Date: Tue, 30 Sep 2025 13:43:42 +0200 (CEST) From: Ronald Klop <ronald-lists@klop.ws> To: Tom Pusateri <pusateri@keehole.org> Cc: "net@freebsd.org" <net@FreeBSD.org> Subject: Re: IPv6 accept_rtadv for default route and prefix but force host portion of /64 address? Message-ID: <1819478143.6522.1759232622123@localhost> In-Reply-To: <BD1858FA-744F-465D-AD6D-C2659FC11D3F@keehole.org> References: <BD1858FA-744F-465D-AD6D-C2659FC11D3F@keehole.org>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] Van: Tom Pusateri <pusateri@keehole.org> Datum: maandag, 29 september 2025 23:32 Aan: "net@freebsd.org" <net@FreeBSD.org> Onderwerp: IPv6 accept_rtadv for default route and prefix but force host portion of /64 address? > > Is there a way to change the configuration in /etc/rc.conf to get the prefix from the router advertisement but fix the host portion to something like ::123 so that I can change network cards in the server and never have to worry about the IPv6 address changing? > > I have a DMZ interface on a FreeBSD router with a prefix delegation from my provider I assign to a downstream interface. I have another FreeBSD server on the DMZ network and would like it to have a fixed address allocated out of the assigned prefix from the router. > > The router (also FreeBSD) is running rtadvd providing SLAAC and router advertisements. > > The /etc/rc.conf for the DMZ server currently looks like this: > > ifconfig_igb0_ipv6="inet6 2605:1:2:3::123/64 accept_rtadv” > > This works fine and manually assigns the address out of the assigned prefix range as configured on the router. > > It also assigns a second IPv6 address via SLAAC that I don’t use. > > ifconfig output looks like this: > > igb0: flags=1008843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,LOWER_UP> metric 0 mtu 1500 > options=4e527bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,LRO,WOL_MAGIC,VLAN_HWFILTER,VLAN_HWTSO,RXCSUM_IPV6,TXCSUM_IPV6,HWSTATS,MEXTPG> > ether ac:1f:6b:1a:04:c0 > inet 1.2.3.123 netmask 0xfffffff8 broadcast 1.2.3.127 > inet6 fe80::ae1f:6bff:fe1a:4c0%igb0 prefixlen 64 scopeid 0x1 > inet6 2605:1:2:3::123 prefixlen 64 > inet6 2605:1:2:3:ae1f:6bff:fe1a:4c0 prefixlen 64 autoconf pltime 604800 vltime 2592000 > media: Ethernet autoselect (1000baseT <full-duplex>) > status: active > nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL> > > I get the correct upstream next hop for a default route: > > % netstat -nra6 > Routing tables > > Internet6: > Destination Gateway Flags Netif Expire > ::/96 link#3 URS lo0 > default fe80::207:43ff:fe31:7078%igb0 UG igb0 > > > The problem with this is that the IPv6 prefix is configured on the router and configured on the server. > > Thanks, > Tom > > > > > > Hi, I think DHCPv6 could help you here. In IPv6 the address via DHCP is not connected to the MAC address directly, but to a DUID, which is something similar to the hostuuid. AFAIK it should be stable between hardware changes. The details might be important, read something like this https://metebalci.com/blog/a-note-on-dhcpv6-duid-and-prefix-delegation/. I think in my dhcpv6-client I can hardcode the DUID also if needed. Another option could be a new feature in 16-CURRENT: ifconfig stableaddr which could help in getting a stable address, although I don't know if that is also stable if you change the network card. The author of the feature might be able to explain more about that. See https://cgit.freebsd.org/src/commit/?id=31ec8b6407fdd5a87d70265762457c67ce618283. Regards, Ronald. [-- Attachment #2 --] <html><head></head><body><br> <p><strong>Van:</strong> Tom Pusateri <pusateri@keehole.org><br> <strong>Datum:</strong> maandag, 29 september 2025 23:32<br> <strong>Aan:</strong> "net@freebsd.org" <net@FreeBSD.org><br> <strong>Onderwerp:</strong> IPv6 accept_rtadv for default route and prefix but force host portion of /64 address?