Help with IPv6 router gateway config, Comcast, DHCP, dnsmasq
Tom Pusateri
pusateri at bangj.com
Sat Nov 1 03:52:22 UTC 2014
> On Oct 31, 2014, at 11:23 PM, Chris Inacio <nacho319 at gmail.com> wrote:
>
> Hello all,
>
> I've tried to find this information in so many ways, but I just can't piece
> it together, maybe my Google fu is failing me.
>
> I have my router/gateway device running FreeBSD 10p11 - so its up to date.
> On my internal network interface, re1, I'm using dnsmasq to serve both IPv4
> DHCP and current private network IPv6 (fc00::).
>
> I can successfully configure my public interface (re0) to get IPv6
> information from Comcast. I'm getting both a /128 NA for the interface as
> well as a prefix /64 to allocate IPv6 addresses.
>
> The problem is that I get the /64 via dhcp6c operating on my re0 interface,
> and then I can't figure out how to pass that information to dnsmasq to use
> it for my internal network. I could only see the /64 by running dhcp6c in
> foreground+debug mode.
>
> Is there a simple solution to this? I'm okay with variations such as "stop
> using dhcp6c to get the /64 prefix and add `XXXXX` to dnsmasq to do it" or
> "use dhcp6s to serve the /64 prefix".
>
> I am currently having a few issues with dnsmasq, but generally, I still
> like it. (It keeps crashing with signal 11, but I'm using the version from
> pkg which doesn't call out to an init script.) But the way dnsmasq handles
> DHCP, local DNS, and support DNSSEC I like a lot.
>
> I find the man pages for dhcp6 pretty awful. The man pages describe the
> options - but not being able to find what /64 is assigned to dhcp6c other
> than running in debug mode seems crazy.
>
> My configs are really basic. dhcp6c.conf:
>
> interface re0 {
>
> send ia-pd 0;
>
> send ia-na 1;
>
> };
>
>
> id-assoc na 1 {
>
> };
>
>
> id-assoc pd {
>
> prefix ::/56 infinity;
>
> prefix-interface re0 {
>
> sla-len 4;
>
> sla-id 1;
>
> };
>
> };
>
>
> dnsmasq.conf:
>
>
> interface=re1
>
> dhcp-range=re1,192.168.1.1,192.168.1.150,255.255.255.0,12h
>
> domain-needed
>
> bogus-priv
>
> resolv-file=/usr/local/etc/dnsmasq-resolv.conf
>
>
> #
>
> # serve up our own name
>
> #
>
> interface-name=aticusjr,re1
>
>
>
> #
>
> # enable DNSSEC
>
> #
>
> conf-file=/usr/local/share/dnsmasq/trust-anchors.conf
>
> dnssec
>
> dnssec-check-unsigned
>
>
> #
>
> # do IPv6 router advertisements for internal network
>
> #
>
> dhcp-range=::,constructor:re1,ra-only
>
> enable-ra
>
>
> Any help would be greatly appreciated.
>
>
> thanks
>
> Chris
I have a similar setup on Time Warner that is working. However, I am using rtadvd for advertising to my internal networks. Also, I was under the impression that Comcast only would delegate a /64 or a /60, not a /56. Timer Warner does delegate a /56. Maybe Comcast has changed.
In your case, you are asking for a /56 but then only want to assign 4 bits off the /64 so your config is inconsistent.
You should change to sla-len 8 for a /56 or change the prefix to /60 for an sla-len of 4.
dhcp6c should configure the delegated prefix on your downstream interface(s) if configured correctly and rtadvd will advertise them automatically.
I have described my configuration here and what should work on Comcast. Ignore the initial rant about NAT. :)
http://stateful.blogspot.com/2014/09/global-ip-addresses-for-end-to-end.html
If this doesn't help, let me know and I can help you figure it out.
Thanks,
Tom
More information about the freebsd-net
mailing list