Nerd Family – WiFi IPv6-Only Network Connection Fail

Confirm the network is IPv6-only. From a laptop or phone on the same Wi-Fi, open `test-ipv6.com` or `ip.tyil.nl/ipv6`. If the page reports `no IPv4 connectivity / IPv6 only`, the LAN is IPv6-only and the miner is hitting the LWIP gap. If both protocols are reported reachable, the failure is something else — re-diagnose against the related-error list.

Substitute a phone hotspot for 10 minutes. Tether on a normal IPv4 mobile plan (NOT a T-Mobile Home Internet SIM, NOT an EE 5G Home SIM). Connect the miner. If it hashes within 60 seconds, the home network is IPv6-only and the miner is healthy — focus on the network, not the device.

Restart the carrier gateway. Some IPv6-only deployments occasionally hand out a temporary IPv4 lease during prefix-delegation glitches. A reboot may give a 24-hour mining window while you set up a permanent fix. This is a band-aid, not a solution.

Move the miner to a guest SSID on a router upstream of the IPv6-only carrier link. If you have your own router doing dual-stack NAT44 before the carrier gateway became authoritative, plug the miner there. Most homes won't have this topology, but some do (carrier modem in bridge mode + your own router).

Change the pool URL to D-Central's stratum endpoint or a community pool with documented dual-stack DNS (publishes both A and AAAA). Some pools resolve cleanly even on IPv6-only LANs; most don't. Lowest-effort experiment before touching DNS settings.

Override LAN-side DNS at the carrier gateway to a dual-stack public resolver: Google Public DNS (`8.8.8.8`, `8.8.4.4`, `2001:4860:4860::8888`, `2001:4860:4860::8844`) or Cloudflare (`1.1.1.1`, `1.0.0.1`, `2606:4700:4700::1111`, `2606:4700:4700::1001`). The carrier's own DNS is often DHCPv6-only, which ESP32 LWIP doesn't reliably consume. Save, reboot the miner, watch the dashboard.

Use Google Public DNS64 / Cloudflare DNS64 if Step 6 doesn't fix it: `2001:4860:4860::6464`, `2001:4860:4860::64`, `2606:4700:4700::6400`, `2606:4700:4700::64`. These return synthetic AAAA records for IPv4-only hosts, letting the miner reach pool hostnames over NAT64. Works only if the carrier's NAT64 itself is stable.

Reserve a static DHCP lease for the miner where the gateway lets you. Even IPv6-only deployments often allow a parallel `192.168.x.0/24` IPv4 LAN, just disabled by default on 5G FWA gateways. Some T-Mobile Arcadyan / Sagecom and EE Smart Hub units expose this behind an `advanced` toggle; enabling it gives the miner a dual-stack home and the LWIP gap disappears.

Check whether your firmware was built with IPv6 enabled. Some AxeOS / NerdMiner / NerdNOS builds disable IPv6 entirely in `sdkconfig` (`LWIP_IPV6=n`). On those builds, the miner refuses to associate with an IPv6-only SSID at all — the symptom is `Wi-Fi never connects`, not `Wi-Fi connects but no pool`. Cross-check by flashing a build with documented IPv6 support and re-testing.

Switch carrier from IPv6-only mobile / FWA to fixed-line broadband for the miner. EU territory served by IPv6-only mobile APNs and US 5G FWA carriers are great for general internet but hostile to embedded mining firmware. Wired DSL / cable / FTTH plans almost universally still provide IPv4. One-time, permanent fix; operationally cheaper than fighting NAT64.

Drop an IPv4-only Wi-Fi bubble between the IPv6-only carrier and the miner. GL.iNet GL-MT300N-V2 (~$25 CAD), GL-AR300M (~$45 CAD), or any old OpenWRT-capable router. Plug into carrier gateway Ethernet, set WAN to DHCP, set LAN to `192.168.50.0/24` IPv4 NAT44, run a dedicated SSID like `mining-net`, connect every Nerd / Bitaxe to it. Carrier absorbs the IPv6 complexity; miners see a normal dual-stack-compatible IPv4 LAN. D-Central recommended fix.

Configure NAT64 / DNS64 on your own router (OpenWRT). Install `464xlat`, `dns64`, or `nat64` packages, point LAN DNS at the local `dns64` daemon, let it synthesize AAAA on the fly. Works as a single-router solution but operationally more complex than Step 11. Recommend only if you're already running OpenWRT for other reasons.

Build a firmware with explicit dual-stack support (`LWIP_IPV6=y`, `LWIP_IPV6_DHCP6=y`, `LWIP_IPV6_RDNSS=y`, `LWIP_DNS=y` in `sdkconfig`) and flash it. Requires PlatformIO / ESP-IDF and the relevant repo (`bitaxeorg/ESP-Miner`, `BitMaker-hub/NerdMiner_v2`, `NerdMiner-org/NerdNOS`, `Shufflepuck/NerdQAxe-plus`). Closes the firmware-side gap; NAT64 reachability still depends on the carrier.

Run a Stratum proxy on a $5/month VPS (Hetzner, Vultr, DigitalOcean) with a clean dual-stack uplink, plus a small `stratum-proxy` daemon on the VPS public IP. Point miner at VPS hostname. Proxy translates between miner's local connection and pool's IPv4 endpoint, side-stepping carrier NAT64. Same approach with Cloudflare Tunnel / WireGuard / Tailscale exit-node. Use when carrier blocks pool ports outright.

Test pool reachability from inside the IPv6-only LAN with `dig` / `nslookup` / `nc`. From any phone or laptop on the same SSID: `dig solo.ckpool.org A`, `dig solo.ckpool.org AAAA`, `nc -vz solo.ckpool.org 3333`. Output reveals exactly which layer (DNS, AAAA synthesis, TCP reach) is broken. Bring that output to D-Central support — diagnostic time becomes near-zero.

Stop DIY when the IPv4-only travel router is in place, dual-stack DNS confirmed on a laptop, pool resolves and pool port reachable from a laptop on the same LAN — and the miner still can't reach a pool. The failure is no longer the LAN; it's a device-side fault (firmware corruption, ESP32-S3 fault, hashboard fault). Book D-Central's troubleshooting bench.

D-Central bench process. We replicate the IPv6-only-network setup (a labelled T-Mobile Home Internet test gateway and an EE 5G test SIM live in our network closet), capture the miner's serial logs end-to-end through the failure, reproduce the resolver / NAT64 / port chain, and either confirm a network fix you can replicate at home or identify a genuine device fault. Most cases come back as `router config` with a short report.

Ship safely. Anti-static bag, double-box with at least 5 cm foam every side. Include a note with: model + revision, firmware build hash, exact ISP / carrier / gateway model, screenshots of the gateway admin page showing the miner's lease state, serial console capture, and the laptop-side `dig` / `nc` test results from Step 15. Complete network description shaves an hour of bench time off your invoice.