</p> <blockquote style="padding-right: 0px; padding-left: 5px; margin-left: 5px; border-left: #000000 2px solid; margin-right: 0px"> <div class="MessageRFC822Viewer" id="P"> <div class="TextPlainViewer" id="P.P">Is there a way to change the configuration in /etc/rc.conf to get the prefix from the router advertisement but fix the host portion to something like ::123 so that I can change network cards in the server and never have to worry about the IPv6 address changing?<br> <br> I have a DMZ interface on a FreeBSD router with a prefix delegation from my provider I assign to a downstream interface. I have another FreeBSD server on the DMZ network and would like it to have a fixed address allocated out of the assigned prefix from the router.<br> <br> The router (also FreeBSD) is running rtadvd providing SLAAC and router advertisements.<br> <br> The /etc/rc.conf for the DMZ server currently looks like this:<br> <br> ifconfig_igb0_ipv6="inet6 2605:1:2:3::123/64 accept_rtadv”<br> <br> This works fine and manually assigns the address out of the assigned prefix range as configured on the router.<br> <br> It also assigns a second IPv6 address via SLAAC that I don’t use.<br> <br> ifconfig output looks like this:<br> <br> igb0: flags=1008843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,LOWER_UP> metric 0 mtu 1500<br> options=4e527bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,LRO,WOL_MAGIC,VLAN_HWFILTER,VLAN_HWTSO,RXCSUM_IPV6,TXCSUM_IPV6,HWSTATS,MEXTPG><br> ether ac:1f:6b:1a:04:c0<br> inet 1.2.3.123 netmask 0xfffffff8 broadcast 1.2.3.127<br> inet6 fe80::ae1f:6bff:fe1a:4c0%igb0 prefixlen 64 scopeid 0x1<br> inet6 2605:1:2:3::123 prefixlen 64<br> inet6 2605:1:2:3:ae1f:6bff:fe1a:4c0 prefixlen 64 autoconf pltime 604800 vltime 2592000<br> media: Ethernet autoselect (1000baseT <full-duplex>)<br> status: active<br> nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL><br> <br> I get the correct upstream next hop for a default route:<br> <br> % netstat -nra6<br> Routing tables<br> <br> Internet6:<br> Destination Gateway Flags Netif Expire<br> ::/96 link#3 URS lo0<br> default fe80::207:43ff:fe31:7078%igb0 UG igb0<br> <br> <br> The problem with this is that the IPv6 prefix is configured on the router and configured on the server.<br> <br> Thanks,<br> Tom<br> <br> <br> </div> <hr></div> </blockquote> <br> <br> Hi,<br> <br> I think DHCPv6 could help you here. In IPv6 the address via DHCP is not connected to the MAC address directly, but to a DUID, which is something similar to the hostuuid. AFAIK it should be stable between hardware changes. The details might be important, read something like this <a href="https://metebalci.com/blog/a-note-on-dhcpv6-duid-and-prefix-delegation/">https://metebalci.com/blog/a-note-on-dhcpv6-duid-and-prefix-delegation/</a>. I think in my dhcpv6-client I can hardcode the DUID also if needed.<br> <br> Another option could be a new feature in 16-CURRENT: ifconfig stableaddr which could help in getting a stable address, although I don't know if that is also stable if you change the network card. The author of the feature might be able to explain more about that.<br> See <a href="https://cgit.freebsd.org/src/commit/?id=31ec8b6407fdd5a87d70265762457c67ce618283">https://cgit.freebsd.org/src/commit/?id=31ec8b6407fdd5a87d70265762457c67ce618283</a>.<br>; <br> Regards,<br> Ronald.<br> </body></html>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1819478143.6522.1759232622123>