From nobody Wed Jul 24 08:10:22 2024 X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WTRXQ3RFJz5RTsp for ; Wed, 24 Jul 2024 08:10:30 +0000 (UTC) (envelope-from roy@marples.name) Received: from sender-of-o50.zoho.eu (sender-of-o50.zoho.eu [136.143.169.50]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4WTRXP6wTCz4BYd for ; Wed, 24 Jul 2024 08:10:29 +0000 (UTC) (envelope-from roy@marples.name) Authentication-Results: mx1.freebsd.org; none ARC-Seal: i=1; a=rsa-sha256; t=1721808625; cv=none; d=zohomail.eu; s=zohoarc; b=ZT+NkOAj4TsGq/LFa1xkaLQWVCB5psoTC/gOBA7bceF/NQTE5m+456S5bTnhZhmEHqO7RUDBY8MrNHA0aGC0hrq3t0ASILCxYNCwJAfdJaZFgjPQH1pJSHZ8igqJq70c4uK86P4uuXGUVJSLvgrobF8wLBZS6EOsQ9ayFXDefBA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.eu; s=zohoarc; t=1721808625; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:Subject:To:To:Message-Id:Reply-To; bh=9p1glz7liF13+LE2wW/fsmS2KSeBylcGRQGxgE2t40o=; b=ib7TOdVGhDYqIBKqcPPn3PfYyJ3RJ8h2xJiLttAyGZYxB0jlkIWVBUmM5M+wSklq7m5xQuo4tBpBif6TpXxoRSFHvSD1Sxc1EvIFgCvsa/MCA1NWHKqFSySKkNwAO3BAPsIDLLK2uy2nAMtElGGqcFifk0xZu0xzm9Lm6xJdNUU= ARC-Authentication-Results: i=1; mx.zohomail.eu; dkim=pass header.i=marples.name; spf=pass smtp.mailfrom=roy@marples.name; dmarc=pass header.from= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1721808625; s=zmail; d=marples.name; i=roy@marples.name; h=Date:Date:From:From:To:To:Cc:Cc:Message-ID:In-Reply-To:References:Subject:Subject:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-Id:Reply-To; bh=9p1glz7liF13+LE2wW/fsmS2KSeBylcGRQGxgE2t40o=; b=cmhKeeTcZIL/zH0Q874nmv4Bmwib8fZC61E82mqdJGbksTqsf0SX8MnL/QERqJCM w2/csh/1FxAdgtJAjl3qU25TvQEi97kmwYlYi9OKRQuyjCa4D0URoVYeTep1v7T4zvC e9G6nmbU4qMyX/ibycDeq6b6XS6d98wxGUo3Mii0= Received: from mail.zoho.eu by mx.zoho.eu with SMTP id 1721808622675745.185409888662; Wed, 24 Jul 2024 10:10:22 +0200 (CEST) Date: Wed, 24 Jul 2024 09:10:22 +0100 From: Roy Marples To: "Karl Denninger" Cc: "freebsd-net" Message-ID: <190e3ca9424.10cb640b9133631.4510537448957801250@marples.name> In-Reply-To: References: <190e09e6c1a.11450232913849.654798645277119294@marples.name> Subject: Re: DHCPv6 IA_PD - how-to List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Importance: Medium User-Agent: Zoho Mail X-Mailer: Zoho Mail X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:41913, ipnet:136.143.168.0/23, country:CH] X-Rspamd-Queue-Id: 4WTRXP6wTCz4BYd ---- On Wed, 24 Jul 2024 02:48:15 +0100 Karl Denninger wrote ---=20 > I'd like to replicate this that is currently being sent up via = dhcp6c, which is not quite-clear to me from the docs on how to do that= . > # > # This configuration will attempt to get /56 or a /60 from the > # ISP and assign a /64 internally. > # Note that if you have a /60 you can have four /64s defined; if = you have a > # /56 then obviously you can have 16 internal networks.=C2=A0 For = most "house" > # size networks four separate delineations is enough, for most = "moderate" > # sized corporate environments 16 is enough.=C2=A0 BE AWARE THAT T= HE SLA-LEN MUST > # MATCH THE DIFFERENCE BETWEEN THE LOCAL PREFIX AND THE REMOTE = ONE!=C2=A0 If > # you ask for a /56 then sla-len is 8, if you ask for a /60 then = the sla-len > # is 4 (difference between the requested prefix length and 64, = respectively.) > # > =20 > interface igb0 { > =C2=A0=C2=A0=C2=A0=C2=A0 send ia-pd 1; > =C2=A0=C2=A0=C2=A0=C2=A0 send ia-na 1; > =C2=A0=C2=A0=C2=A0=C2=A0 send rapid-commit; > =C2=A0=C2=A0=C2=A0=C2=A0 script "/usr/local/etc/dhcp6c.script"; > }; > =20 > id-assoc na 1 { > =20 > }; > =20 > id-assoc pd 1 { > =C2=A0 prefix ::/56 1800; > =20 > =C2=A0 prefix-interface igb1 { > =C2=A0=C2=A0=C2=A0 sla-id 0; > =C2=A0=C2=A0=C2=A0 sla-len 8; > =C2=A0 }; > =C2=A0=20 > }; > =20 > igb1 is the "normal" internal network; igb0 is the external one. > The ISP hands out /56s (although at one time I could choose eit= her a /56 or /60); I have routines in the script file that then genera= te dynamic updates for DNS so the gateway has its pointers updated if/= when the address changes (I run my own zones) > =20 > Its not entirely-clear how to replicate that in the config file for = dhcpcd; I can figure out the script I'm sure, but the base config is not cl= ear to me. So you would add this to the bottom of the default dhcpcd.conf file: interface igb0 ia_na ia_pd 0/::/56 igb1/0/64 That mirrors your config exactly apart from requesting a specific lifetime = which dhcpcd doesn't support for PD. rapid commit is enabled already in the default dhcpcd.conf file. You could then edit /etc/dhcpcd.exit-hook to handle your DDNS. You might be able to get away with this lighter config as well, based on wh= at you said: interface igb0 ia_na ia_pd 0 igb1 Any pointers on now to make this more clear in dhcpcd.conf(5) are welcome. Good luck! Roy