ipv6 and bad preferred prefix length

Kataius · Mon Apr 28, 2025 11:50 pm

hello everyone, I'm trying to configure the ipv6 locally for openthread. But I have the following error:

pool6 refused acquire: bad preferred prefix length! (1)

If I look at the devices they get an ipv6.

What am I doing wrong?

Here is my ipv6 configuration

/ipv6 dhcp-server
add address-pool=DomusPool_v6 interface=400-Domus lease-time=1d name=Domus_v6
add address-pool=LanPool_v6 interface=100-Lan lease-time=1d name=Lan_v6
add address-pool=MammaPool_v6 interface=200-Mamma lease-time=1d name=Mamma_v6
add address-pool=ControlPool_v6 interface=BR-Capsman lease-time=2d name=\
    Control_v6
add address-pool=GuestPool_v6 interface=300-Guest lease-time=6h name=Guest_v6
/ipv6 pool
add name=MammaPool_v6 prefix=fc00:255:255::/64 prefix-length=64
add name=LanPool_v6 prefix=fc00:100:100::/64 prefix-length=64
add name=GuestPool_v6 prefix=fc00:15:15::/64 prefix-length=64
add name=DomusPool_v6 prefix=fc00:240:240::/64 prefix-length=64
add name=ControlPool_v6 prefix=fc00:10:10::/64 prefix-length=64
/ipv6 address
add address=fc00:240:240::1 interface=400-Domus
add address=fc00:100:100::1 interface=100-Lan
add address=fc00:15:15::1 interface=300-Guest
add address=fc00:255:255::1 interface=200-Mamma
add address=fc00:10:10::1 interface=BR-Capsman
/ipv6 firewall address-list
add address=::/128 comment="defconf: unspecified address" list=bad_ipv6
add address=::1/128 comment="defconf: lo" list=bad_ipv6
add address=fec0::/10 comment="defconf: site-local" list=bad_ipv6
add address=::ffff:0.0.0.0/96 comment="defconf: ipv4-mapped" list=bad_ipv6
add address=::/96 comment="defconf: ipv4 compat" list=bad_ipv6
add address=100::/64 comment="defconf: discard only " list=bad_ipv6
add address=2001:db8::/32 comment="defconf: documentation" list=bad_ipv6
add address=2001:10::/28 comment="defconf: ORCHID" list=bad_ipv6
add address=3ffe::/16 comment="defconf: 6bone" list=bad_ipv6
add address=::224.0.0.0/100 comment="defconf: other" list=bad_ipv6
add address=::127.0.0.0/104 comment="defconf: other" list=bad_ipv6
add address=::/104 comment="defconf: other" list=bad_ipv6
add address=::255.0.0.0/104 comment="defconf: other" list=bad_ipv6
add address=fc00:100:100::/64 comment="Lan NET" list=net_lan
add address=fc00:15:15::/64 comment="Guest NET" list=net_guest
add address=fc00:240:240::/64 comment="Domus NET" list=net_domus
add address=fc00:10:10::/64 comment="Control NET" list=net_control
add address=fc00:255:255::/64 comment="Mamma NET" list=net_mamma
add address=fc00:255:255::/64 comment="Excluded from PiHole" list=excluded
add address=fc00:15:15::/64 comment="Excluded from PiHole" list=excluded
add address=fc00:10:10::/64 comment="Excluded from PiHole" list=excluded
add address=fc00:55:55::55/128 comment="Excluded from PiHole" list=excluded
add address=2607:5300:203:1797::53/128 list=DNS-DOH
add address=2001:470:2351::1/128 list=DNS-DOH
