Date: Tue, 30 Sep 2025 13:43:42 +0200 (CEST) From: Ronald Klop <ronald-lists@klop.ws> To: Tom Pusateri <pusateri@keehole.org> Cc: "net@freebsd.org" <net@FreeBSD.org> Subject: Re: IPv6 accept_rtadv for default route and prefix but force host portion of /64 address? Message-ID: <1819478143.6522.1759232622123@localhost> In-Reply-To: <BD1858FA-744F-465D-AD6D-C2659FC11D3F@keehole.org> References: <BD1858FA-744F-465D-AD6D-C2659FC11D3F@keehole.org>
next in thread | previous in thread | raw e-mail | index | archive | help
------=_Part_6521_1265039737.1759232622098
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: quoted-printable
Van: Tom Pusateri <pusateri@keehole.org>
Datum: maandag, 29 september 2025 23:32
Aan: "net@freebsd.org" <net@FreeBSD.org>
Onderwerp: IPv6 accept_rtadv for default route and prefix but force host po=
rtion of /64 address?
>=20
> Is there a way to change the configuration in /etc/rc.conf to get the pre=
fix from the router advertisement but fix the host portion to something lik=
e ::123 so that I can change network cards in the server and never have to =
worry about the IPv6 address changing?
>=20
> I have a DMZ interface on a FreeBSD router with a prefix delegation from =
my provider I assign to a downstream interface. I have another FreeBSD serv=
er on the DMZ network and would like it to have a fixed address allocated o=
ut of the assigned prefix from the router.
>=20
> The router (also FreeBSD) is running rtadvd providing SLAAC and router ad=
vertisements.
>=20
> The /etc/rc.conf for the DMZ server currently looks like this:
>=20
> ifconfig_igb0_ipv6=3D"inet6 2605:1:2:3::123/64 accept_rtadv=E2=80=9D
>=20
> This works fine and manually assigns the address out of the assigned pref=
ix range as configured on the router.
>=20
> It also assigns a second IPv6 address via SLAAC that I don=E2=80=99t use.
>=20
> ifconfig output looks like this:
>=20
> igb0: flags=3D1008843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,LOWER_UP> me=
tric 0 mtu 1500
> options=3D4e527bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLA=
N_HWCSUM,TSO4,TSO6,LRO,WOL_MAGIC,VLAN_HWFILTER,VLAN_HWTSO,RXCSUM_IPV6,TXCSU=
M_IPV6,HWSTATS,MEXTPG>
> ether ac:1f:6b:1a:04:c0
> inet 1.2.3.123 netmask 0xfffffff8 broadcast 1.2.3.127
> inet6 fe80::ae1f:6bff:fe1a:4c0%igb0 prefixlen 64 scopeid 0x1
> inet6 2605:1:2:3::123 prefixlen 64
> inet6 2605:1:2:3:ae1f:6bff:fe1a:4c0 prefixlen 64 autoconf pltime 6048=
00 vltime 2592000
> media: Ethernet autoselect (1000baseT <full-duplex>)
> status: active
> nd6 options=3D23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
>=20
> I get the correct upstream next hop for a default route:
>=20
> % netstat -nra6
> Routing tables
>=20
> Internet6:
> Destination Gateway Flags =
Netif Expire
> ::/96 link#3 URS =
lo0
> default fe80::207:43ff:fe31:7078%igb0 UG =
igb0
>=20
>=20
> The problem with this is that the IPv6 prefix is configured on the router=
and configured on the server.
>=20
> Thanks,
> Tom
>=20
>=20
> =20
>=20
>=20
>=20
Hi,
I think DHCPv6 could help you here. In IPv6 the address via DHCP is not con=
nected to the MAC address directly, but to a DUID, which is something simil=
ar to the hostuuid. AFAIK it should be stable between hardware changes. The=
details might be important, read something like this https://metebalci.com=
/blog/a-note-on-dhcpv6-duid-and-prefix-delegation/. I think in my dhcpv6-cl=
ient I can hardcode the DUID also if needed.
Another option could be a new feature in 16-CURRENT: ifconfig stableaddr wh=
ich could help in getting a stable address, although I don't know if that i=
s also stable if you change the network card. The author of the feature mig=
ht be able to explain more about that.
See https://cgit.freebsd.org/src/commit/?id=3D31ec8b6407fdd5a87d70265762457=
c67ce618283.
Regards,
Ronald.
