From owner-freebsd-questions@freebsd.org Sun Jun 27 02:19:01 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 86ED565E5CE for ; Sun, 27 Jun 2021 02:19:01 +0000 (UTC) (envelope-from bc979@lafn.org) Received: from mail.sermon-archive.info (sermon-archive.info [47.181.130.121]) by mx1.freebsd.org (Postfix) with ESMTP id 4GCDv85QvTz4fGg for ; Sun, 27 Jun 2021 02:19:00 +0000 (UTC) (envelope-from bc979@lafn.org) Received: from smtpclient.apple (mini [10.0.1.251]) by mail.sermon-archive.info (Postfix) with ESMTPSA id 4GCDv75bYQz2fjRC for ; Sat, 26 Jun 2021 19:18:59 -0700 (PDT) From: Doug Hardie Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.100.0.2.22\)) Subject: Re: IPv6 Sub Nets Date: Sat, 26 Jun 2021 19:18:59 -0700 References: <056639D1-32A2-4DAF-A6F8-C8743F691EAD@sermon-archive.info> To: FreeBSD Questions In-Reply-To: Message-Id: <5B552F4B-0BA3-4962-A131-AB352A88980C@sermon-archive.info> X-Mailer: Apple Mail (2.3654.100.0.2.22) X-Virus-Scanned: clamav-milter 0.103.2 at mail X-Virus-Status: Clean X-Rspamd-Queue-Id: 4GCDv85QvTz4fGg X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of bc979@lafn.org designates 47.181.130.121 as permitted sender) smtp.mailfrom=bc979@lafn.org X-Spamd-Result: default: False [-2.70 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FROM_HAS_DN(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[47.181.130.121:from]; R_SPF_ALLOW(-0.20)[+mx:c]; MV_CASE(0.50)[]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; DMARC_NA(0.00)[lafn.org: no valid DMARC record]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[47.181.130.121:from:127.0.2.255]; TO_DN_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; TO_MATCH_ENVRCPT_ALL(0.00)[]; RCVD_NO_TLS_LAST(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; ASN(0.00)[asn:5650, ipnet:47.181.128.0/18, country:US]; RCVD_COUNT_TWO(0.00)[2]; MAILMAN_DEST(0.00)[freebsd-questions] Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.34 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 27 Jun 2021 02:19:01 -0000 -- Doug > On 26 June 2021, at 19:02, Louis Kowolowski = wrote: >=20 > On Jun 26, 2021, at 8:25 PM, Doug Hardie > wrote: >>=20 >> I am trying to setup an IPv6 environment. There is a primary router = (A) that receives a /48 prefix via DHCP6 from the ISP. That router = configures itself properly via dhcp6c. It also creates 2 LAN /64 = prefixes and creates EUI-64 addresses on the two LAN interfaces. One of = those interfaces is connected to a second router (B), among other = devices. The B router receives the prefix via SLAAC and creates its own = EUI-64 address. However, that router needs to create a smaller subnet, = /72, and distribute it to the devices on that LAN. I have not been able = to figure out how to make that happen. =20 >>=20 >> Clearly, manual configuration would work, but the prefix received = from the ISP can change which would raise havoc with the network. I = suspect that dhcp6s needto be run alongside dhcp6c on router B and then = the other devices run dhcp6c. However, I don't see how to get the = prefix that dhcp6c receives on router B to the dhcp6s process on router = B. I believe I am missing something, but haven't been able to find it. = Thanks, >>=20 > Speaking generally >=20 > First: I believe you=E2=80=99re looking to do DHCP prefix delegation = (dhcp-pd) where you designate a prefix to be used further down the line. That is what is being used between the ISP and router A. However, = router Bs dhcp6s needs to find that prefix. About all I have come up = with is some sort of script which monitors the network addresses and = then updates dhcp6s.conf and restarts dhcp6s. Not very elegant though. > Second: There are valid use cases for prefixes smaller than /64, but = they are not best practice, and you will likely find software that = doesn=E2=80=99t work for them (examples I=E2=80=99ve found include PDUs = hardcoding /64, dhcp not working on prefixes smaller than /64. examples = of things I=E2=80=99ve seen that do work: point-to-point links on = network equipment using /126 or /127). >=20 > -- > Louis Kowolowski = louisk@cryptomonkeys.org > Cryptomonkeys: = http://www.cryptomonkeys.com/ >=20 > Making life more interesting for people since 1977 >=20