add address=2001:470:1f1a:78e::2/128 list=DNS-DOH
add address=2a02:2970:1002::18/128 list=DNS-DOH
add address=2a01:4f8:151:34aa::198/128 list=DNS-DOH
add address=2a01:4f8:c0c:1e44::1/128 list=DNS-DOH
add address=2a01:4f8:200:1235::130/128 list=DNS-DOH
add address=2001:470:2351:11::1/128 list=DNS-DOH
add address=2001:4860:4860::8844/128 list=DNS-DOH
add address=2a03:b0c0:3:f0::157:2000/128 list=DNS-DOH
add address=2607:5300:203:439c::102/128 list=DNS-DOH
add address=2001:19f0:6401:b3d:5400:2ff:fe5a:fb9f/128 list=DNS-DOH
add address=2607:5300:61:c67::11/128 list=DNS-DOH
add address=2001:bc8:32d7:307::301/128 list=DNS-DOH
add address=2604:a880:0:1010::b:4001/128 list=DNS-DOH
add address=2a0d:5600:30:10::53/128 list=DNS-DOH
add address=2a00:1508:0:4::9/128 list=DNS-DOH
add address=2a02:6b8:0:1::feed:bad/128 list=DNS-DOH
add address=2a02:6b8::feed:bad/128 list=DNS-DOH
add address=2620:74:1b::1:1/128 list=DNS-DOH
add address=2620:0:ccc::2/128 list=DNS-DOH
add address=2001:470:20::2/128 list=DNS-DOH
add address=2001:910:800::12/128 list=DNS-DOH
add address=2607:f130:0:d7::918/128 list=DNS-DOH
add address=2a04:3542:1000:910:305c:74ff:fe29:7c26/128 list=DNS-DOH
add address=2606:cd80:0:47::871a/128 list=DNS-DOH
add address=2001:67c:2b0::2/128 list=DNS-DOH
add address=2001:1608:10:25::1c04:b12f/128 list=DNS-DOH
add address=2400:8902::f03c:92ff:fe7d:4266/128 list=DNS-DOH
add address=2620:119:35::35/128 list=DNS-DOH
add address=2620:119:53::53/128 list=DNS-DOH
add address=2606:4700:4700::1001/128 list=DNS-DOH
add address=2a03:4000:24:688::6e73:31/128 list=DNS-DOH
add address=2a03:4000:24:361::6e73:32/128 list=DNS-DOH
add address=2001:418:3ff::1:53/128 list=DNS-DOH
add address=2001:468:c80:2101:0:100:0:22/128 list=DNS-DOH
add address=2001:840:100::/128 list=DNS-DOH
add address=2001:840:200::/128 list=DNS-DOH
add address=2001:978:1:1::d/128 list=DNS-DOH
add address=2610:a1:1019::1/128 list=DNS-DOH
add address=2a01:3a0:53:53::/128 list=DNS-DOH
add address=2a04:52c0:101:75::75/128 list=DNS-DOH
add address=2a0d:5600:33:3::3/128 list=DNS-DOH
add address=2a01:4f8:c17:739a::2/128 list=DNS-DOH
add address=2a10:50c0::1:ff/128 list=DNS-DOH
add address=2a00:fbe0:1:3802::3/128 list=DNS-DOH
add address=2001:418:8006::12/128 list=DNS-DOH
add address=2a01:7e01::f03c:91ff:febc:322/128 list=DNS-DOH
add address=2a00:f826:8:2::195/128 list=DNS-DOH
add address=2a03:4000:4d:c92:88c0:96ff:fec6:b9d/128 list=DNS-DOH
add address=2a00:f826:8:1::254/128 list=DNS-DOH
add address=2001:678:b28::54/128 list=DNS-DOH
add address=2a05:dfc7:5::5353/128 list=DNS-DOH
add address=2a02:6b8::feed:a11/128 list=DNS-DOH
add address=2a02:6b8:0:1::feed:a11/128 list=DNS-DOH
add address=2001:148f:fffe::1/128 list=DNS-DOH
add address=2400:8907::f03c:92ff:fee2:87ff/128 list=DNS-DOH
add address=2a03:4000:6:e5fc::1/128 list=DNS-DOH
add address=2a0c:8fc0:c3e5::1000/128 list=DNS-DOH
add address=2607:5300:203:7f27:5054:ff:fe45:85b5/128 list=DNS-DOH
add address=2607:5300:203:7f27:5054:ff:fe57:4a07/128 list=DNS-DOH
