From owner-freebsd-net@freebsd.org Wed Jul 1 08:07:15 2015 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6481798F50C for ; Wed, 1 Jul 2015 08:07:15 +0000 (UTC) (envelope-from wjw@digiware.nl) Received: from smtp.digiware.nl (smtp.digiware.nl [31.223.170.169]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E7A061BB4 for ; Wed, 1 Jul 2015 08:07:14 +0000 (UTC) (envelope-from wjw@digiware.nl) Received: from rack1.digiware.nl (unknown [127.0.0.1]) by smtp.digiware.nl (Postfix) with ESMTP id 4319B153416; Wed, 1 Jul 2015 10:07:13 +0200 (CEST) X-Virus-Scanned: amavisd-new at digiware.nl Received: from smtp.digiware.nl ([127.0.0.1]) by rack1.digiware.nl (rack1.digiware.nl [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pvP7R_uyGyn2; Wed, 1 Jul 2015 10:06:42 +0200 (CEST) Received: from [IPv6:2001:4cb8:3:1:6501:7945:3e71:f257] (unknown [IPv6:2001:4cb8:3:1:6501:7945:3e71:f257]) by smtp.digiware.nl (Postfix) with ESMTPA id 71A9B15340A; Wed, 1 Jul 2015 09:58:01 +0200 (CEST) Message-ID: <55939D89.4030502@digiware.nl> Date: Wed, 01 Jul 2015 09:58:01 +0200 From: Willem Jan Withagen User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0 MIME-Version: 1.0 To: Kevin Oberman , kpneal@pobox.com CC: "freebsd-net@freebsd.org" Subject: Re: rc settings for ipv6 in 9.3? References: <20150701002949.GA79350@neutralgood.org> In-Reply-To: Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 01 Jul 2015 08:07:15 -0000 On 01/07/2015 06:40, Kevin Oberman wrote: > On Tue, Jun 30, 2015 at 5:29 PM, wrote: > >> I just got a /56 block of ipv6 addresses today and I'm trying to figure >> out how to use it. >> >> Before I go rebooting my server I wanted to ask if the information in the >> handbook "https://www.freebsd.org/doc/handbook/network-ipv6.html" is >> correct >> for 9.3-p14. >> >> I have a static address for my server and I've been given the static >> address of the router. So I should just be able to set (in my rc.conf) >> ifconfig_bce0_ipv6 and ipv6_defaultrouter, correct? >> >> Or do I really need these two lines from the handbook?: >> ifconfig_bce0_ipv6="inet6 accept_rtadv" >> rtsold_enable="YES" >> >> Also, can someone translate this statement from my provider for me: >> "Note: [provider] is routing 2607:f758:2280::/56 to 2607:f758:2280::4/64" >> >> BTW, is the term "netmask" ever used in IPv6? I thought "prefixlen" was >> the term and "netmask" was for v4 only? >> >> Thanks for any help! >> -- >> Kevin P. Neal http://www.pobox.com/~kpn/ >> > > No, If your system has a static address (and a server should have one), you > don't need SLAAC or Router Solicitation. You just need to set the address: > ifconfig_bce0_ipv6="inet6 2607:f758:2280::n/64" and > ipv6_defaultrouter="Router address". > > Netmasks are obsolete everywhere and really should not be used. CIDR > addressing has been the standard for a quarter century. Netmasks really > should not be used for either IPv4 or IPv6. > > I am unable to translate the statement from the provider with certainty. I > am guessing that the /64 2607:f758:2280::/64 is used by their router with > 2607:f758:2280::4 as the address on their router(s). The remainder of the > /56 is yours but I could not swear to that. > > You will probably want more than one /64 for different purposes. Other than > externally accessible servers, you should put systems in a different /64 > and spread them at random around that space if they are statically > addressed. (I don't recommend for or against statically addressing, though.) This is different from what was usually done in IPv4, because there seperate ip-numbers where used on links... I've even seen ISP use RFC-1918 address on the links. What ISP usually do for IPv6 is assign a block (/48 /56 or /64) to a customer, and then take a smaller block from that to build the link between ISP and customer... The smaller block in this case being 2607:f758:2280::/64 Routing really works in cases like this without much trouble, because IPv6 uses shortes-prefix-first for route selection. Next to the fact that both routers have that smaller block on their interfaces. If the endpoint is actually a server, then forget about the next part, because you're going to terminate the whole block on that server. Now trouble starts if you DID NOT SUBNET behind the customer router, and have more devices on the link between ISP and customer. Then every internal device needs to be told that the linking network needs to go thru the router... Either by starting a route announcement system, on all systems (eg. route6d) or add them manual to the routing table of the client systems. For smaller networks the later is faster, but harder to maintain in case of renumbering. All this is prevented by subnetting the customer network also in /64 blocks... And then things just work, and the customer router does the job. :) The ISP does not have this problem since the full block is routed to the aggregation router te customer is connected to. And that router knows about the smaller linking network. --WjW