Re: DHCPv6 IA_PD - how-to
- In reply to: Roy Marples : "Re: DHCPv6 IA_PD - how-to"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 24 Jul 2024 13:51:58 UTC
On 7/24/2024 04:10, Roy Marples wrote:
> ---- On Wed, 24 Jul 2024 02:48:15 +0100 Karl Denninger wrote ---
> > I'd like to replicate this that is currently being sent up via dhcp6c, which is not quite-clear to me from the docs on how to do that..
> > #
> > # This configuration will attempt to get /56 or a /60 from the
> > # ISP and assign a /64 internally.
> > # Note that if you have a /60 you can have four /64s defined; if you have a
> > # /56 then obviously you can have 16 internal networks. For most "house"
> > # size networks four separate delineations is enough, for most "moderate"
> > # sized corporate environments 16 is enough. BE AWARE THAT THE SLA-LEN MUST
> > # MATCH THE DIFFERENCE BETWEEN THE LOCAL PREFIX AND THE REMOTE ONE! If
> > # you ask for a /56 then sla-len is 8, if you ask for a /60 then the sla-len
> > # is 4 (difference between the requested prefix length and 64, respectively.)
> > #
> >
> > interface igb0 {
> > send ia-pd 1;
> > send ia-na 1;
> > send rapid-commit;
> > script "/usr/local/etc/dhcp6c.script";
> > };
> >
> > id-assoc na 1 {
> >
> > };
> >
> > id-assoc pd 1 {
> > prefix ::/56 1800;
> >
> > prefix-interface igb1 {
> > sla-id 0;
> > sla-len 8;
> > };
> >
> > };
> >
> > igb1 is the "normal" internal network; igb0 is the external one.
> > The ISP hands out /56s (although at one time I could choose either a /56 or /60); I have routines in the script file that then generate dynamic updates for DNS so the gateway has its pointers updated if/when the address changes (I run my own zones)
> >
> > Its not entirely-clear how to replicate that in the config file for dhcpcd; I can figure out the script I'm sure, but the base config is not clear to me.
>
> So you would add this to the bottom of the default dhcpcd.conf file:
>
> interface igb0
> ia_na
> ia_pd 0/::/56 igb1/0/64
>
> That mirrors your config exactly apart from requesting a specific lifetime which dhcpcd doesn't support for PD.
> rapid commit is enabled already in the default dhcpcd.conf file.
> You could then edit /etc/dhcpcd.exit-hook to handle your DDNS.
>
> You might be able to get away with this lighter config as well, based on what you said:
> interface igb0
> ia_na
> ia_pd 0 igb1
>
> Any pointers on now to make this more clear in dhcpcd.conf(5) are welcome.
> Good luck!
>
> Roy
The provided example (starting with "noipv6rs") requests multiple
prefixes and starts with "ia_pd 2"; what wasn't clear is the most-common
example for a single-attached endpoint that might have multiple internal
interfaces (e.g. separated subnets; perhaps one for a guest network or
similar, another for general use, etc.)
Most installations whether personal or small/modest-size business on a
per-location basis anyway likely have one external connection to the
internet as a whole, point default at their ISP and expect them to hand
them their DNS pointers as well. Some folks only need SLACC of course as
their ISP-provided router does all this (e.g. many people on cable modem
service these days where their modem is also a WiFi AP and router) but
some (like myself) prefer to do that ourselves both for isolation and
firewalling purposes. Most ISPs appear to hand out a /56 (some will go
longer, but few shorter) even at the individual "personal, household"
connection level so I'd bet that as a "sample" configuration in the
manual would suit 90%+ of the users.
--
Karl Denninger
karl@denninger.net
/The Market Ticker/
/[S/MIME encrypted email preferred]/