add address=2606:4700:4700::1112/128 list=DNS-DOH
add address=2606:4700:4700::1003/128 list=DNS-DOH
add address=2606:4700:4700::1002/128 list=DNS-DOH
add address=2a0e:97c0:210::250/128 list=DNS-DOH
add address=2a0c:a9c7:9::1/128 list=DNS-DOH
add address=2a10:50c0::2:ff/128 list=DNS-DOH
add address=2a10:50c0::ad1:ff/128 list=DNS-DOH
add address=2a10:50c0::ad2:ff/128 list=DNS-DOH
add address=2001:148f:ffff::1/128 list=DNS-DOH
add address=2001:878:0:e000:82:e1:f4:a6/128 list=DNS-DOH
add address=2a01:4f8:141:316d::117/128 list=DNS-DOH
add address=2a02:c205:3001:4558::1/128 list=DNS-DOH
add address=2a02:6b8::feed:ff/128 list=DNS-DOH
add address=2a02:6b8:0:1::feed:ff/128 list=DNS-DOH
add address=2a0c:a9c7:8::1/128 list=DNS-DOH
add address=2610:a1:1018::5/128 list=DNS-DOH
add address=2001:4860:4860::6464/128 list=DNS-DOH
add address=2606:4700:4700::64/128 list=DNS-DOH
add address=2606:4700:4700::6400/128 list=DNS-DOH
add address=2610:a1:1018::2/128 list=DNS-DOH
add address=2610:a1:1019::2/128 list=DNS-DOH
add address=2610:a1:1019::5/128 list=DNS-DOH
add address=2620:fe::11/128 list=DNS-DOH
add address=2620:fe::fe:10/128 list=DNS-DOH
add address=2620:fe::fe:11/128 list=DNS-DOH
add address=2620:fe::fe:9/128 list=DNS-DOH
add address=2a0d:2a00:1::2/128 list=DNS-DOH
add address=2a0d:2a00:2::2/128 list=DNS-DOH
add address=2a05:dfc7:5353::53/128 list=DNS-DOH
add address=2001:41d0:700:537::/128 list=DNS-DOH
add address=2001:470:1f07:ed6::/128 list=DNS-DOH
add address=2001:4ba0:ffa4:1ce::/128 list=DNS-DOH
add address=2604:ffc0::/128 list=DNS-DOH
add address=2001:678:e68:f000::/128 list=DNS-DOH
add address=2001:468:c80:4101:0:100:0:42/128 list=DNS-DOH
add address=2a03:4000:55:d1d::/128 list=DNS-DOH
add address=2001:4ba0:ffa4:3f7::/128 list=DNS-DOH
add address=2a0f:4a80:0:5::6734/128 list=DNS-DOH
add address=2400:6180:0:d0::5f6e:4001/128 list=DNS-DOH
add address=2400:8902::f03c:91ff:feda:c514/128 list=DNS-DOH
add address=2001:1a68::d911:2244/128 list=DNS-DOH
add address=2001:1bc0::ffff:aaaa:2/128 list=DNS-DOH
add address=2001:1bc0::ffff:bbbb:2/128 list=DNS-DOH
add address=2001:470:0:45::2/128 list=DNS-DOH
add address=2001:4870:6082:3::100/128 list=DNS-DOH
add address=2001:4870:6082:3::5/128 list=DNS-DOH
add address=2001:550:1:1::d/128 list=DNS-DOH
add address=2001:550:1:2::d/128 list=DNS-DOH
add address=2001:738:6001:b0b0::1000/128 list=DNS-DOH
add address=2001:840:2010:413::100/128 list=DNS-DOH
add address=2001:978:1:2::d/128 list=DNS-DOH
add address=2a02:200:1:11::100/128 list=DNS-DOH
add address=2a02:200:1:12::100/128 list=DNS-DOH
add address=2a09::1/128 list=DNS-DOH
add address=2a01:7e00::f03c:91ff:feae:d55/128 list=DNS-DOH
add address=2a01:7e00::f03c:91ff:feae:3d1a/128 list=DNS-DOH
add address=2001:8b0:978:f4a4::1/128 list=DNS-DOH
add address=2a03:e2c0:73e:a::13/128 list=DNS-DOH
add address=2001:41d0:601:1100::2a7f/128 list=DNS-DOH
add address=2001:41d0:1:de53::1/128 list=DNS-DOH
