# From router
# ip -6 addr; ip -6 ru; ip -6 ro
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 state UNKNOWN qlen 1000
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 2001:4b:ef:5300::1/128 scope global dynamic
valid_lft 13329sec preferred_lft 6579sec
inet6 fe80::b2b9:8aff:fe6d:802a/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 fdb4:fc:9c:b::1/64 scope global
valid_lft forever preferred_lft forever
inet6 2001:4b:ef:0::1/64 scope global dynamic
valid_lft 13330sec preferred_lft 6580sec
inet6 fe80::b2b9:8aff:fe6d:8029/64 scope link
valid_lft forever preferred_lft forever
7: br-wlan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 2001:4b:ef:3::1/64 scope global dynamic
valid_lft 13329sec preferred_lft 6579sec
inet6 fdb4:fc:9c:c::1/128 scope global
valid_lft forever preferred_lft forever
inet6 fe80::b2b9:8aff:fe6d:802c/64 scope link
valid_lft forever preferred_lft forever
8: wlan1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 fe80::b2b9:8aff:fe6d:802c/64 scope link
valid_lft forever preferred_lft forever
9: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 state UNKNOWN qlen 100
inet6 2001:4b:ef:1::1/64 scope global dynamic
valid_lft 13329sec preferred_lft 6579sec
inet6 fdb4:fc:9c:d::2/64 scope global
valid_lft forever preferred_lft forever
inet6 fdb4:fc:9c:d::1/128 scope global
valid_lft forever preferred_lft forever
inet6 fe80::10fe:1b13:d7a6:8e39/64 scope link
valid_lft forever preferred_lft forever
10: tun1: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 state UNKNOWN qlen 100
inet6 2001:4b:ef:2::1/64 scope global dynamic
valid_lft 13329sec preferred_lft 6579sec
inet6 fdb4:fc:9c:e::2/64 scope global
valid_lft forever preferred_lft forever
inet6 fdb4:fc:9c:e::1/128 scope global
valid_lft forever preferred_lft forever
inet6 fe80::d7b8:55cd:8219:ad44/64 scope link
valid_lft forever preferred_lft forever
0: from all lookup local
32766: from all lookup main
4200000000: from 2001:4b:ef:1::1/64 iif tun0 lookup unspec unreachable
4200000000: from 2001:4b:ef:2::1/64 iif tun1 lookup unspec unreachable
4200000000: from 2001:4b:ef:3::1/64 iif br-wlan lookup unspec unreachable
4200000000: from 2001:4b:ef:0::1/64 iif eth1 lookup unspec unreachable
4200000001: from all iif lo lookup unspec 12
4200000002: from all iif eth0 lookup unspec 12
4200000002: from all iif eth0 lookup unspec 12
4200000003: from all iif eth1 lookup unspec 12
4200000007: from all iif br-wlan lookup unspec 12
4200000009: from all iif tun0 lookup unspec 12
4200000010: from all iif tun1 lookup unspec 12
default from 2001:4b:ef:5300::1 via fe80::dad7:75ff:fe68:a0cc dev eth0 metric 4096
default from 2001:4b:ef:0::/60 via fe80::dad7:75ff:fe68:a0cc dev eth0 metric 4096
2001:4b:ef:0::/64 dev eth1 metric 1024
2001:4b:ef:1::/64 dev tun0 metric 1024
2001:4b:ef:2::/64 dev tun1 metric 1024
2001:4b:ef:3::/64 dev br-wlan metric 1024
unreachable 2001:4b:ef:0::/60 dev lo metric 2147483647 error -113
fdb4:fc:9c:b::/64 dev eth1 metric 1024
fdb4:fc:9c:c::/64 dev br-wlan metric 1024
fdb4:fc:9c:d::/64 dev tun0 metric 256
fdb4:fc:9c:d::/64 dev tun0 metric 1024
fdb4:fc:9c:e::/64 dev tun1 metric 256
fdb4:fc:9c:e::/64 dev tun1 metric 1024
unreachable fdb4:6fc8:79c2::/48 dev lo metric 2147483647 error -113
fe80::/64 dev tun0 metric 256
fe80::/64 dev tun1 metric 256
fe80::/64 dev wlan1 metric 256
fe80::/64 dev br-wlan metric 256
fe80::/64 dev eth0 metric 256
