Have router 1 without opwrt that connected to ipv6 internet, and give it to owrt router 2 and other clients.
1 router have prefix from ppoe connection 2a02:ad8:49e2:xxxx::/56
2 router is OpenWrt 23 (openwrt-23.05.4-ramips-mt7621-xiaomi_mi-router-4a-gigabit-squashfs-sysupgrade.bin)
OpenWrt wan6 have ipv6 that can ping from it
:root@OpenWrt:~# ping6 -c 4 ipv6.google.com
PING ipv6.google.com (2a00:1450:4010:xxx::64): 56 data bytes
64 bytes from 2a00:1450:4010:xxx::64: seq=0 ttl=110 time=68.426 ms
But Lan interface give only ipv4 and local ULA IPv6: fdef:4dae:da5e::1/60 that have not access to global ipv6 internet (so clients haven't it too).
For some reason I thought that the default settings of openwrt should successfully accept and distribute ipv6 Internet, but unfortunately in my case it only accepts, but doesn't distribute to clients ipv6 internet.
I've tried to get help from AI chats with different configs, but it wasn't successive, so i want to start from the beginning.
Router1: Sagemcom F@st 2804, v7 rev.3
However, maybe there is some kind of ssh command set to make ipv6 work on the lan interface?
I do not understand the essence of the problem, why clients connected directly, including openwrt itself, can use ipv6 Internet access, but openwrt cannot transmit it to clients connected to it, in the same way as the ipv4 Internet transmits.
So problem that openwrt connected with too big prefix?
openwrt wan6 IPv6: 2a02:ad8:49e2:xxxx::1/128
may be it can be fixed on openwrt side with some configs?
If router 1 have o and m DHCPv6 flags.
Just stop and do not try. Really. Given that most answers on the net given by humans (on the topic) are utterly bullshit, therefore the training set of the LLM is more then crap.
Yes 2nd wan connected to lan of 1st
And i already reversed configs to defaults, only make lan interface ipv4 address 192.168.2.2 (default 1.1 same problem) so i can connect to 1st router 192.168.1.1 web.
root@OpenWrt:~# vi /etc/config/network
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fdef:4dae:da5e::/48'
option packet_steering '1'
config device
option name 'br-lan'
option type 'bridge'
list ports 'lan1'
list ports 'lan2'
config interface 'lan'
option device 'br-lan'
option proto 'static'
option ipaddr '192.168.2.2'
option netmask '255.255.255.0'
option ip6assign '60'
Cant connect to 1st router with ssh, so can change configs with web gui (now it almost defaults, excluding i activated m flag of DHCPv6 and RA of DNS:
Unable to negotiate with 192.168.1.1 port 22: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1
Yes I missed the part that the 1st one is not running OpenWrt.
But you have access to its vendor firmware web interface? Try to find something called "Prefix Delegation" on its IPv6 settings.
And your network config of the 2nd router seams incomplete as the stanzas for wan and wan6 are missing.... (Use cat /etc/network/config to print the whole file...)
On the 1st routers, the option "Prefix Mode", what values can you choose of?
And try if something chances if you set on the 2nd router the option reqprefix explixit to 60.
What you want and need is that the 1st router delegates a part of the /56 prefix downstream to the 2nd router. And the 2nd routers can then delegate/assign individual /64 to its LAN interfaces.
(Feel free to ask for clarifications and such.)
Edit / PS: What options/values can you choose of on the DHCPv6 Options (on the 1st router)?
As an alternative configuration option, is it possible to set ipv6 forwarding to 1st router? Or it is only option if 1st router configs cannot be changed (just in case)?
Ok, now what i have to put in 1st router to configure it delegate/56 prefix to OpenWRT (to other clients as usual)?
Start with / Try to set the "Prefix Length" to 60 on the DHCPv6 Options, and as I said before, set on the 2nd router option reqprefix '60' explicit.
I would suggest to power cycle the 2nd router OR at least unplug the cable from its WAN port, wait 3 sec, and plugin again... I keep the fingers crossed.
I can only partially you assist with your vendor firmware...
You see a /56 has 256 /64 prefixes. A /60 has 16 /64.
You have to try it out and/or have a look at the vendor documentation.
It still stands: What you want to have is dhcpv6 prefix delegation. With more then a single /64 on the downstream aka LAN interface (of the 1st router).
and RA same
restart both routers
As result, openWRT wan6 now have address: IPv6: 2a02:ad8:49e2:xxxx:9e9d:7eff:fe11:80ce/128
and something new, now i cannot ping from openWRT ipv6:
Well, which means, probably i need to start studying ipv6 network basics)
If i back 1st router to auto DHCPv6, but change IPv6 Address Suffix Pool: set from ::60 to ::60
2nd router wan6 take IPv6: 2a02:ad8:443b:xxxx::60/128
And i can ping ipv6 from wan6 again. (still no global ipv6 on lan interface)
an address by SLAAC with a prefix of /64AND an address with a prefix of /128 via DHCPv6, or
just a single address with a prefix of /128 via DHCPv6
on its wan interface, to begin with. Without that you do not even should try to proceed.
After that we can talk about prefix delegation. This is also a subset of DHCPv6 but its not intended to hand our address by rather an entire prefix. So to speak an unused /64 or even larger like /60.
Please try to get a copy of a manual of your 1st routers vendor firmware and check if it even supports prefix delegation.
Or evaluate if it is possible to get rid of that box and replace it with OpenWrt. Because this is already builtin standard feature and even enabled by default!
An "address pool" usually talks about how much addresses or what range of addresses are handed out by an dhcp/dhcpv6 server. But in the ipv6 world this is rather stupid, because a network/vlan/link should have always an entire /64. Sure you can narrow down the address space (range), like: "I want to use only the first 10.000 addresses", but then it would be still out of an /64.
But a router has to handout also entire prefixes to clients which ask for it, like a down stream router.
Example:
You have an /56. And now you could have like 3 client networks (adults, kids, iot) each a /64, and now you connect 2 more routers. Each router could not only request an address, but also a /60, so it can provide up to 16 networks on its own!
This "distribution" is called "prefix delegation". It has nothing to do with addresses (the suffix / the last 64 bit of an 128 bit ipv6 address), but with the prefix, that's why its called prefix delegation.
Solution 1 if router 1 have no Prefix Delegation (PD):
Bridge mode on wan router1, so router 2 with openwrt can make ipv6 connection to ppoe itself.
Solution 2: NAT ipv6 for router 2
trying to find how to make it work...
Other ideas is:
DHCP redirect router 2 to router 1.
Or
6in4 Tunnel Broker IPv6