add address=2001:470:23:4bd::2/128 list=DNS-DOH
add address=2a03:b0c0:2:d0::cf0:c001/128 list=DNS-DOH
add address=2a00:f48:1003:1::759d:c751/128 list=DNS-DOH
add address=2001:bc8:670:112::1/128 list=DNS-DOH
add address=2001:de4::101/128 list=DNS-DOH
add address=2001:de4::102/128 list=DNS-DOH
add address=2a00:5a60::1:ff/128 list=DNS-DOH
add address=2a00:5a60::ad2:ff/128 list=DNS-DOH
add address=2001:470:fcbd:31:10:94:29:7fb9/128 list=DNS-DOH
add address=2a11:b244::244/128 list=DNS-DOH
add address=2a0e:2000::2000/128 list=DNS-DOH
add address=2a0d:8480::fd4/128 list=DNS-DOH
add address=2a02:7b40:6deb:4526::3/128 list=DNS-DOH
add address=2001:470:71:1c::d/128 list=DNS-DOH
add address=2001:bc8:62c:379::1/128 list=DNS-DOH
add address=2001:bc8:182c:15a::1/128 list=DNS-DOH
add address=2606:1a40:1::/128 list=DNS-DOH
add address=2606:1a40:1::1/128 list=DNS-DOH
add address=2402:2c00:1688:162:1643:4989:f51c:7392/128 list=DNS-DOH
add address=2606:1a40::4/128 list=DNS-DOH
add address=2606:1a40:1::4/128 list=DNS-DOH
add address=2606:1a40::5/128 list=DNS-DOH
add address=2606:1a40:1::5/128 list=DNS-DOH
add address=2606:1a40::1/128 list=DNS-DOH
add address=2a02:bf8:aaaa::10/128 list=DNS-DOH
add address=2a02:bf8:aaaa::11/128 list=DNS-DOH
add address=2a03:2100:0:54::82/128 list=DNS-DOH
add address=2a03:2100:0:54::84/128 list=DNS-DOH
add address=2001:41d0:701:1100::39cc/128 list=DNS-DOH
add address=2a07:a8c1::/128 list=DNS-DOH
add address=2001:470:75b6:0:2050:8fff:fe09:3fe1/128 list=DNS-DOH
add address=2001:470:75b6:0:285b:10ff:fe20:2e42/128 list=DNS-DOH
add address=2804:10:10::10/128 list=DNS-DOH
add address=2804:10:10::20/128 list=DNS-DOH
add address=2607:fcd0:fa80:2a18:a611:b3da:7fee:4738/128 list=DNS-DOH
add address=2001:67c:28a4::/128 list=DNS-DOH
add address=2001:678:f68:70:5054:ff:fe57:4a07/128 list=DNS-DOH
add address=2001:910:800::40/128 list=DNS-DOH
add address=2405:3340:e000::77:77/128 list=DNS-DOH
add address=2001:67c:21ec::53/128 list=DNS-DOH
add address=2001:41d0:700:1c0e::1/128 list=DNS-DOH
add address=2a01:4f8:1c0c:73a2::1/128 list=DNS-DOH
add address=2a01:4f9:c010:ec27::1/128 list=DNS-DOH
add address=2a01:4ff:f0:289a::1/128 list=DNS-DOH
add address=2001:dc8:c000:2::106/128 list=DNS-DOH
add address=2001:41d0:700:1c0e::179/128 list=DNS-DOH
add address=2001:470:1f15:b80::53/128 list=DNS-DOH
add address=2001:780:250::beaf/128 list=DNS-DOH
add address=2a0c:2500:572:1354::cafe/128 list=DNS-DOH
add address=2a0a:51c0::7fe/128 list=DNS-DOH
add address=2001:bc8:1810:1e00::1/128 list=DNS-DOH
add address=2a00:5a60::ad1:ff/128 list=DNS-DOH
add address=2606:4700:4700::1113/128 list=DNS-DOH
add address=2406:da19:66f:e800:351:812d:acd8:d7e6/128 list=DNS-DOH
add address=2406:da19:66f:e820:bb4:bf97:adf2:817b/128 list=DNS-DOH
add address=2001:470:36:70c::1/128 list=DNS-DOH
add address=2001:470:36:70c::2/128 list=DNS-DOH
add address=2406:da19:66f:e810:2f1b:9ce8:a5f1:132f/128 list=DNS-DOH
add address=2406:da19:66f:e810:92ad:7e02:fa25:38b9/128 list=DNS-DOH
