OpenWrt to accept IPv6 RA while being DHCP server

My setup is as follows:

Internet --- Fritz --- [OpenWRT, PC, lots of others]

So, there is a local Ethernet switch that connects Fritz, OpenWRT, Linux PC, and lots of other clients.
The internet DSL modem and WiFi-router is labeled "Fritz" in here.
Both OpenWRT and Fritz provide WiFi access points at different locations in the same building.
OpenWRT is the primary DHCP server for the whole network.

Everything works except for IPv6 address assignments:

PROBLEM: I would like:

1. OpenWRT should hand its own IPv6 address prefix (starting with "fded:..." or whatever) to all clients (PC,...)

2. OpenWRT should accept as a second IPv6 prefix the assignments from Fritz given by the internet provider (starting with "2001:..."). Fritz, although DHCP is disabled on it, correctly hands out RAs which are accepted by the PC.

How can I configure that with OpenWRT? I never got to the point where OpenWRT would accept any foreign RA. I read it's supposed to work with odhcp6c but even if I call that directly with debugging and foreground it will not print any address and will not add any addresses to the interface.

accept_ra - INTEGER
	Accept Router Advertisements; autoconfigure using them.

	It also determines whether or not to transmit Router
	Solicitations. If and only if the functional setting is to
	accept Router Advertisements, Router Solicitations will be
	transmitted.

	Possible values are:
		0 Do not accept Router Advertisements.
		1 Accept Router Advertisements if forwarding is disabled.
		2 Overrule forwarding behaviour. Accept Router Advertisements
		  even if forwarding is enabled.

	Functional default: enabled if local forwarding is disabled.
			    disabled if local forwarding is enabled.

https://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt

Thank you for your quick response!

Interestingly, I tried /proc/sys/net/ipv6/conf/all/accept_ra to 2 and it did not help.

Digging further, setting /proc/sys/net/ipv6/conf/br-lan/accept_ra to 2 seems to do it.

Thank you. Still, in some other posts, I read that this is not the "correct" way of doing it for OpenWRT. But alright...

Now, (2) is solved.

However, (1) is not. The Linux PC does not obtain RAs from the OpenWRT (but from the Fritz it does). BTW, there is no DHCP client running on the PC.

How can I make the OpenWRT transmit its RA?

OK, answering my own question:

/etc/config/dhcp:

config dhcp 'lan'
        option interface 'lan'
        option dhcpv6 'server'
        option ra server          <--- this seems to be important

Out of curiosity:

• You have two separated networks or just one? Because, you said, that the OpenWRT device does DHCP for the whole network? (Therefor DHCP and DHCPv6 on the fritz is disabled?)
• If you just have one network, wouldn't a Dumb AP Setup be the better option? OpenWRT could still be responsible for DHCP and DHCPv6 leases and providing DNS, but if your link from the fritz box and your LAN ports on OpenWRT are just bridged you would not need to do anything regarding RA. The fritz box sends RA then to the whole layer-2 network.
• Does your OpenWRT still do NAT on WAN? Because double-NAT sucks even more then NAT If you have no special needs, I would still propose (in case you don't know already) to have a look how to run a Dumb AP (TL;DR; connect LAN to your upstream devices, and not WAN; reconfigure br-lan; disable firewall or at least remove masquerade; in your case you still want to have DHCP and DHCPv6; ...)

Regarding accept_ra: Sometimes all overwrites individual settings, sometimes not. I have no good answer about that behavior, or know for certain when it applies and when not. But in this case, I assume that if you just set all = 2 but br-lan = 0 then 0 (disabled) overwrites all = 2

Yes, DHCP on the Frits is disabled.

If you just have one network, wouldn't a Dumb AP Setup be the better option?

Seems so, but how can I make it work?

BTW, the Fritz box RA advertised address changes every 24 hours. I'd like the OpenWRT to send out its own ula_prefix to everybody as well which does not change.

Does your OpenWRT still do NAT on WAN?

No. It runs a lot of services but no NAT.

Dumb AP: See https://openwrt.org/docs/guide-user/network/wifi/dumbap for inspiration.

It depends a little bit on your network. If you just have a single LAN, I would propose:

• Swap the cable from the WAN port to one of the LAN ports
• Reconfigure br-lan from static to dhcp or use a static IP assignment
  • If you want to use proto dhcp then you need an IPv6 interface for br-lan, too. (See the wan and wan6 interface as a reference)

That should it be already. With an Dumb AP, the device acts then only as a Switch and not as an Router.

Regarding RA:
So your client devices get now both? A dynamic GUA from the fritz and the static ULA from OpenWRT? (OpenWRT can handle dynamic prefixes with its default config as I have heard. Deutsche Telekom only gives me a new prefix on reboot or network restart, OR as I have heard once every 6 months, but I keep no logs and have never experienced or payed attention on it over the years)

But if your setup suites you and you have no issue I will not try to convince you about anything

As I try to think about it... I'm not quiet sure about how DHCPv6 will be handled by OpenWRT in a dumb ap setup as you want to keep that function on the OpenWRT. Again, if you have no issues I will not try to sell you anything.

Swap the cable from the WAN port to one of the LAN ports

There is only one cable and it is in the LAN port.

Reconfigure br-lan

br-lan has static assignment, at least for IPv4; for IPv6 it has the ula_prefix and assigns itself the ::1 which seems fine.

So your client devices get now both? A dynamic GUA from the fritz and the static ULA from OpenWRT?

Yes, correct, and that is what I intend. And it seems "option ra server" was needed for the latter.

But thank you very much it seems to be working as-is right now and I'll only touch it once it starts not working again.

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.