Hi everyone,

I am trying to relay public IPv6 from the router that is getting it to the switch that manages the DHCP through the lan. So far I have only been able to relay an IPv6 from the wan to the lan interface on the same router, but the switch is still not able to receive or distribute ips to the clients.

Router

/etc/config/network:

config interface 'loopback'
        option device 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fd2b:0e33:7897::/48'

config device
        option name 'br-lan'
        option type 'bridge'
        list ports 'eth1'
        list ports 'eth2'

config interface 'lan'
        option device 'br-lan'
        option proto 'static'
        option ipaddr '192.168.1.2'
        option netmask '255.255.255.0'
        list dns '192.168.1.11'
        option ip6assign '56'

config interface 'wan'
        option proto 'pppoe'
        option device 'wan'
        option username 'someusername'
        option password 'somepassword'
        option ipv6 'auto'
        option force_link '1'
        option peerdns '0'
        list dns '192.168.1.11'
        option ip6assign '56'

config device
        option type '8021q'
        option ifname 'eth0'
        option vid '20'
        option name 'wan'

config device
        option name 'eth0'
        option mtu '9000'

/etc/config/firewall:

cat /etc/config/firewall

config defaults
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option synflood_protect '1'
        option flow_offloading '1'
        option flow_offloading_hw '1'

config zone
        option name 'lan'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'ACCEPT'
        list network 'lan'

config zone
        option name 'wan'
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option masq '1'
        option mtu_fix '1'
        list network 'wan6'
        list network 'wan'
#       option log '1'

config forwarding
        option src 'lan'
        option dest 'wan'

config rule
        option name 'Allow-DHCP-Renew'
        option src 'wan'
        option proto 'udp'
        option dest_port '68'
        option target 'ACCEPT'
        option family 'ipv4'

config rule
        option name 'Allow-Ping'
        option src 'wan'
        option proto 'icmp'
        option icmp_type 'echo-request'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-IGMP'
        option src 'wan'
        option proto 'igmp'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-DHCPv6'
        option src 'wan'
        option proto 'udp'
        option dest_port '546'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-MLD'
        option src 'wan'
        option proto 'icmp'
        option src_ip 'fe80::/10'
        list icmp_type '130/0'
        list icmp_type '131/0'
        list icmp_type '132/0'
        list icmp_type '143/0'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Input'
        option src 'wan'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        list icmp_type 'router-solicitation'
        list icmp_type 'neighbour-solicitation'
        list icmp_type 'router-advertisement'
        list icmp_type 'neighbour-advertisement'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Forward'
        option src 'wan'
        option dest '*'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-IPSec-ESP'
        option src 'wan'
        option dest 'lan'
        option proto 'esp'
        option target 'ACCEPT'

config rule
        option name 'Allow-ISAKMP'
        option src 'wan'
        option dest 'lan'
        option dest_port '500'
        option proto 'udp'
        option target 'ACCEPT'

config redirect
        option dest 'lan'
        option target 'DNAT'
        option name 'WireGuard'
        option src 'wan'
        option src_dport '51820'
        option dest_ip '192.168.1.1'
        option dest_port '51820'
        option log '1'

/etc/config/dhcp

config dnsmasq
        option domainneeded '1'
        option boguspriv '1'
        option filterwin2k '0'
        option localise_queries '1'
        option rebind_protection '1'
        option rebind_localhost '1'
        option local '/lan/'
        option domain 'lan'
        option expandhosts '1'
        option nonegcache '0'
        option cachesize '1000'
        option authoritative '1'
        option readethers '1'
        option leasefile '/tmp/dhcp.leases'
        option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
        option nonwildcard '1'
        option localservice '1'
        option ednspacket_max '1232'
        option filter_aaaa '0'
        option filter_a '0'

config dhcp 'lan'
        option interface 'lan'
        option start '100'
        option limit '150'
        option leasetime '12h'
        option dhcpv4 'server'
        option dhcpv6 'relay'
        option ra 'relay'
        option ndp 'relay'

config dhcp 'wan'
        option interface 'wan'
        option ra 'relay'
        option dhcpv6 'relay'
        option ndp 'relay'
        option master '1'

config odhcpd 'odhcpd'
        option maindhcp '0'
        option leasefile '/tmp/hosts/odhcpd'
        option leasetrigger '/usr/sbin/odhcpd-update'
        option loglevel '4'