add address=2402:1f00:8000:800::1d7a/128 list=DNS-DOH
add address=2001:470:ecc5:3:8593:2501:3007:cc11/128 list=DNS-DOH
add address=2607:5300:201:3100::2ed/128 list=DNS-DOH
add address=2003:d9:f21:6400:2ccc:7c5d:889a:d821/128 list=DNS-DOH
add address=2001:678:f68:70:5054:ff:fe02:fd7b/128 list=DNS-DOH
add address=2001:41d0:700:13cb:141:95:6:51/128 list=DNS-DOH
add address=2001:41d0:700:121e::212/128 list=DNS-DOH
add address=2a03:4000:17:9ca:8860:f2ff:feb0:cbfe/128 list=DNS-DOH
add address=2407:9440:1:5::3/128 list=DNS-DOH
add address=2001:4b8:3:201::902/128 list=DNS-DOH
add address=2a03:90c0:999d::1/128 list=DNS-DOH
add address=2a03:90c0:9992::1/128 list=DNS-DOH
add address=2a00:6800:3:4bd::1/128 list=DNS-DOH
add address=2001:470:b0c4:4::a/128 list=DNS-DOH
add address=2001:470:b0c4:5::a/128 list=DNS-DOH
add address=2404:fbc0:0:1::235:875b/128 list=DNS-DOH
add address=2606:1a40::32/128 list=DNS-DOH
add address=2606:1a40:1::32/128 list=DNS-DOH
add address=2606:1a40::33/128 list=DNS-DOH
add address=2606:1a40:1::33/128 list=DNS-DOH
add address=2606:1a40::34/128 list=DNS-DOH
add address=2606:1a40:1::34/128 list=DNS-DOH
add address=2606:1a40::35/128 list=DNS-DOH
add address=2606:1a40:1::35/128 list=DNS-DOH
add address=2606:1a40::36/128 list=DNS-DOH
add address=2606:1a40:1::36/128 list=DNS-DOH
add address=2606:1a40::37/128 list=DNS-DOH
add address=2606:1a40:1::37/128 list=DNS-DOH
add address=2606:1a40::38/128 list=DNS-DOH
add address=2606:1a40:1::38/128 list=DNS-DOH
add address=2606:1a40::/128 list=DNS-DOH
add address=2606:1a40::2/128 list=DNS-DOH
add address=2606:1a40:1::2/128 list=DNS-DOH
add address=2606:1a40::3/128 list=DNS-DOH
add address=2606:1a40:1::3/128 list=DNS-DOH
add address=2a01:238:4231:5200::1/128 list=DNS-DOH
add address=2a03:94e0:1804::1/128 list=DNS-DOH
add address=2001:df0:27b::226/128 list=DNS-DOH
add address=2a02:88:1:e:807::101/128 list=DNS-DOH
add address=2606:4700:4700::1111/128 list=DNS-DOH
add address=2a01:4f8:c012:b58d::1/128 list=DNS-DOH
add address=2a01:4f8:1c1e:d181::1/128 list=DNS-DOH
add address=2a06:1c40:3::13/128 list=DNS-DOH
add address=2001:8d8:1801:86e7::1/128 list=DNS-DOH
add address=2001:8d8:820:3a00::b:c47/128 list=DNS-DOH
add address=2400:8901::f03c:93ff:fe25:a89b/128 list=DNS-DOH
add address=2a0f:fc80::/128 list=DNS-DOH
add address=2a0f:fc81::/128 list=DNS-DOH
add address=2a07:a8c1::76:4378/128 list=DNS-DOH
add address=2a07:a8c0::76:4378/128 list=DNS-DOH
add address=2a07:a8c0::/128 list=DNS-DOH
add address=2a0f:fc80::9/128 list=DNS-DOH
add address=2a0f:fc81::9/128 list=DNS-DOH
add address=2a00:6a00:ad1:806::86/128 list=DNS-DOH
add address=2a02:88:1:e:807::99/128 list=DNS-DOH
add address=2a00:6a00:ad1:806::83/128 list=DNS-DOH
add address=2a01:4f8:172:1d2a::2/128 list=DNS-DOH
add address=2001:1488:800:400::130/128 list=DNS-DOH
add address=2001:1608:10:25::9249:d69b/128 list=DNS-DOH
add address=2001:418:3ff::53/128 list=DNS-DOH
