OpenWRT 24.10.4 upgrade breaks IPv6

ianwroberts · October 30, 2025, 6:27am

I’ve been running OpenWRT 24.10.3 (and earlier versions) with IPv4/IPv6 dual stack on my OpenWRT One (mediatek/filogic) for several months.

I applied the 24.10.4 upgrade a couple of days ago and that seemed to proceed smoothly retaining the previous configuration but my IPv6 connectivity is now degraded/broken. I am receiving IPv6 addresses from my ISP but I see the following in syslog when my WAN interface loads:

odhcpd[2021]: No default route present, setting ra_lifetime to 0!

That message is NOT in the system logs before the upgrade.

IPv6 WAS working on my LAN and out to the WAN before but now is not operating within the LAN. I do seem to have IPv6 to DNS and some WAN hosts but not all.

Has anybody else had this experience?

Can you point me to information in the release notes or elsewhere that might guide me to changes I need to make?

timur.davletshin · October 30, 2025, 6:43am

I see no changes with pretty standard dual-stack connection, PPPoE+DHCPv6 (fixed IPv4 and /56 IPv6 prefix).

ianwroberts · October 30, 2025, 7:34am

Does anything here stand out?

network


config interface 'loopback'
	option device 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix '####:####:####::/48'
	option packet_steering '1'

config device
	option name 'br-lan'
	option type 'bridge'
	list ports 'eth1'

config interface 'lan'
	option device 'br-lan'
	option proto 'static'
	option ipaddr '192.168.1.1'
	option netmask '255.255.255.0'
	option ip6assign '60'

config interface 'wan'
	option device 'eth0'
	option proto 'pppoe'
	option username '*****'
	option password '*****'
	option ipv6 'auto'

config interface 'wan6'
	option device 'eth0'
	option proto 'dhcpv6'

config device
	option type 'bridge'
	option name 'br-guest'
	option bridge_empty '1'

config interface 'guest'
	option proto 'static'
	option device 'br-guest'
	option ipaddr '192.168.2.0'
	option netmask '255.255.255.0'
	option ip6assign '64'

config device
	option type 'bridge'
	option name 'br-iot'
	option bridge_empty '1'

config interface 'iot'
	option proto 'static'
	option device 'br-iot'
	option ipaddr '192.168.8.0'
	option netmask '255.255.255.0'

config route
	option interface 'lan'
	option target '192.168.8.0/24'
	option gateway '###.###.###.###'
	option disabled '1'

dhcp

config dnsmasq
	option domainneeded '1'
	option localise_queries '1'
	option rebind_protection '1'
	option rebind_localhost '1'
	option local '/lan/'
	option domain 'lan'
	option expandhosts '1'
	option cachesize '1000'
	option authoritative '1'
	option readethers '1'
	option leasefile '/tmp/dhcp.leases'
	option localservice '1'
	option ednspacket_max '1232'
	list server '/mask.icloud.com/'
	list server '/mask-h2.icloud.com/'
	list server '/use-application-dns.net/'
	list server '127.0.0.1#5053'
	list server '127.0.0.1#5054'
	option doh_backup_noresolv '-1'
	option noresolv '1'
	list doh_backup_server '/mask.icloud.com/'
	list doh_backup_server '/mask-h2.icloud.com/'
	list doh_backup_server '/use-application-dns.net/'
	list doh_backup_server '127.0.0.1#5053'
	list doh_backup_server '127.0.0.1#5054'
	list doh_server '127.0.0.1#5053'
	list doh_server '127.0.0.1#5054'

config dhcp 'lan'
	option interface 'lan'
	option start '100'
	option limit '150'
	option leasetime '12h'
	option dhcpv4 'server'
	option dhcpv6 'server'
	option ra 'server'
	list ra_flags 'managed-config'
	list ra_flags 'other-config'

config dhcp 'wan'
	option interface 'wan'
	option ignore '1'
...