The router links with the ISP on port eth0 and with the switch on port eth2

ip addr:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc mq state UP qlen 1000
    link/ether bc:24:11:xx:xx:xx brd ff:ff:ff:ff:ff:ff
    inet6 fe80::be24:11xx:xxxx:xxxx/64 scope link
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel master br-lan state UP qlen 1000
    link/ether bc:24:11:xx:xx:xx brd ff:ff:ff:ff:ff:ff
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master br-lan state UP qlen 1000
    link/ether bc:24:11:xx:xx:xx brd ff:ff:ff:ff:ff:ff
5: br-lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
    link/ether bc:24:11:xx:xx:xx brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.2/24 brd 192.168.1.255 scope global br-lan
       valid_lft forever preferred_lft forever
    inet6 fd2b:e33:7897:100::1/64 scope global deprecated dynamic
       valid_lft 7102sec preferred_lft 0sec
    inet6 fd2b:e33:7897::1/56 scope global noprefixroute
       valid_lft forever preferred_lft forever
    inet6 2a0c:5a83:xxxx:xxxx::1/56 scope global noprefixroute
       valid_lft forever preferred_lft forever
    inet6 fe80::be24:11ff:fe17:4c85/64 scope link
       valid_lft forever preferred_lft forever
6: wan@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc noqueue state UP qlen 1000
    link/ether bc:24:11:xx:xx:xx brd ff:ff:ff:ff:ff:ff
    inet6 fe80::be24:xxxx:xxxx:xxxx/64 scope link
       valid_lft forever preferred_lft forever
7: pppoe-wan: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1492 qdisc fq_codel state UNKNOWN qlen 3
    link/ppp
    inet xxx.xx.xxx.xx peer 10.0.1.107/32 scope global pppoe-wan
       valid_lft forever preferred_lft forever
    inet6 fd2b:e33:7897::1/56 scope global deprecated dynamic
       valid_lft 7102sec preferred_lft 0sec
    inet6 2a0c:5a83:xxxx:xxxx::1/56 scope global deprecated dynamic
       valid_lft 7102sec preferred_lft 0sec
    inet6 fd2b:e33:7897:100::1/56 scope global noprefixroute
       valid_lft forever preferred_lft forever
    inet6 2a0c:5a83:xxxx:xxxx::xxxx:xxxx/128 scope global noprefixroute
       valid_lft forever preferred_lft forever
    inet6 fe80::5444:5397:1c54:8b4f/128 scope link
       valid_lft forever preferred_lft forever

As you can see, lan, wan and wan_6 interfaces have a public IPv6

Switch:

/etc/config/network

config interface 'loopback'
        option device 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fd84:4ed5:53ac::/48'

config device 'switch'
        option name 'switch'
        option type 'bridge'
        option macaddr '64:29:xx:xx:xx:xx'

config bridge-vlan 'lan_vlan'
        option device 'switch'
        option vlan '1'
        option ports 'lan1 lan2 lan3 lan4 lan5 lan6 lan7 lan8 lan9 lan10 lan11 lan12 lan13 lan14 lan15 lan16 lan17 lan18 lan19 lan20'

config device
        option name 'switch.1'
        option macaddr '64:29:xx:xx:xx:xx'

config interface 'lan'
        option device 'switch.1'
        option proto 'static'
        option ipaddr '192.168.1.1'
        option netmask '255.255.255.0'
        option ip6assign '56'
        option gateway '192.168.1.2'
        list dns_search 'lan'
        list dns '192.168.1.11'
        option delegate '0'

config switch_port
        option device 'lan20'
        option port '20'
        option mode 'fibre'

config interface 'vpn'
        option proto 'wireguard'
        option private_key 'somekey'
        option listen_port '51820'
        list addresses '192.168.9.1/24'
        list addresses 'fd00:9::1/64'
        list dns '192.168.1.11'
        option ip6assign '56'

config wireguard_vpn
        option description 'somepeer'
        option public_key 'somekey'
        option private_key 'somekey'

config device
        option type '8021q'
        option ifname 'eth0'
        option vid '20'
        option name 'wan'

config interface 'wan'
        option proto 'dhcpv6'
        option device 'wan'
        option reqaddress 'try'
        option reqprefix 'auto'

The stanza

config switch_port
        option device 'lan20'
        option port '20'
        option mode 'fibre'

Really does nothing as far as I am aware

And the stanza

config device
        option type '8021q'
        option ifname 'eth0'
        option vid '20'
        option name 'wan'

Is also useless, I was thinking of maybe created a wan interface also in the switch but I do not think that is the way to go.