add address=2001:428:101:100:205:171:3:65/128 list=DNS-DOH
add address=2001:4860:4860::64/128 list=DNS-DOH
add address=2001:4b8:2:101::602/128 list=DNS-DOH
add address=2001:67c:2b0::1/128 list=DNS-DOH
add address=2001:b000:168::1/128 list=DNS-DOH
add address=2610:a1:1018::1/128 list=DNS-DOH
add address=2620:10a:80bb::20/128 list=DNS-DOH
add address=2620:74:1c::2:2/128 list=DNS-DOH
add address=2620:fe::9/128 list=DNS-DOH
add address=2620:fe::fe/128 list=DNS-DOH
add address=2001:dc8:1:2::106/128 list=DNS-DOH
add address=2001:dc8:0:2::106/128 list=DNS-DOH
add address=2a0d:8480:2:54::/128 list=DNS-DOH
add address=2a09:5302:ffff::ac9/128 list=DNS-DOH
add address=2a0d:8480:1:f9::/128 list=DNS-DOH
add address=2a0a:51c0:0:75::152/128 list=DNS-DOH
add address=2607:f130:0:145::7569:1026/128 list=DNS-DOH
add address=2605:e440:12::102/128 list=DNS-DOH
add address=2605:e440:13::1:7d/128 list=DNS-DOH
add address=2605:e440:3::3:83/128 list=DNS-DOH
add address=2605:e440:4::1:c0/128 list=DNS-DOH
add address=2605:e440:7::2:100/128 list=DNS-DOH
add address=2605:e440:9::1:bd/128 list=DNS-DOH
add address=2a09:5302:ffff::aca/128 list=DNS-DOH
add address=2a01:4f8:c17:ef70::1/128 list=DNS-DOH
add address=2405:8a00:8001::20/128 list=DNS-DOH
add address=2409::1/128 list=DNS-DOH
add address=2001:de2::1/128 list=DNS-DOH
add address=2620:0:ccd::2/128 list=DNS-DOH
add address=2001:4860:4860::8888/128 list=DNS-DOH
add address=2a00:aa40:0:225::2/128 list=DNS-DOH
add address=2606:ed00:2:babe::10/128 list=DNS-DOH
add address=2a03:b0c0:0:1010::1a7:c001/128 list=DNS-DOH
add address=2001:470:1f06:10b::2/128 list=DNS-DOH
add address=2001:da8::666/128 list=DNS-DOH
/ipv6 firewall filter
add action=accept chain=input comment=\
    "defconf: accept established,related,untracked" connection-state=\
    established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=\
    invalid
add action=accept chain=input comment="defconf: accept ICMPv6" protocol=icmpv6
add action=accept chain=input comment="defconf: accept UDP traceroute" dst-port=\
    33434-33534 protocol=udp
add action=accept chain=input comment=\
    "defconf: accept DHCPv6-Client prefix delegation." dst-port=546 protocol=udp \
    src-address=fe80::/10
add action=accept chain=input comment="defconf: accept IKE" dst-port=500,4500 \
    protocol=udp
add action=accept chain=input comment="defconf: accept ipsec AH" protocol=\
    ipsec-ah
add action=accept chain=input comment="defconf: accept ipsec ESP" protocol=\
    ipsec-esp
add action=accept chain=input comment=\
    "defconf: accept all that matches ipsec policy" ipsec-policy=in,ipsec
add action=accept chain=input comment="PiHole and NTP" dst-port=53,123 \
    in-interface-list=LAN protocol=udp
add action=accept chain=input comment=Pihole dst-port=53 in-interface-list=LAN \
    protocol=tcp
add action=drop chain=input comment=\
    "defconf: drop everything else not coming from LAN" in-interface-list=!LAN