fe80::/64 dev eth1 metric 256
anycast 2001:4b:ef:0:: dev eth1 metric 0
anycast 2001:4b:ef:1:: dev tun0 metric 0
anycast 2001:4b:ef:2:: dev tun1 metric 0
anycast 2001:4b:ef:3:: dev br-wlan metric 0
anycast fdb4:fc:9c:b:: dev eth1 metric 0
anycast fdb4:fc:9c:d:: dev tun0 metric 0
anycast fdb4:fc:9c:e:: dev tun1 metric 0
anycast fe80:: dev tun0 metric 0
anycast fe80:: dev tun1 metric 0
anycast fe80:: dev br-wlan metric 0
anycast fe80:: dev wlan1 metric 0
anycast fe80:: dev eth0 metric 0
anycast fe80:: dev eth1 metric 0
ff00::/8 dev br-wlan metric 256
ff00::/8 dev tun0 metric 256
ff00::/8 dev tun1 metric 256
ff00::/8 dev wlan1 metric 256
ff00::/8 dev eth0 metric 256
ff00::/8 dev eth1 metric 256
# From pc
$ ip -6 addr; ip -6 ru; ip -6 ro
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 state UNKNOWN qlen 1000
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
3: enp4s0f3u1u4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 fdb4:fc:9c:b:224:67ff:fe35:1074/64 scope global dynamic mngtmpaddr
valid_lft forever preferred_lft forever
inet6 2001:4b:ef:0:224:67ff:fe35:1074/64 scope global dynamic mngtmpaddr
valid_lft 13252sec preferred_lft 6502sec
inet6 fe80::224:67ff:fe35:1074/64 scope link
valid_lft forever preferred_lft forever
0: from all lookup local
32766: from all lookup main
2001:4b:ef:0::/64 dev enp4s0f3u1u4 proto kernel metric 256 expires 13251sec pref medium
fdb4:fc:9c:b::/64 dev enp4s0f3u1u4 proto kernel metric 256 pref medium
fe80::/64 dev enp4s0f3u1u4 proto kernel metric 256 pref medium
default via fe80::b2b9:8aff:fe6d:8029 dev enp4s0f3u1u4 proto ra metric 1024 expires 1637sec hoplimit 64 pref medium
Configs:
package network
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fdb4:6fc8:79c2::/48'
config interface 'lan'
option proto 'static'
option ip6assign '64'
option ipaddr '122.118.0.1'
option netmask '255.255.255.192'
option _orig_ifname 'eth1'
option ifname 'eth1'
option ip6hint 'b'
config interface 'vpn0'
option proto 'static'
option ifname 'tun0'
option _orig_ifname 'tun0'
option _orig_bridge 'false'
option ip6assign '64'
option netmask '255.255.255.240'
option ipaddr '122.118.30.241'
option ip6hint 'd'
option ip6addr 'fdb4:fc:9c:d::1'
config interface 'vpn1'
option proto 'static'
option ifname 'tun1'
option _orig_ifname 'tun1'
option _orig_bridge 'false'
option ip6assign '64'
option netmask '255.255.255.240'
option ip6hint 'e'
option ipaddr '122.118.30.225'
option ip6addr 'fdb4:fc:9c:e::1'
config interface 'wlan'
option proto 'static'
option netmask '255.255.255.240'
option ip6assign '64'
option ip6hint 'c'
option type 'bridge'
option ipaddr '122.118.3.241'
option ip6addr 'fdb4:fc:9c:c::1'
config interface 'wan'
option ifname 'eth0'
option proto 'dhcp'
config interface 'wan6'
option ifname 'eth0'
option proto 'dhcpv6'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'switch0'
option vlan '1'
option ports '1 2 3 4 6'
config switch_vlan
option device 'switch0'
option vlan '2'
option ports '5 0'
config route
option interface 'lan'
option target '122.118.0.61'
option netmask '255.255.255.192'
option gateway '122.118.0.1'
config route
option interface 'lan'
option target '122.118.0.60'
option netmask '255.255.255.192'
option gateway '122.118.0.1'
config route
option interface 'lan'
option target '122.118.0.59'
option netmask '255.255.255.192'
option gateway '122.118.0.1'
package dhcp
