From owner-freebsd-hackers@FreeBSD.ORG Thu Oct 23 04:08:57 2014 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id DF317851 for ; Thu, 23 Oct 2014 04:08:56 +0000 (UTC) Received: from mail-vc0-x233.google.com (mail-vc0-x233.google.com [IPv6:2607:f8b0:400c:c03::233]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id A09B3183 for ; Thu, 23 Oct 2014 04:08:56 +0000 (UTC) Received: by mail-vc0-f179.google.com with SMTP id im17so153985vcb.10 for ; Wed, 22 Oct 2014 21:08:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=IcgWHZtR+B2JAlSjigxJQEC08DIV5qFNO2Z5v8XR4DM=; b=dBKOEgzqD3qXbGaHQ6Rz5BonTEZtqgydiL8neSTuCX99Eghbo7RkR+tmLZTfFjtXSA kz2BwTKE7nI0f4kU7uH/L4EmsrX+uSh2SKr+p4qieHJHfkF9AC/UNgyMjdnUmoGj4tDU UxE5j3m3OafEyxB5SAwQCFU+zkHFGFtZgutacblCc+eVRQ4FoPwQVfCrf+6RAniq9N/d o+ODJrYMUM7CJ+E74gJwhHbQkCFg4gXfi21pFUD2Vpeex+5TAn5MGXGWyTaNsNGvAoDp S9HOJIiPTGOVCS0KL2/S4kwX6gMhbixRlsXP8DXXLqqBCaVxSAfHF1dPYyU2vt3xA3ga 5iaQ== MIME-Version: 1.0 X-Received: by 10.221.46.4 with SMTP id um4mr1756134vcb.23.1414037335542; Wed, 22 Oct 2014 21:08:55 -0700 (PDT) Received: by 10.220.238.14 with HTTP; Wed, 22 Oct 2014 21:08:55 -0700 (PDT) Date: Thu, 23 Oct 2014 00:08:55 -0400 Message-ID: Subject: IPv6 provisioning for a FreeBSD ISP. From: Zaphod Beeblebrox To: FreeBSD Hackers Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.18-1 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Oct 2014 04:08:57 -0000 Besides the fact that the ngX interfaces appear to have a quirk (or maybe it's mpd5 or quagga) where remote hosts can't talk to services residing on the ngX host, A FreeBSD machine with mpd5 and quagga that talk to freeradius and PostgreSQL serves as a really nice small ISP package. I already support ipv6 for many users (and have, for some time) using static gif tunnels. This works, but it is annoyingly suboptimal. Now my ISP doesn't allocate addresses from a pool. I don't care that people effectively have static addresses. managing the addresses isn't difficult and the average user is nailed up more than 98% of the time. So I assign a static IPv4 address in PostgreSQL. Freeradius reads this and sends it to mpd5 --- which hands out the static addresses ... and even routed ipv4 netblocks via ipcp (or ipv4cp). IPv6 works over my pppoe<-->l2tp links. I can set static addresses on the ngX connections at both ends, The traffic is passed. What stops me from implementing this is the equivalent of the PostgreSQL->freeradius->mpd5->ipcp communication of the addresses and settings. mpd5 doesn't seem to have any builtin handling of the ipv6 addresses and I don't see what other solution will properly hand out static addresses (and routed networks). How is this supposed to go together? DHCP6 doesn't seem to acknowledge that the user has already logged in via l2tp/ppp. rtsold doesn't seem to address static addressing.