add action=fasttrack-connection chain=forward comment="defconf: fasttrack6" \
    connection-state=established,related
add action=accept chain=forward comment=\
    "defconf: accept established,related,untracked" connection-state=\
    established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" connection-state=\
    invalid
add action=drop chain=forward comment="defconf: drop packets with bad src ipv6" \
    src-address-list=bad_ipv6
add action=drop chain=forward comment="defconf: drop packets with bad dst ipv6" \
    dst-address-list=bad_ipv6
add action=drop chain=forward comment="Drop RA" icmp-options=134:0 protocol=\
    icmpv6
add action=drop chain=forward comment="defconf: rfc4890 drop hop-limit=1" \
    hop-limit=equal:1 protocol=icmpv6
add action=accept chain=forward comment="defconf: accept ICMPv6" protocol=icmpv6
add action=accept chain=forward comment="defconf: accept HIP" protocol=139
add action=accept chain=forward comment="defconf: accept IKE" dst-port=500,4500 \
    protocol=udp
add action=accept chain=forward comment="defconf: accept ipsec AH" protocol=\
    ipsec-ah
add action=accept chain=forward comment="defconf: accept ipsec ESP" protocol=\
    ipsec-esp
add action=accept chain=forward comment=\
    "defconf: accept all that matches ipsec policy" ipsec-policy=in,ipsec
add action=drop chain=forward comment="BLOCK DOT" dst-address-list=DNS-DOH \
    dst-port=443,853 in-interface-list=LAN protocol=udp src-address-list=\
    !excluded
add action=drop chain=forward comment="BLOCK DOT" dst-address-list=DNS-DOH \
    dst-port=443,853 in-interface-list=LAN protocol=tcp src-address-list=\
    !excluded
add action=drop chain=forward comment="BLOCK DOH" dst-address-list=DNS-DOH \
    in-interface-list=LAN src-address-list=!excluded
add action=accept chain=forward comment="allow access to PiHOLE" dst-address=\
    fc00:55:55::55/128 in-interface-list=LAN src-address-list=!excluded
add action=drop chain=forward comment=\
    "defconf: drop everything else not coming from LAN" in-interface-list=!LAN
add action=drop chain=forward comment="DROP IPv6 TO INTERNET" \
    out-interface-list=WAN
add action=drop chain=output comment="DROP IPv6 TO INTERNET" out-interface-list=\
    WAN
/ipv6 firewall nat
add action=dst-nat chain=dstnat comment=Pihole dst-port=53 in-interface-list=LAN \
    protocol=udp src-address-list=!excluded to-address=fc00:55:55::55/128
add action=dst-nat chain=dstnat comment=Pihole dst-port=53 in-interface-list=LAN \
    protocol=tcp src-address-list=!excluded to-address=fc00:55:55::55/128
/ipv6 nd
set [ find default=yes ] disabled=yes
add advertise-dns=no hop-limit=64 interface=BR-Capsman
add dns=fc00:55:55::55,fc00:55:55::55 hop-limit=64 interface=100-Lan
add dns=2001:4860:4860::8888,2001:4860:4860::8844 hop-limit=64 interface=\
    200-Mamma
add dns=2606:4700:4700::1113,2606:4700:4700::1003 hop-limit=64 interface=\
    300-Guest
add dns=fc00:55:55::55,fc00:55:55::55 hop-limit=64 interface=400-Domus