config dnsmasq
option domainneeded '1'
option rebind_protection '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.auto'
option localservice '1'
option nonwildcard '0'
option local '/mydomain.com/'
option domain 'mydomain.com'
option localise_queries '1'
option port '5353'
option enable_tftp '1'
option tftp_root '/mnt/tftp'
config boot 'linux'
option filename 'boot/grub/x86_64-efi/core.efi'
option serveraddress 'gw.mydomain.com'
option servername 'PXE server'
config dhcp 'wan'
option interface 'wan'
option ignore '1'
config dhcp 'wan6'
option interface 'wan6'
option ignore '1'
config odhcpd 'odhcpd'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
config dhcp 'wlan'
option leasetime '12h'
option interface 'wlan'
option dhcpv6 'disabled'
option ra 'server'
option start '5'
option limit '10'
list domain 'mydomain.com'
config dhcp 'vpn0'
option interface 'vpn0'
option leasetime '12h'
option dhcpv6 'disabled'
option ra 'server'
option start '5'
option limit '10'
list domain 'vpn.mydomain.com'
config dhcp 'vpn1'
option interface 'vpn1'
option leasetime '12h'
option dhcpv6 'disabled'
option ra 'server'
config dhcp 'lan'
option interface 'lan'
option leasetime '12h'
option ra 'server'
option start '55'
option limit '5'
list domain 'mydomain.com'
option ra_default '1'
package firewall
config defaults
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
option syn_flood '1'
config zone
option name 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option network 'lan'
option forward 'REJECT'
option masq '1'
config zone
option name 'wan'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
option network 'wan'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-IGMP'
option src 'wan'
option proto 'igmp'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option src_ip 'fc00::/6'
option dest_ip 'fc00::/6'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-MLD'
option src 'wan'
option proto 'icmp'
option src_ip 'fe80::/10'
list icmp_type '130/0'
list icmp_type '131/0'
list icmp_type '132/0'
list icmp_type '143/0'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-IPSec-ESP'
option src 'wan'
option dest 'lan'
option proto 'esp'
option target 'ACCEPT'
config rule
option name 'Allow-ISAKMP'
option src 'wan'
option dest 'lan'
option dest_port '500'
option proto 'udp'
option target 'ACCEPT'
config include
option path '/etc/firewall.user'
config rule 'Allow_OpenVPN_Inbound'
option target 'ACCEPT'
option src '*'
option dest_port '1194'
option name 'VPN'
option proto 'tcp udp'
config zone 'vpn'
option name 'vpn'
option input 'ACCEPT'
option forward 'REJECT'
option output 'ACCEPT'
option masq '1'
option network 'vpn0 vpn1'
config zone
option input 'ACCEPT'
option output 'ACCEPT'
option name 'wlan'
option network 'wlan'
option forward 'REJECT'
option masq '1'
config forwarding
option dest 'wan'
option src 'wlan'
config zone
option forward 'REJECT'
option name 'wan6'
option input 'REJECT'
option masq '1'
option network 'wan6'
option output 'ACCEPT'
option mtu_fix '1'
config forwarding
option dest 'wan6'
option src 'wlan'
config forwarding
option dest 'wan'
option src 'lan'
config forwarding
option dest 'wan6'
option src 'lan'
config forwarding
option dest 'wan'
option src 'vpn'
config forwarding
option dest 'wan6'
option src 'vpn'
package wireless
config wifi-device 'radio0'
option type 'mac80211'
option hwmode '11a'
