Date: Sun, 29 Aug 2010 20:53:59 -0400 From: David Horn <dhorn2000@gmail.com> To: Darren Pilgrim <freebsd@bitfreak.org> Cc: freebsd-net@freebsd.org, Doug Barton <dougb@freebsd.org> Subject: Re: How to configure non-EUI64 IPv6 addresses with solicited prefixes? Message-ID: <AANLkTi=n-55TK5i6HBEW2_x6S=YKOqXmU_=uEdwA5Km5@mail.gmail.com> In-Reply-To: <4C7AAB54.2050309@bitfreak.org> References: <4C7AAB54.2050309@bitfreak.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Aug 29, 2010 at 2:47 PM, Darren Pilgrim <freebsd@bitfreak.org> wrot=
e:
> I have two machines where I need them to:
>
> 1. Solicit a prefix;
> 2. Apply the solicitation to a non-EUI64 address;
> 3. Use the non-EUI64 address as the default source address.
>
> Retaining the EUI64 address is not necessary. =A0Static configuration pre=
vents
> 1 and I have not been able to get 2 or 3 to work at all. =A0The original =
KAME
> documentation implies this is/was possible, but current documentation say=
s
> nothing about it (not that I can find, anyway). =A0A grep of /etc/* indic=
ates
> interface_ipv6_ifid_* variables (mentioned in the KAME documentation) are
> not supported.
>
Your choices are:
1) Static IPv6 address using rc.conf variables
or
2) RA IPv6 address using EUI64
or
3) RA IPv6 address using EUI64 + IPv6 address with Random IID EUI64
(only in head right now via rc.conf, otherwise needs sysctl entries
for older code)
{net.inet6.ip6.use_tempaddr/net.inet6.ip6.prefer_tempaddr} RFC3041
Doug B, how about an MFC to RELENG_8 of the relevant bits for privacy
addresses in rc.conf. ? It is fairly self-contained.
or a bit more work
4) Install a DHCPv6 client and roll your own configuration via dhcpv6
server config.
or even more work
5) Submit a patch for review that does what you want.
I'm certain that someone will come up with other options as well.
Probably best to read the rc.conf man page, and /etc/defaults/rc.conf
as well, although I can not seem to find any documentation on the
use_tempaddr/prefer_tempaddr sysctls at the moment.
Can you be specific on what you want to use instead of EUI64, or is
this just a case of I want a dynamic prefix, and a static last 64 bits
that are NOT EUI64 derived ? For example, are you wanting to use
PREFIX::42 or something where PREFIX would be 2001:db8:: or the like
which would result in 2001:db8::42/64 ?
EUI64 without privacy extensions gives a fairly reliable static
address (barring DAD issues with another mis-configured host).
RFC3041 privacy extensions gives you both the normal (mac based IID)
EUI64 address AND the random Interface Identifier (IID) EUI64 address.
Are you just worried about EUI64 on the global address, or are you
wanting it for link-local (fe80::) as well ?
> One is running 8.1, the other 6.4 (I can upgrade it if necessary).
6.4 (and RELENG 6) are due to be EOL at the end of November, so
probably best to consider your upgrade strategy.
http://www.freebsd.org/security/#sup
Good Luck.
--Dave
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?AANLkTi=n-55TK5i6HBEW2_x6S=YKOqXmU_=uEdwA5Km5>