Iam not yet sure if I understand correct the openWRT concept for DHCP in regards to IPv6.
ISP is providing prefix that used to create global IPv6 for each device and for different sections as LAN and Wireguard using "IPv6 assingment hint", Like 192.68.0.x, 192.168.1.x. in past for IPv4.
Is there a good tutorial that you can refer? openWRT Wiki for Ipv6 is very difficult to read…
DDNS should collect public IPv6 (network WAN6) but that does not happen in my case. Connection to no-ip works, but the collected Ipv6 is not the public one maybe due to my wrong IPv6 config.
WAN:
Deligate IP Prefix - yes (why is that not only needed for WAN6)?
IPv6 assignment length: disabled
LAN:
Deligate IP Prefix - no
IPv6 assignment hint: 1
IPv6 assignment length: 64
IPv6 - RA-Service - Server mode
IPv6 - DHCPv6-Service - Server Mode
Wireguard:
Deligate IP Prefix - no
IPv6 assignment hint: 64
IPv6 assignment length: 7
DDNS:
083838 : Detect registered/public IP
083838 : #> /usr/bin/host -t AAAA -T abcd.ddns.net >/var/run/ddns/IP6.dat 2>/var/run/ddns/IP6.err
083839 : Registered IP 'aaaa:bbbb:2000:36::47cc' detected
083839 info : Starting main loop at 2024-12-26 08:38
083839 : Detect current IP on 'network'
083839 ERROR : Can not detect current IP using network_get_ipaddr6 'wan6' - Error: '1' - TERMINATE
083839 WARN : PID '4498' exit WITH ERROR '1' at 2024-12-26 08:38
What type of ISP do you have? (Is it cable, fiber, etc) If DSL or fiber, is the wan interface dhcp or pppoe?
Start by running ifstatus wan6. In a dhcp ISP situation, wan6 is an alias for the same hardware port as wan, which will have both an IPv4 and an IPv6 connection. UCI associates the v4 settings of the port with wan and the v6 settings are linked to the name wan6
An ISP that is following recommended standards for home and small office connections will issue each customer line a routable prefix of /56 or /48, and a single IP address for the customer's router itself. The router's IP should be outside the routable prefix. It may be a single /128 address (all customers are in the same /64) or a /64 network assigned to the one customer.
That doesn't matter much as all your LAN endpoints will be in the /56 and the router's IP is used only for services hosted on the router such as ssh access or a VPN. If you have a LAN machine acting as a service for the Internet, that machine will have its own globally unique /128 (somewhere within your /56) and it should run a DDNS client itself to register that IP into DNS (e.g. the web server is www.yourdomain.com vs the router's direct IP being wg.yourdomain.com)
Hello, my ISP is Deutsche Glasfaser - DHCP - Prefix /56.
ifstatus wan6 (not sure which items you look for)
"ipv6-address": "address": "2a00:aaaa:2000:36::47cc", (that appears also in DDNS, but is not public reachable)
"ipv6-prefix": "address": "2a00:aaaa:dddd:e900::", "mask": 56,
That Prefix seems corrently and is used with local assigment hint (WAN e900, LAN e901, ....)
The router's IP should be outside the routable prefix
The "existing" routable IP (from former opsense) shared with DDNS has the e902 inside and still working...
This should work then unless the ISP is blocking it. Of course for the router to answer any service other than ping, you will need to open the port in the firewall.
tcpdump can be used to observe incoming packets on the wan interface (use the kernel name of the underlying hardware, not wan6). It intercepts packets before the firewall has processed them.
Blockquote
This should work then unless the ISP is blocking it. Of course for the router to answer any service other than ping, you will need to open the port in the firewall.
Yes UDP 51820 is open for IPv6 to connect with WG. Using former known IP > now hardcoded in WG ( 2a00:aaaa:dddd:e902:abcd:abcd:abcd:abcd) works fine to connect to openWRT.
But I'm not able to read out this IP inside openWRT - so in case this changes in future, would be blocked out...
Edit : my WAN in opnsense had the "e902", that is why I assume it was referred like this.
Because openwrt claims "the well known" gateway address for a subnet...
Edit: sorry yes I have to expand that answer. The host address 0 if shortened to:: is an anycasy address which is valid on a local subnet. You can have 3 routers in a subnet and every time you connect to this special address one of the three would answer...
Only prefix seems to work for connection manually, let see how long...
2). Meanwhile ISP gave me different "ipv6-address", that works know! (no-ip.com does not like it, but spdns.de eats it)