86dd), length 166: (flowlabel 0xc703b, hlim 1, next-header UDP (17) payload length: 110) fe80::c23f:eff:fe7a:8abd.546 > ff02::1:2.547: [udp sum ok] dhcp6 solicit (xid=8e262e (elapsed-time 331) (option-request SIP-servers-domain SIP-servers-address DNS-server DNS-search-list SNTP-servers NTP-server AFTR-Name opt_67 opt_94 opt_95 opt_96 opt_82) (client-ID hwaddr type 1 c03f0e7a8abd) (reconfigure-accept) (Client-FQDN) (IA_NA IAID:1 T1:0 T2:0) (IA_PD IAID:1 T1:0 T2:0))
+ killall tcpdump
3 packets captured
3 packets received by filter
0 packets dropped by kernel
[2]+ Done tcpdump -evni any udp port 547
root@OpenWrt:~#
There isn't any response from DHCP6 server. Check with your ISP if they have some MAC binding on the ONT or their DHCP6 server.
I cant check that,
they gave me an ipv6 range,
but no dns or gw/neighboor address,
so even going static , i don't know how to precisely proceed
with a script i have discovered two vlan id s that are active
the script takes for ever to scan 4096 vlans...
i made a pause at 1024 so far
the ISP is "Free" , in France, if anyone has more infos
of course I 'v put the ISP's modem MAC on my interface ...still no luck