My network topology at home is pretty simple, it looks like this:

After my recent router hardware and OpenWrt 19.07 firmware upgrades, I noticed my access point connected to my cable modem looked like this on the Status Overview page:

Pro-tip: Notice I’m using the cloudflare DNS servers rather than the ISP-provided ones. The Comcast DNS servers have gone down on me before and their performance is generally lacking.

But over on my bridged router it looked like this:

Further more, when I went to the command line on my bridged router, I couldn’t ping any IPv6 addresses:

root@ap2:~# ping ipv6.google.com
PING ipv6.google.com (2607:f8b0:4009:807::200e): 56 data bytes
ping: sendto: Permission denied

My concern was if the bridged router can’t contact IPv6 addresses, the same is probably true for the devices that are connecting through it.

I found the solution in this thread on the OpenWrt forums. While it’s easy to statically assign an IPv4 address, along with a default gateway and DNS server – for IPv6 it’s easiest to set up another lan interface specifically for IPv6 that gets it’s IPv6 address (and routes) automatically from the upstream router – rather than assigning it statically.

The TL;DR version of this post is to add this to your network config:

config interface 'lan6'
	option ifname '@lan'
	option proto 'dhcpv6'
	option reqprefix 'no'

Configuring IPv6 Bridging through the Web Interface

To do the same thing above via LuCI – the OpenWrt web interface, here’s how. Initially on the Network -> Interfaces page, ou can see my IPv4 lan with the wan ports disabled:

Click “Add new interface…”

Name it “lan6” and choose the DHCPv6 client protocol. For the interface, select the @lan alias. Then click Create Interface. You’ll be brought to a second screen.

All I had to do on this page was change the “Request IPv6-prefix” value to disabled. No need to change anything on the other tabs – the defaults are fine.

Now the Status -> Overview page on my bridged router looks like this:

Now I can ping IPv6 addresses from the command line on my bridged router:

root@ap2:~# ping -c 2 ipv6.google.com
PING ipv6.google.com (2607:f8b0:4009:807::200e): 56 data bytes
64 bytes from 2607:f8b0:4009:807::200e: seq=0 ttl=115 time=17.884 ms
64 bytes from 2607:f8b0:4009:807::200e: seq=1 ttl=115 time=17.351 ms

--- ipv6.google.com ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 17.351/17.617/17.884 ms

One of my 2021 goals is to better understand IPv6 concepts (at least as well as I can understand IPv4). If there’s any *nix configurations I find helpful along the way, I’ll post ’em here.