option path 'soc/1b500000.pci/pci0000:00/0000:00:00.0/0000:01:00.0'
option htmode 'HT20'
option country 'US'
option legacy_rates '1'
option channel 'auto'
option disabled '1'
config wifi-iface 'default_radio0'
option device 'radio0'
option mode 'ap'
option network 'wlan'
option key 'SuperSecretPasswd'
option disabled '1'
option ssid 'LEDE'
option encryption 'none'
config wifi-device 'radio1'
option type 'mac80211'
option hwmode '11g'
option path 'soc/1b700000.pci/pci0001:00/0001:00:00.0/0001:01:00.0'
option htmode 'HT20'
option country 'US'
option legacy_rates '1'
option channel '4'
config wifi-iface 'default_radio1'
option device 'radio1'
option mode 'ap'
option ssid 'Caverna'
option hidden '1'
option encryption 'psk2+tkip+ccmp'
option key 'SuperSecretPasswd2'
option isolate '1'
option network 'wlan'
{
"up": true,
"pending": false,
"available": true,
"autostart": true,
"dynamic": false,
"uptime": 657874,
"l3_device": "eth0",
"proto": "dhcpv6",
"device": "eth0",
"updated": [
"prefixes"
],
"metric": 0,
"dns_metric": 0,
"delegation": true,
"ipv4-address": [
],
"ipv6-address": [
{
"address": "2001:4b:ef:5300::1",
"mask": 128,
"preferred": 6085,
"valid": 12835
}
],
"ipv6-prefix": [
{
"address": "2001:4b:ef:0::",
"mask": 60,
"preferred": 6085,
"valid": 12835,
"class": "wan6",
"assigned": {
"lan": {
"address": "2001:4b:ef:0::",
"mask": 64
},
"vpn0": {
"address": "2001:4b:ef:1::",
"mask": 64
},
"vpn1": {
"address": "2001:4b:ef:2::",
"mask": 64
},
"wlan": {
"address": "2001:4b:ef:3::",
"mask": 64
}
}
}
],
"ipv6-prefix-assignment": [
],
"route": [
{
"target": "::",
"mask": 0,
"nexthop": "fe80::dad7:75ff:fe68:a0cc",
"metric": 4096,
"valid": 12835,
"source": "2001:4b:ef:0::/60"
},
{
"target": "::",
"mask": 0,
"nexthop": "fe80::dad7:75ff:fe68:a0cc",
"metric": 4096,
"valid": 12835,
"source": "2001:4b:ef:5300::1/128"
}
],
"dns-server": [
"2001:14b8:1000::1",
"2001:14b8:1000::2"
],
"dns-search": [
"bb.dnainternet.fi"
],
"neighbors": [
],
"inactive": {
"ipv4-address": [
],
"ipv6-address": [
],
"route": [
],
"dns-server": [
],
"dns-search": [
],
"neighbors": [
]
},
"data": {
"passthru": "00170020200114b8100000000000000000000001200114b8100000000000000000000002001800130262620b646e61696e7465726e657402666900"
}
}
{
"up": true,
"pending": false,
"available": true,
"autostart": true,
"dynamic": false,
"uptime": 582,
"l3_device": "eth1",
"proto": "static",
"device": "eth1",
"updated": [
"addresses",
"routes"
],
"metric": 0,
"dns_metric": 0,
"delegation": true,
"ipv4-address": [
{
"address": "122.118.0.1",
"mask": 26
}
],
"ipv6-address": [
],
"ipv6-prefix": [
],
"ipv6-prefix-assignment": [
{
"address": "2001:4b:ef:0::",
"mask": 64,
"preferred": 6085,
"valid": 12835,
"local-address": {
"address": "2001:4b:ef:0::1",
"mask": 64
}
},
{
"address": "fdb4:fc:9c:b::",
"mask": 64,
"local-address": {
"address": "fdb4:fc:9c:b::1",
"mask": 64
}
}
],
"route": [
{
"target": "122.118.0.59",
"mask": 26,
"nexthop": "122.118.0.1",
"source": "0.0.0.0/0"
},
{
"target": "122.118.0.60",
"mask": 26,
"nexthop": "122.118.0.1",
"source": "0.0.0.0/0"
},
{
"target": "122.118.0.61",
"mask": 26,
"nexthop": "122.118.0.1",
"source": "0.0.0.0/0"
}
],
"dns-server": [
],
"dns-search": [
],
"neighbors": [
],
"inactive": {
"ipv4-address": [
],
"ipv6-address": [
],
"route": [
],
"dns-server": [
],
"dns-search": [
],
"neighbors": [
]
},
"data": {
}
}
Thanks for the patience and perseverance!