=20
------=_Part_6521_1265039737.1759232622098
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: quoted-printable
<html><head></head><body><br>
<p><strong>Van:</strong> Tom Pusateri <pusateri@keehole.org><br>
<strong>Datum:</strong> maandag, 29 september 2025 23:32<br>
<strong>Aan:</strong> "net@freebsd.org" <net@FreeBSD.org><br>
<strong>Onderwerp:</strong> IPv6 accept_rtadv for default route and prefix =
but force host portion of /64 address?</p>
<blockquote style=3D"padding-right: 0px; padding-left: 5px; margin-left: 5p=
x; border-left: #000000 2px solid; margin-right: 0px">
<div class=3D"MessageRFC822Viewer" id=3D"P">
<div class=3D"TextPlainViewer" id=3D"P.P">Is there a way to change the conf=
iguration in /etc/rc.conf to get the prefix from the router advertisement b=
ut fix the host portion to something like ::123 so that I can change networ=
k cards in the server and never have to worry about the IPv6 address changi=
ng?<br>
<br>
I have a DMZ interface on a FreeBSD router with a prefix delegation from my=
provider I assign to a downstream interface. I have another FreeBSD server=
on the DMZ network and would like it to have a fixed address allocated out=
of the assigned prefix from the router.<br>
<br>
The router (also FreeBSD) is running rtadvd providing SLAAC and router adve=
rtisements.<br>
<br>
The /etc/rc.conf for the DMZ server currently looks like this:<br>
<br>
ifconfig_igb0_ipv6=3D"inet6 2605:1:2:3::123/64 accept_rtadv=E2=80=9D<br>
<br>
This works fine and manually assigns the address out of the assigned prefix=
range as configured on the router.<br>
<br>
It also assigns a second IPv6 address via SLAAC that I don=E2=80=99t use.<b=
r>
<br>
ifconfig output looks like this:<br>
<br>
igb0: flags=3D1008843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,LOWER_UP>=
; metric 0 mtu 1500<br>
options=3D4e527bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HW=
TAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,LRO,WOL_MAGIC,VLAN_HWFILTER,VLAN_HW=
TSO,RXCSUM_IPV6,TXCSUM_IPV6,HWSTATS,MEXTPG><br>
ether ac:1f:6b:1a:04:c0<br>
inet 1.2.3.123 netmask 0xfffffff8 broadcast 1.2.3.1=
27<br>
inet6 fe80::ae1f:6bff:fe1a:4c0%igb0 prefixlen 64 sc=
opeid 0x1<br>
inet6 2605:1:2:3::123 prefixlen 64<br>
inet6 2605:1:2:3:ae1f:6bff:fe1a:4c0 prefixlen 64 au=
toconf pltime 604800 vltime 2592000<br>
media: Ethernet autoselect (1000baseT <full-dupl=
ex>)<br>
status: active<br>
nd6 options=3D23<PERFORMNUD,ACCEPT_RTADV,AUTO_LI=
NKLOCAL><br>
<br>
I get the correct upstream next hop for a default route:<br>
<br>
% netstat -nra6<br>
Routing tables<br>
<br>
Internet6:<br>
Destination &nb=
sp; Gatewa=
y &=
nbsp; Flags &nbs=
p; Netif Expire<br>
::/96 &nb=
sp; =
link#3 &n=
bsp;  =
; URS &nbs=
p; lo0<br>
default &=
nbsp; &nbs=
p; fe80::207:43ff:fe31:7078%igb0 UG &nbs=
p; igb0<br>
<br>
<br>
The problem with this is that the IPv6 prefix is configured on the router a=
nd configured on the server.<br>
<br>
Thanks,<br>
Tom<br>
<br>
<br>
</div>
<hr></div>
</blockquote>
<br>
<br>
Hi,<br>
<br>
I think DHCPv6 could help you here. In IPv6 the address via DHCP is not con=
nected to the MAC address directly, but to a DUID, which is something simil=
ar to the hostuuid. AFAIK it should be stable between hardware changes. The=
details might be important, read something like this <a href=3D"https://me=
tebalci.com/blog/a-note-on-dhcpv6-duid-and-prefix-delegation/">https://mete=
balci.com/blog/a-note-on-dhcpv6-duid-and-prefix-delegation/</a>. I think in=
my dhcpv6-client I can hardcode the DUID also if needed.<br>
<br>
Another option could be a new feature in 16-CURRENT: ifconfig stableaddr wh=
ich could help in getting a stable address, although I don't know if that i=
s also stable if you change the network card. The author of the feature mig=
ht be able to explain more about that.<br>
See <a href=3D"https://cgit.freebsd.org/src/commit/?id=3D31ec8b6407fdd=
5a87d70265762457c67ce618283">https://cgit.freebsd.org/src/commit/?id=3D31ec=
8b6407fdd5a87d70265762457c67ce618283</a>.<br>
<br>
Regards,<br>
Ronald.<br>
</body></html>
------=_Part_6521_1265039737.1759232622098--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1819478143.6522.1759232622123>