On 31-01-16 17:13, LÉVAI Dániel wrote:
LÉVAI Dániel @ 2016-01-31T14:10:21 +0100:
Stuart Henderson @ 2016-01-30T23:01:54 +0100:
On 2016-01-30, LÉVAI Dániel <[email protected]> wrote:
Hi!
My ISP recently enabled ipv6 on their network, and started sending
router advertisements (offering a /64 prefix) on their pppoe end. So now
I have an autoconf'd v6 address on my pppoe0 device (yay!), and I wish
to set my in-home devices a v6 address each.
[...]
You aren't supposed to have addresses within the same /64 on more than
one interface.
The normal method is that you get an address for the PPP interface using
SLAAC autoconf (as you have now), and request one or more *additional* /64s
using DHCPv6-PD (prefix delegation) - one per interface. The DHCPv6 client
assigns to "downstream" (client-facing) interfaces from this assignment,
and you would use rtadvd to advertise the prefix (and possibly other
information) to clients.
There is no software in OpenBSD base to handle prefix delegation.
I recommend "dhcpcd" from packages and I've added a pkg-readme with a
minimal setup to handle just this (it is also a full-featured DHCP client
for v4, but I'm personally only using it for v6). Unlike some alternatives
it is actively maintained upstream by a responsive developer.
[...]
re1: IAID <>
pppoe0: IAID 00:00:00:01
pppoe0: IAID 00:00:00:02
pppoe0: no useable IA found in lease
pppoe0: dhcp6_readlease: /var/db/dhcpcd-pppoe0.lease6: No such process
pppoe0: soliciting a DHCPv6 lease
athn0: IAID <>
athn1: IAID <>
pppoe0: ADV 2a01:36d:300:<>::/64 from fe80::5dd9:bcc7:cbab:8bb8
pppoe0: REPLY6 received from fe80::5dd9:bcc7:cbab:8bb8
re1: adding address 2a01:36d:300:<1>::1/72
athn0: preferring 2a01:36d:300:<1>::1/72 on re1
athn1: preferring 2a01:36d:300:<1>::1/72 on re1
pppoe0: renew in 302400 seconds, rebind in 483840 seconds
pppoe0: adding reject route to 2a01:36d:300:<>::/64 via ::1
athn0: adding route to 2a01:36d:300:<1>::/72
forked to background, child pid 346
[...]
Do I understand it correctly, that this should delegate each interface a
/72, while leaving pppoe0's autoconf[privacy]'d addresses intact?
So turns out, that if I request anything other than sla_id 0 or 1, I get
another subnet, but with a /72 prefix. Also, using:
ia_pd 1 re1/1 athn0/2 athn1/3
... resulted in the same subnet/prefix sent to me, for all interfaces.
For some reason I had to increment the sla_ids by 4 to get another
subnet. So:
ia_pd 1 re1/1 athn0/4 athn1/8
... actually worked, and got three different subnets, but all came with
a /72 prefix. And for some other reason, none of my devices (Linux,
Android, Chromecast...) would accept a /72 address advertised, so
although they all got a reply for their rtsol, they ignored it...
I'm now just requesting one PD, with sla_id 0, assigning that to re1,
bridging the athns and re1 together, and running rtadvd(8) on re1.
Daniel
A /72 should not work (and indeed does not work as you found out)! The
smallest subnet (with the exception of a /127 /128) is /64. Your ISP is
doing The Wrong Thing (tm). Instead your ISP should provide you with a
/56 (for 256 subnets) or, even better, with a /48, where you would have
65536 subnets. The latter is the preferred standard although some ISP's
do not understand the sheer size of IPv6, and therefore think that they
are wasting space handing out /48's. NANOG is full of discussions about
this.
See
http://serverfault.com/questions/426183/how-does-ipv6-subnetting-work-and-how-does-it-differ-from-ipv4-subnetting
for example.
Erik Jan.