/etc/config/firewall

config defaults
        option syn_flood '1'
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'

config zone 'lan'
        option name 'lan'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'ACCEPT'
        list network 'lan'
        list network 'vpn'

config zone 'wan'
        option name 'wan'
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option masq '1'
        option mtu_fix '1'
        list network 'wan6'
        list network 'wan'

config forwarding
        option src 'lan'
        option dest 'wan'

config rule
        option name 'Allow-DHCP-Renew'
        option src 'wan'
        option proto 'udp'
        option dest_port '68'
        option target 'ACCEPT'
        option family 'ipv4'

config rule
        option name 'Allow-Ping'
        option src 'wan'
        option proto 'icmp'
        option icmp_type 'echo-request'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-IGMP'
        option src 'wan'
        option proto 'igmp'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-DHCPv6'
        option src 'lan'
        option proto 'udp'
        option dest_port '546'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option target 'ACCEPT'
        option src 'lan'
        option proto 'udp'
        option dest_port '546'
        option name 'Allow DHCPv6 replies'
        option family 'ipv6'
        option src_port '547'

config rule
        option name 'Allow-MLD'
        option src 'wan'
        option proto 'icmp'
        option src_ip 'fe80::/10'
        list icmp_type '130/0'
        list icmp_type '131/0'
        list icmp_type '132/0'
        list icmp_type '143/0'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Input'
        option src 'wan'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        list icmp_type 'router-solicitation'
        list icmp_type 'neighbour-solicitation'
        list icmp_type 'router-advertisement'
        list icmp_type 'neighbour-advertisement'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Forward'
        option src 'wan'
        option dest '*'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-IPSec-ESP'
        option src 'wan'
        option dest 'lan'
        option proto 'esp'
        option target 'ACCEPT'

config rule
        option name 'Allow-ISAKMP'
        option src 'wan'
        option dest 'lan'
        option dest_port '500'
        option proto 'udp'
        option target 'ACCEPT'

config rule 'wg'
        option name 'Allow-WireGuard'
        option src 'lan'
        option dest_port '51820'
        option proto 'udp'
        option target 'ACCEPT'

/etc/config/dhcp

config dnsmasq
        option domainneeded '1'
        option localise_queries '1'
        option rebind_protection '1'
        option rebind_localhost '1'
        option local '/lan/'
        option domain 'lan'
        option expandhosts '1'
        option cachesize '1000'
        option authoritative '1'
        option readethers '1'
        option leasefile '/tmp/dhcp.leases'
        option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
        option localservice '1'
        option ednspacket_max '1232'

config dhcp 'lan'
        option interface 'lan'
        option start '100'
        option limit '150'
        option leasetime '12h'
        option force '1'
        list dhcp_option '3,192.168.1.2'
        list dhcp_option '6,192.168.1.11'

config relay
        option local_addr '192.168.1.1'
        option server_addr '192.168.1.2'
        option interface 'lan'

