From nobody Sat Jul 27 03:21:08 2024 X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WW8zV1GGHz5RB5S for ; Sat, 27 Jul 2024 03:21:26 +0000 (UTC) (envelope-from moto@kawasaki3.org) Received: from www3021.sakura.ne.jp (www3021.sakura.ne.jp [49.212.207.31]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4WW8zS4zJQz4PV6 for ; Sat, 27 Jul 2024 03:21:24 +0000 (UTC) (envelope-from moto@kawasaki3.org) Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of moto@kawasaki3.org designates 49.212.207.31 as permitted sender) smtp.mailfrom=moto@kawasaki3.org Received: from fsav120.sakura.ne.jp (fsav120.sakura.ne.jp [27.133.134.247]) by www3021.sakura.ne.jp (8.16.1/8.16.1) with ESMTP id 46R3LBU8036137; Sat, 27 Jul 2024 12:21:11 +0900 (JST) (envelope-from moto@kawasaki3.org) Received: from www3021.sakura.ne.jp (49.212.207.31) by fsav120.sakura.ne.jp (F-Secure/fsigk_smtp/550/fsav120.sakura.ne.jp); Sat, 27 Jul 2024 12:21:11 +0900 (JST) X-Virus-Status: clean(F-Secure/fsigk_smtp/550/fsav120.sakura.ne.jp) Received: from localhost ([IPv6:2409:11:1500:1d00:444:fbe2:b3da:aa1b]) (authenticated bits=0) by www3021.sakura.ne.jp (8.16.1/8.16.1) with ESMTPSA id 46R3LAfW036133 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Sat, 27 Jul 2024 12:21:11 +0900 (JST) (envelope-from moto@kawasaki3.org) Date: Sat, 27 Jul 2024 12:21:08 +0900 (JST) Message-Id: <20240727.122108.862717899466090274.moto@kawasaki3.org> To: cross+freebsd@distal.com Cc: roy@marples.name, freebsd-net@freebsd.org Subject: Re: =?iso-8859-1?Q?=A0DHCPv6?= IA_PD - how-to From: moto kawasaki In-Reply-To: <050440F8-B3D8-4B2C-85BD-D5C09C303037@distal.com> References: <190e09e6c1a.11450232913849.654798645277119294@marples.name> <050440F8-B3D8-4B2C-85BD-D5C09C303037@distal.com> X-Mailer: Mew version 6.8 on Emacs 29.1 List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@FreeBSD.org Mime-Version: 1.0 Content-Type: Text/Plain; charset=iso-2022-jp Content-Transfer-Encoding: 7bit X-Spamd-Bar: - X-Spamd-Result: default: False [-1.75 / 15.00]; MID_CONTAINS_FROM(1.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-0.997]; NEURAL_HAM_SHORT(-0.96)[-0.956]; MV_CASE(0.50)[]; R_SPF_ALLOW(-0.20)[+a:indigocivet1.sakura.ne.jp]; MIME_GOOD(-0.10)[text/plain]; TAGGED_RCPT(0.00)[freebsd]; ARC_NA(0.00)[]; ASN(0.00)[asn:9371, ipnet:49.212.0.0/16, country:JP]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_DKIM_NA(0.00)[]; FROM_HAS_DN(0.00)[]; MIME_TRACE(0.00)[0:+]; TO_DN_NONE(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; MLMMJ_DEST(0.00)[freebsd-net@freebsd.org]; TO_MATCH_ENVRCPT_SOME(0.00)[]; DMARC_NA(0.00)[kawasaki3.org]; RCVD_TLS_LAST(0.00)[]; RCVD_COUNT_THREE(0.00)[3]; RCPT_COUNT_THREE(0.00)[3] X-Rspamd-Queue-Id: 4WW8zS4zJQz4PV6 Hi Chris, all I am struggling the same problem too, and here is my working configuration for dhcp6c in my test environment. Hope this can be help. vtnet0 is uplink, where I expect to receive RA from ISP. If upstream router send RA with PD with 2001:db8:beef::/56, dhcp6c will add sla-len (8 in this configuration) to the prefix length (/56) to get the final prefix length of /64. Also, dhcp6c will add sla-id (11 and 12, decimal) to prefix, so that I will use 2001:db8:beef:b/64 and 2001:db8:beef:c/64 for assigning my internal network interfaces (vtnet1 and vtnet2). Well, I am wondering how I can tell "authentication isp_auth" entry to use the "isp_key", especially when I have multiple "keyinfo" entries. ===== /usr/local/etc/dhcp6c.conf ===== keyinfo isp_key { realm "example.org"; keyid 1; secret "JTY0XXXXXXXXXXXXXXX=="; # masked. }; authentication isp_auth { protocol delayed; }; interface vtnet0 { script "/usr/local/etc/dhcp6c-script.sh"; send ia-pd 3; send authentication isp_auth; request domain-name-servers; request domain-name; request ntp-servers; #send rapid-commit; }; id-assoc pd 3 { prefix-interface vtnet1 { sla-id 11; sla-len 8; }; prefix-interface vtnet2 { sla-id 12; sla-len 8; }; }; ===== Thanks and Best Regards, -- moto kawasaki +81-90-2464-8454 on Wed, 24 Jul 2024 00:04:12 -0400, Chris Ross wrote: > > > > On Jul 23, 2024, at 13:23, Roy Marples wrote: > > ---- On Tue, 23 Jul 2024 18:11:18 +0100 cross+freebsd@distal.com wrote ---- > > > > > >> tl;dr; anyone have a good IPv6 network setup based on an IA_PD from > >> their provider? Any details or advice to share? > > > > > > I'm upstream for dhcpcd. > > All options related to PD are configurable in the dhcpcd.conf(5) configuration file. There are also some examples. > > My apologies, I think I may’ve misremembered which attempt produced which > result. More careful investigation suggests it was actually dhclient I > was unable to configure in a config file. So, I’m not sure I ever even > got the PD recognized by dhcpcd. Perhaps I was not finding the right > examples. > > > What are you struggling with specifically? > > First, I’d like to request of my ISP the PD and understand the answer. > If dhcpcd can also set up internal networks within the PD, that would > be ideal. Again, I found with earlier work that some clients are able > to do more with “using” the network than others. I have half a dozen > ish internal networks that I assign /64’s to, and distribute via RA. > > Perhaps an answer to Karl’s question might provide me with what I need > as well. Otherwise, an example or three of receiving and utilizing an > IA_PD response is what I am looking for. > > - Chris