GL-X3000 wireguard VPN ipv6 setting

I am running into some trouble setting up ipv6 on GL-X3000 with wireguard.
Here is my setup
Using tmobile sim for internet, tmobile will provide a a single ipv6 address, with passthrough mode, client can get ipv6 assigned from tmobile, but matter of fact is I don’t want to use tmobile ipv6 on client altogether.

Without wireguard, I can get ipv6 working with NAT6 with relay mode setup on LAN interface, I don’t need the devices to be routable, just need them to be able to access ipv6 wan.

I am using cloudflare warp / warp+ for the wireguard part, and it also provides a single ipv6 address. I also enabled rule on the glinet’s own UI to allow certain domain to bypass wireguard.

It works perfectly if I just shut down ipv6 altogether on the router. When IPv6 turned on, v4 traffic is still routing correctly through wireguard, but ipv6 behavior seems just all over the place.
With passthrough, client get a tmobile ipv6 and all traffic just goes straight to modem interface. NAT / Static result in client gets an internal ipv6 assigned, and all ipv6 is not routable.

Tried to mess around with openwrt on luci, creating an ipv6 client interface for wireguard and declear itself as master etc… none of them worked.

I am on firmware 0405release1, and pretty new openwrt so I don’t have a solid idea what’s the call stack and files goes with them yet. So if there is any file config I should be posting, please let me know.

Thank you for the help!.


To answer my own question, just download the snapshot firmware and flashed it then all seems well working out of the box. It is seems the snapshot, even version stated is lower, is using kwan package rather than the mwan3 package that has been pointed out causing the issue on some other models.
Done some digging on my own, seems there is something wrong when setting up the zone and nat6 rules for firewall , from luci UI i am seeing 2 wgclient zone, and the lan interface is probably forwarding the ipv6 request to nowhere .