On 11/10/20 12:52, Henrik Friedrichsen wrote:
Hey,
my ISP provides connectivity via PPPoE. An IPv6 prefix is handed out via
DHCPv6 PD, which my OpenBSD gateway passes on to clients with the help
of router advertisements using rad.
This works fine until the ISP disconnects me after 24h (force disconnect
on ISP side). The gateway receives a new prefix via prefix delegation
and rad advertises it in the local network. So far so good. However, as
the old stale prefix is still valid according to the advertised
lifetime, clients keep their stale IPv6 addresses. I have already
decreased the lifetimes in rad to <24h, which mitigates the problem
somewhat, but it's not perfect.
Set the VL to 30', and the PL to 15'. You could even set the VL to 15',
and the PL to 7.5', if necessary.
You may want to have a look at this, too:
https://tools.ietf.org/html/draft-ietf-v6ops-slaac-renum-04
And you may also look at this other one, which has recommendations for
CPEs, which in your case accounts for your DHCPv6-PD and RA daemons:
https://tools.ietf.org/html/draft-ietf-v6ops-cpe-slaac-renum-05
For instance, some clients may receive
the advertisement 1h before the disconnect but since the lifetimes are
static, the client will assume a validity of ~23h (as set), although the
prefix will expire in 1h.
There's yet another problem you may face:
Consider the case where your ISP's CPE router is connected to a local
switch on the LAN side, and the CPE router crashes and reboots. The
local hosts will not see the "link down" event (since the switch has
been "up"), but if your ISP does dynamic prefixes, your CPE is likely to
get a new prefix without the CPE router even noticing.
Thanks,
--
Fernando Gont
e-mail: [email protected] || [email protected]
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
