From nobody Tue Jul 30 00:10:27 2024 X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WXwbz0X9Rz5SGMq for ; Tue, 30 Jul 2024 00:10:39 +0000 (UTC) (envelope-from moto@kawasaki3.org) Received: from www3021.sakura.ne.jp (www3021.sakura.ne.jp [49.212.207.31]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4WXwby1rRwz4GQm for ; Tue, 30 Jul 2024 00:10:37 +0000 (UTC) (envelope-from moto@kawasaki3.org) Authentication-Results: mx1.freebsd.org; none Received: from fsav113.sakura.ne.jp (fsav113.sakura.ne.jp [27.133.134.240]) by www3021.sakura.ne.jp (8.16.1/8.16.1) with ESMTP id 46U0ATmp015035; Tue, 30 Jul 2024 09:10:29 +0900 (JST) (envelope-from moto@kawasaki3.org) Received: from www3021.sakura.ne.jp (49.212.207.31) by fsav113.sakura.ne.jp (F-Secure/fsigk_smtp/550/fsav113.sakura.ne.jp); Tue, 30 Jul 2024 09:10:29 +0900 (JST) X-Virus-Status: clean(F-Secure/fsigk_smtp/550/fsav113.sakura.ne.jp) Received: from localhost ([IPv6:2409:11:1500:1d00:48b5:8c50:b12b:85a0]) (authenticated bits=0) by www3021.sakura.ne.jp (8.16.1/8.16.1) with ESMTPSA id 46U0ASLZ015026 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Tue, 30 Jul 2024 09:10:29 +0900 (JST) (envelope-from moto@kawasaki3.org) Date: Tue, 30 Jul 2024 09:10:27 +0900 (JST) Message-Id: <20240730.091027.1008656135460861216.moto@kawasaki3.org> To: roy@marples.name Cc: cross+freebsd@distal.com, freebsd-net@freebsd.org Subject: Re: =?iso-8859-1?Q?=A0DHCPv6?= IA_PD - how-to From: moto kawasaki In-Reply-To: <190fdf3e353.11351bb5e292296.3216692081725884177@marples.name> References: <050440F8-B3D8-4B2C-85BD-D5C09C303037@distal.com> <20240727.122108.862717899466090274.moto@kawasaki3.org> <190fdf3e353.11351bb5e292296.3216692081725884177@marples.name> X-Mailer: Mew version 6.8 on Emacs 29.1 List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@FreeBSD.org Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; TAGGED_RCPT(0.00)[freebsd]; ASN(0.00)[asn:9371, ipnet:49.212.0.0/16, country:JP] X-Rspamd-Queue-Id: 4WXwby1rRwz4GQm Hi Roy, Thank you very much for the configuration example with dhcpcd! Also I didn't know delayed auth had been obsoleted, thanks for letting me to notice. I'll try dhcpcd instead of dhcp6c. Best Regards, -- moto kawasaki +81-90-2464-8454 on Mon, 29 Jul 2024 11:05:37 +0100, Roy Marples wrote: > For dhcpcd you would do this: > > interface vtnet0 > ia_pd 3 vtnet1/11 vtnet2/12 > option domain_name_servers, domain_name, ntp_servers > authproto delayed > authtoken 1 "example.org" forever "JTY0XXXXXXXXXXXXXXX==" > > > But please note that delayed authentication has now been obsoleted: > https://datatracker.ietf.org/doc/html/rfc8415#section-25 > While dhcpcd supports it to some extend, it's not widely tested and could be broken in any given release as I don't have a means of testing it right now. > > The only real authentication support that is in the RFC's is the reconfigure key. > https://datatracker.ietf.org/doc/html/rfc8415#section-20.4 > > Roy