ip addr:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback xx:xx:xx:xx:00:00 brd xx:xx:xx:xx:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether xx:xx:xx:xx:03:80 brd ff:ff:ff:ff:ff:ff permaddr xx:xx:xx:xx:00:00
    inet6 fe80::6629:43ff:fe24:380/64 scope link
       valid_lft forever preferred_lft forever
3: lan1@eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue master switch state LOWERLAYERDOWN group default qlen 1000
    link/ether xx:xx:xx:xx:03:80 brd ff:ff:ff:ff:ff:ff permaddr xx:xx:xx:xx:00:00
4: lan2@eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue master switch state LOWERLAYERDOWN group default qlen 1000
    link/ether xx:xx:xx:xx:03:81 brd ff:ff:ff:ff:ff:ff permaddr xx:xx:xx:xx:00:00
5: lan3@eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue master switch state LOWERLAYERDOWN group default qlen 1000
    link/ether xx:xx:xx:xx:03:82 brd ff:ff:ff:ff:ff:ff permaddr xx:xx:xx:xx:00:00
6: lan4@eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue master switch state LOWERLAYERDOWN group default qlen 1000
    link/ether xx:xx:xx:xx:03:83 brd ff:ff:ff:ff:ff:ff permaddr xx:xx:xx:xx:00:00
7: lan5@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master switch state UP group default qlen 1000
    link/ether xx:xx:xx:xx:03:84 brd ff:ff:ff:ff:ff:ff permaddr xx:xx:xx:xx:00:00
8: lan6@eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue master switch state LOWERLAYERDOWN group default qlen 1000
    link/ether xx:xx:xx:xx:03:85 brd ff:ff:ff:ff:ff:ff permaddr xx:xx:xx:xx:00:00
9: lan7@eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue master switch state LOWERLAYERDOWN group default qlen 1000
    link/ether xx:xx:xx:xx:03:86 brd ff:ff:ff:ff:ff:ff permaddr xx:xx:xx:xx:00:00
10: lan8@eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue master switch state LOWERLAYERDOWN group default qlen 1000
    link/ether xx:xx:xx:xx:03:87 brd ff:ff:ff:ff:ff:ff permaddr xx:xx:xx:xx:00:00
11: lan9@eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue master switch state LOWERLAYERDOWN group default qlen 1000
    link/ether xx:xx:xx:xx:03:88 brd ff:ff:ff:ff:ff:ff permaddr xx:xx:xx:xx:00:00
12: lan10@eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue master switch state LOWERLAYERDOWN group default qlen 1000
    link/ether xx:xx:xx:xx:03:89 brd ff:ff:ff:ff:ff:ff permaddr xx:xx:xx:xx:00:00
13: lan11@eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue master switch state LOWERLAYERDOWN group default qlen 1000
    link/ether xx:xx:xx:xx:03:8a brd ff:ff:ff:ff:ff:ff permaddr xx:xx:xx:xx:00:00
14: lan12@eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue master switch state LOWERLAYERDOWN group default qlen 1000
    link/ether xx:xx:xx:xx:03:8b brd ff:ff:ff:ff:ff:ff permaddr xx:xx:xx:xx:00:00
15: lan13@eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue master switch state LOWERLAYERDOWN group default qlen 1000
    link/ether xx:xx:xx:xx:03:8c brd ff:ff:ff:ff:ff:ff permaddr xx:xx:xx:xx:00:00
16: lan14@eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue master switch state LOWERLAYERDOWN group default qlen 1000
    link/ether xx:xx:xx:xx:03:8d brd ff:ff:ff:ff:ff:ff permaddr xx:xx:xx:xx:00:00
17: lan15@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master switch state UP group default qlen 1000
    link/ether xx:xx:xx:xx:03:8e brd ff:ff:ff:ff:ff:ff permaddr xx:xx:xx:xx:00:00
18: lan16@eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue master switch state LOWERLAYERDOWN group default qlen 1000
    link/ether xx:xx:xx:xx:03:8f brd ff:ff:ff:ff:ff:ff permaddr xx:xx:xx:xx:00:00
19: lan17@eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue master switch state LOWERLAYERDOWN group default qlen 1000
    link/ether xx:xx:xx:xx:03:90 brd ff:ff:ff:ff:ff:ff permaddr xx:xx:xx:xx:00:00
20: lan18@eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue master switch state LOWERLAYERDOWN group default qlen 1000
    link/ether xx:xx:xx:xx:03:91 brd ff:ff:ff:ff:ff:ff permaddr xx:xx:xx:xx:00:00
21: lan19@eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue master switch state LOWERLAYERDOWN group default qlen 1000
    link/ether xx:xx:xx:xx:03:92 brd ff:ff:ff:ff:ff:ff permaddr xx:xx:xx:xx:00:00
22: lan20@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master switch state UP group default qlen 1000
    link/ether xx:xx:xx:xx:03:93 brd ff:ff:ff:ff:ff:ff permaddr xx:xx:xx:xx:00:00
77: switch: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether xx:xx:xx:xx:03:80 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::6629:43ff:fe24:380/64 scope link
       valid_lft forever preferred_lft forever
78: switch.1@switch: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether xx:xx:xx:xx:03:80 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.1/24 brd 192.168.1.255 scope global switch.1
       valid_lft forever preferred_lft forever
    inet6 fd84:4ed5:53ac:100::1/64 scope global deprecated dynamic
       valid_lft 6794sec preferred_lft 0sec
    inet6 fd84:4ed5:53ac::1/56 scope global noprefixroute
       valid_lft forever preferred_lft forever
    inet6 fe80::6629:43ff:fe24:380/64 scope link
       valid_lft forever preferred_lft forever
79: vpn: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1420 qdisc noqueue state UNKNOWN group default qlen 1000
    link/none
    inet 192.168.9.1/24 brd 192.168.9.255 scope global vpn
       valid_lft forever preferred_lft forever
    inet6 fd84:4ed5:53ac::1/56 scope global deprecated dynamic
       valid_lft 6794sec preferred_lft 0sec
    inet6 fd84:4ed5:53ac:100::1/56 scope global noprefixroute
       valid_lft forever preferred_lft forever
    inet6 fd00:9::1/64 scope global
       valid_lft forever preferred_lft forever
80: wan@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether xx:xx:xx:xx:03:80 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::6629:xxxx:xxxx:xxx/64 scope link
       valid_lft forever preferred_lft forever