firewall

config defaults
	option input 'REJECT'
	option output 'ACCEPT'
	option forward 'REJECT'
	option synflood_protect '1'

config zone
	option name 'lan'
	list network 'lan'
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'ACCEPT'

config zone
	option name 'wan'
	list network 'wan'
	list network 'wan6'
	option input 'DROP'
	option output 'ACCEPT'
	option forward 'DROP'
	option masq '1'
	option mtu_fix '1'

config forwarding
	option src 'lan'
	option dest 'wan'

config rule
	option name 'Allow-DHCP-Renew'
	option src 'wan'
	option proto 'udp'
	option dest_port '68'
	option target 'ACCEPT'
	option family 'ipv4'

config rule
	option name 'Allow-Ping'
	option src 'wan'
	option proto 'icmp'
	option icmp_type 'echo-request'
	option family 'ipv4'
	option target 'ACCEPT'
	option enabled '0'

config rule
	option name 'Allow-IGMP'
	option src 'wan'
	option proto 'igmp'
	option family 'ipv4'
	option target 'ACCEPT'

config rule
	option name 'Allow-DHCPv6'
	option src 'wan'
	option proto 'udp'
	option dest_port '546'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-MLD'
	option src 'wan'
	option proto 'icmp'
	option src_ip 'fe80::/10'
	list icmp_type '130/0'
	list icmp_type '131/0'
	list icmp_type '132/0'
	list icmp_type '143/0'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-ICMPv6-Input'
	option src 'wan'
	option proto 'icmp'
	list icmp_type 'echo-request'
	list icmp_type 'echo-reply'
	list icmp_type 'destination-unreachable'
	list icmp_type 'packet-too-big'
	list icmp_type 'time-exceeded'
	list icmp_type 'bad-header'
	list icmp_type 'unknown-header-type'
	list icmp_type 'router-solicitation'
	list icmp_type 'neighbour-solicitation'
	list icmp_type 'router-advertisement'
	list icmp_type 'neighbour-advertisement'
	option limit '1000/sec'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-ICMPv6-Forward'
	option src 'wan'
	option dest '*'
	option proto 'icmp'
	list icmp_type 'echo-request'
	list icmp_type 'echo-reply'
	list icmp_type 'destination-unreachable'
	list icmp_type 'packet-too-big'
	list icmp_type 'time-exceeded'
	list icmp_type 'bad-header'
	list icmp_type 'unknown-header-type'
	option limit '1000/sec'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-IPSec-ESP'
	option src 'wan'
	option dest 'lan'
	option proto 'esp'
	option target 'ACCEPT'

config rule
	option name 'Allow-ISAKMP'
	option src 'wan'
	option dest 'lan'
	option dest_port '500'
	option proto 'udp'
	option target 'ACCEPT'
...

_bernd · October 30, 2025, 8:13am

If the ISP does not send you proper router advertisement then you can not see it.

Can you monitor the link between the ISP and your OpenWrt to see what RA is send to you using tcpdump?

ianwroberts · October 31, 2025, 7:56am

So, I’m pretty sure the upgrade did NOT break IPv6 on my router. It does seem that my ISP had a temporary problem with IPv6 connectivity that they have rectified. Apologies for casting aspersions on OpenWRT. I have been motivated to tidy up my router config that was carrying some accumulated dross from several years of upgrades and modifications so this ticket is pretty much obsolete. I am still seeing “odhcpd[2028]: No default route present, setting ra_lifetime to 0!” and need to do more homework about that despite the fact that things seem to be working OK. (I do note that, contrary to expectations, 0!=1. )

ianwroberts · November 1, 2025, 5:21am

A final confession from me: apart from the aforementioned temporary ISP IPv6 connectivity problem, my OpenWRT has had seemingly perfect IPv6 connectivity before and after the upgrade. For my own sanity, I’ve deleted the WAN6 interface and now rely on the auto-spawned, virtual WAN_6 interface with default settings. The ONLY outstanding “network unreachable” problem was/is because I was working in an Ubuntu bash shell on a MS-Windows 11 laptop and didn’t realize that THAT Linux environment wasn’t inheriting IPv6 connectivity from the host Windows. I have no interest in sorting THAT out. The real Linux hosts on my LAN have IPv4 & IPv6 connectivity and connect via IPv6 preferentially.