Kentzo · Tue Apr 29, 2025 7:57 am

Is your intention to have a stateful or stateless IPv6 address assignment?

Kataius · Tue Apr 29, 2025 4:21 pm

thanks for the reply, I would like stateful, so as to manage the IPs from mikrotik, but it doesn't change anything for me, I only need it only for openthread

Kentzo · Tue Apr 29, 2025 6:19 pm

Typically it’s a job for a Thread Border Router which acts independently from your router. Can you tell more about what you are configuring?

Kataius · Tue Apr 29, 2025 8:28 pm

I have to make the ipv6 communicate with the threads, but without ipv6 the border router doesn't work, right? and when I enable the ipv6 it gives me this error... what am I not understanding?

Kentzo · Tue Apr 29, 2025 8:38 pm

I expect Thread Border Router to act independently. IIRC the only requirement is that it needs to be on the same link (i.e. same ethernet, wifi of VLAN) with devices it wants to control.

Kataius · Tue Apr 29, 2025 8:44 pm

doesn't he also need an ipv6 in addition to the same link?

Kentzo · Tue Apr 29, 2025 9:01 pm

It should set up its own independent network.

Kataius · Tue Apr 29, 2025 9:27 pm

all the thread guides I find give as minimum requirements that the router has dhcp ipv6 enabled...

Kentzo · Tue Apr 29, 2025 9:48 pm

Clear the /ipv6/dhcp-server config. Configure SLAAC by advertising a self-allocated ULA address on the interface connected to the link with Open Thread Router. See to that the OTR picks an address from this advertised prefix. Once OTR is properly on link it will start issuing Router Advertisement messages with the prefix (different from your ULA) it used to configure its own network.

Kataius · Wed Apr 30, 2025 2:06 pm

thanks, I'll do as you say, but anyway for information, the error: pool6 refused acquire: bad preferred prefix length! (1) what is it due to?

kristapsc · Wed Apr 30, 2025 2:07 pm

In your ipv6/pool you should set prefix-length=128. Or if you intend to assign prefixes you should set prefix-pool instead of address-pool in ipv6/dhcp-server.

Kentzo · Wed Apr 30, 2025 6:36 pm

thanks, I'll do as you say, but anyway for information, the error: pool6 refused acquire: bad preferred prefix length! (1) what is it due to?

As @Kataius said: you misconfigured prefix delegation / address allocation (depending on what you wanted to use DHCPv6 Server for). You really did not give us enough details.

At the very least read https://help.mikrotik.com/docs/spaces/R ... Addressing and https://help.mikrotik.com/docs/spaces/R ... CPv6Server

ipv6 and bad preferred prefix length

ipv6 and bad preferred prefix length

Re: ipv6 and bad preferred prefix length

Re: ipv6 and bad preferred prefix length

Re: ipv6 and bad preferred prefix length

Re: ipv6 and bad preferred prefix length

Re: ipv6 and bad preferred prefix length

Re: ipv6 and bad preferred prefix length

Re: ipv6 and bad preferred prefix length

Re: ipv6 and bad preferred prefix length

Re: ipv6 and bad preferred prefix length

Re: ipv6 and bad preferred prefix length

Re: ipv6 and bad preferred prefix length

Re: ipv6 and bad preferred prefix length