My ISP recently start providing IPv6 in addition to IPv4. I get automatically a /56 prefix delegation and all my devices on the LAN are now attributed an IP within the IPv6 prefix delegated. They can access the IPv6 Internet and, when firewall on turris is configured to allow it, are reachable from the Internet.
What I cannot get to work though is IPv6 connectivity on the Turris Omnia itself on the WAN side. The only public IPv6 that is attributed on the turris is on the LAN interface, on the WAN interface, I only get a fe80 address.
Current status:
root@turris:~# ip a show dev eth2
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 532
link/ether d8:58:xx:xx:xx:xx brd ff:ff:ff:ff:ff:ff
inet 93.12.xx.xx/23 brd 93.12.xx.255 scope global eth2
valid_lft forever preferred_lft forever
inet6 fe80::da58:xxff:fexx:xxxx/64 scope link
valid_lft forever preferred_lft forever
root@turris:~# ip a show dev br-lan
49: br-lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 04:f0:xx:xx:xx:xx brd ff:ff:ff:ff:ff:ff
inet 192.168.1.1/24 brd 192.168.1.255 scope global br-lan
valid_lft forever preferred_lft forever
inet6 2a02:xxxx:xxxx:xxxx::1/60 scope global dynamic noprefixroute
valid_lft 189sec preferred_lft 189sec
inet6 fe80::da58:xxff:fexx:xxxx/64 scope link
valid_lft forever preferred_lft forever
/etc/config/network relevant content:
config interface 'lan'
option type 'bridge'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
option ip6assign '60'
option bridge_empty '1'
option igmp_snooping '1'
list ifname 'lan0'
list ifname 'lan1'
list ifname 'lan2'
list ifname 'lan3'
list ifname 'lan4'
config interface 'wan'
option proto 'dhcp'
option ifname 'eth2'
option vendorid 'xxxxx'
#option ipv6 '1'
config interface 'wan6'
option ifname '@wan'
option proto 'dhcpv6'
I have tried setting the now commented option ipv6 to “1” or “auto” with the same result. I have read this page (https://openwrt.org/docs/guide-user/network/ipv6/start) but I do not understand how to get something else than the link local address that is described there.
my Turris Omnia obtains the PD address from the WAN-router (FritzBox).
You are sure your WAN Internet-Router provides the PD address successful?
TO does not need configuration at that point. Works out of the box for me (as far as I remember).
If you need config examples please let me know.
PGP email or private message preferred.
Not resolved is the issue to forward the PD address to the local client hosts. If the upstream router is restarted after the Turris Omnia had a restart (of network) it does not work.
See recent discussion tagged ipv6 here in the forum.
Workaround described there.
If you want to access remote machines via PD have a look at my cookbook (only in german). URL is in the discussion.
I have no WAN-router, Turris Omnia is my WAN router.
PD is working as you can see a /56 IPv6 prefix delegated.
LAN devices got an IPv6 address in the /60 prefix allocated from the PD one. They can access to the IPv6 internet flawlessly and can be reached from the Internet as well when allowed by TOS firewall.
Turris => IPv6 LAN devices is working as well.
What is not working is Turris => IPv6 Internet. And I suspect it is because there is no GA IPv6 on the eth2 (wan) interface, only on the br-lan interface. But I don’t understand how to change this.
This depends on your ISP deployment. In general, it is not necessarry to have an extra global IPv6 address on the WAN interface as operating system will happily use any suitable address from any interface. So it should work out of the box.
Since it is obviously not working, I guess there could be problem with the way routing table is constructed for delegated prefix received via DHCPv6. You can try to fix it by adding this option to the wan6 interface.
option 'sourcefilter' '0'
If it does not help, try to share the routing table and results of ping and traceroute from the router.
# ip -6 r
2a02:xxxx:xxxx:xxxx::/64 dev br-lan proto static metric 1024 pref medium
unreachable 2a02:xxxx:xxxx:xxxx::/56 dev lo proto static metric 2147483647 error 4294967183 pref medium
fe80::/64 dev eth1 proto kernel metric 256 pref medium
fe80::/64 dev br-lan proto kernel metric 256 pref medium
fe80::/64 dev eth0 proto kernel metric 256 pref medium
fe80::/64 dev wlan1 proto kernel metric 256 pref medium
fe80::/64 dev eth2 proto kernel metric 256 pref medium
fe80::/64 dev tun_turris proto kernel metric 256 pref medium
fe80::/64 dev wlan0 proto kernel metric 256 pref medium
default via fe80::a67b:xxff:fexx:xxxx dev eth2 proto static metric 512 pref medium
Ping on OpenWRT is IPv4-only. If you want to ping IPv6 target, you have to use ping6.
Since you have a unrestricted default GW in the routing table as well as some GUA. I see no reason why the router should not be able to communicate over IPv6.