On wan6 I'm seeing two records for ipv6-address (a /64 and /128) and ipv6-prefix is empty. lan has no ipv6-address nor ipv6-prefix but has an fd10 address in ipv6-prefix-assignment.
Another data point: "ipconfig /renew6" gives a semaphore timeout error, suggesting that nothing's responding. I tried it with the firewall down. The Windows box does have two fd10 addresses and an fe80 address assigned.
I'm not sure how to determine that. It's Comcast residential.
Meanwhile, I re-enabled IPv6 on my ASUS running Merlin firmware, setting it to "passthrough", and that seems to work. So I pulled the source code for that from GitHub to see if I can figure out how that works and will adapt the internal settings to OpenWRT. (The ASUS fronts my backup Comcast account with the cheaper plan and the Merlin support for that model was dropped due to the age of the router.)
For Comcrap, at least where I am, you can request a /60.
The use case of only offering IPv6 addresses from the OpenWrt device seems reasonable. You may be able to accomplish that by disabling the DHCP feature of dnsmasq as I believe that IPv6 is handled by another service under OpenWrt.
I dug down through the Merlin code to see what the passthrough setting does, and it seems to start 6relayd, which has been replaced by odhcpd in OpenWRT. 6relayd is invoked in start_6relayd() here:
I'm trying to track down some more detailed documentation on 6relayd to see if I can adapt that command into an odhcpd config.
While looking for 6relayd info, I tripped across this mailing list report about this migration from 2013. Not sure if it's relevant but as a software archaeologist it's interesting seeing the history of this stuff.
According to that, I should be able to set the requested prefix length to /60 and the delegated one to /64. I can see an address getting assigned to WAN6 but I'm not seeing clients get an address, yet. How do I know if I got a /60 instead of a /64?
Not in bridged mode. It's Xfinity's Arris modem and its connection status page shows a delegated prefix with a /64. (I hadn't thought to look at the modem's page, as I hadn't needed to mess with it for quite some time.)
BTW, the main reason I have a router after their modem/router is because their web management doesn't let me disable their DHCP function. I notice they have both IPv4 and IPv6 DHCP servers.
I've got the link between modem and router set to 172.24.0.0/24 with the modem as .1 and the ZyXEL as .2.
Damn, I didn't think bridge mode was available on their residential connection. It's a switch in the main Gateway At a Glance page. I'll have to try that once the family is done using the Internet for the day.
After switching to bridge mode and restoring the router setting to stock, I'm seeing v6 addresses everywhere, so things seem to be mostly working.
I ran the following v6 connectivity test and it tells me that the large packet ICMP isn't getting through, so it can't do PMTUD. I don't know what to do with that.
I'm in the process of renumbering my network so I can get access back to the Xfinity modem. I think when I switched it to bridge mode, it set the address back from the 172 address I'd given it to 10.0.0.1, and that's in my LAN's address block, so the router won't route to it. I'm squishing my network into 10.96/16 so their address will be outside that and will be on the WAN side of the router.
Meanwhile, here's the ping result:
f:\devel>ping -l 1452 -6 www.google.com
Pinging www.google.com [2607:f8b0:4005:807::2004] with 1452 bytes of data:
Reply from 2607:f8b0:4005:807::2004: time=14ms
Reply from 2607:f8b0:4005:807::2004: time=15ms
Reply from 2607:f8b0:4005:807::2004: time=11ms
Reply from 2607:f8b0:4005:807::2004: time=12ms
Ping statistics for 2607:f8b0:4005:807::2004:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 11ms, Maximum = 15ms, Average = 13ms
I found that, after switching to bridge mode, the modem had reverted its web administration address to 192.168.100.1, but still accepted my old password. I can't see anything that can be modified now except whether it's in bridge mode. (I don't see a setting which lets me move the admin address, which is annoying, but I can live with that.)
I found other sites with the same test setup as the Comcast link and they tell me I'm fine with the big packet test. So that tells me Comcast's test site is broken. So I think I'm golden now.