Setup IPv6 with public /64 address only

Hey guys

I read a lot of posts here regarding IPv6 setup but am still struggling. My ISP doesn't give me a public IPv4 address, only a public IPv6 /64 address. Besides some firewall options I can't change anything regarding IPv6 in the ISP router. There is no DHCPv6-PD and for what I've read it gets tricky with only a /64 address.

The situation is like this: Internet <--> ISP router <--> OpenWRT router
My goal is to create two interfaces; interface 1 called HOME handles devices like PCs, Laptops etc. and interface 2 called IOT (doesn't need IPv6) handles IOT devices for which I want to restrict internet access using firewall rules. I know how to setup interfaces with static IPv4, bridge wifi and setup firewall rules to allow pings and internet access. IPv4 is working fine, but I can't get IPv6 to work. WAN6 as a DHCPv6 client receives a valid IPv6 address from the ISP router and I can ping using IPv6 in the router diagnostics.

The reason for all this is that the ISP router's firewall is not working properly (needs restarts etc.) and can only hold 32 entries for some reason. I want to use the OpenWRT router's firewall to grant access to ports (e.g. services like a Teamspeak server) in HOME.

Imagine a fresh install of OpenWRT, how do I setup IPv6 correctly so that clients in HOME get (public) IPv6 addresses? I don't want to use NAT as IPv6 was designed to make it obsolete, but if it makes it easier to accomplish what I want...

Best regards

You need to enable relay (3rd example).