The switch connects to the router on port lan20

Admitedly I have some idea of what I am doing but I am in no way familiar with IPv6 so I am just doing things until something stick. Any help is welcomed.

Regards.

Start with removing your super cretive mtu settings and rebooting the device.

This doesn't make sense since a switch works at layer 2. It is agnostic to layer 3 protocols like IPv4 or v6. If you have two switch ports in the same VLAN, an endpoint device plugged through the switch should get IP configuration from the main router the same as if it were plugged directly into the main router. The OS in the switch never even sees these packets as the connection is switched by hardware.

If you want the OpenWrt running in the switch to hold a V6 address, build a lan6 interface aliased to lan. It would be used for the OS Internet access, and if you wanted to build additional networks in the switch and route them in the switch. That is generally not recommended due to the low performance of the switch CPU though.

In my setup the DHCP server is configured in the switch, while the router acts as the gateway to the internet. I thought I could receive the IPv6 in the router and relay it to the switch so it could assign public IPs to some clients.

The use case is I am trying to run WireGuard and it's not working in IPv4.

Thanks

Was finally able to grant IPv6 to the switch on interfaces lan by creating a lan6 interface aliased to lan as previously told, but no luck with the vpn interface:

101: switch.1@switch: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 64:29:xx:xx:xx:xx brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.1/24 brd 192.168.1.255 scope global switch.1
       valid_lft forever preferred_lft forever
    inet6 2a0c:xxxx:xxxx:xxxx:::1/62 scope global dynamic noprefixroute
       valid_lft 42041sec preferred_lft 42041sec
    inet6 2a0c:xxxx:xxxx:b00:xxxx:xxxx:xxxx:380/64 scope global noprefixroute
       valid_lft forever preferred_lft forever
    inet6 2a0c:xxxx:xxxx:b00::220/128 scope global dynamic noprefixroute
       valid_lft 42041sec preferred_lft 42041sec
    inet6 fe80::6629:43ff:fe24:380/64 scope link
       valid_lft forever preferred_lft forever
102: vpn: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1420 qdisc noqueue state UNKNOWN group default qlen 1000
    link/none
    inet 192.168.9.1/24 brd 192.168.9.255 scope global vpn
       valid_lft forever preferred_lft forever
    inet6 fd00:9::1/64 scope global
       valid_lft forever preferred_lft forever

Sadly I still cannot connect through WireGuard.

You probably missing a firewall rule allow traffic from wan to the local host incl the port number. No forward. Just a traffic rule.
And your vpn interface misses global ipv6 address.

There is no wan interface in the switch as the router is the one in charge with getting the internet connection. Should I create a wan interface also on the switch?

Thanks