Using an *external* DHCPv6 server for prefix-delegation in conjunction with PPPoE
Per Carlson
pelle at hemmop.com
Fri Jan 14 14:52:42 CET 2011
Hi.
After playing a bit more, I can answer my questions my self.
>> If you create a loopback interface with an PD address and use that as
>> unnumbered addresson the WAN interface, does that work?
>
> Yes, at least on a 1841 running 15.1(3)T [0].
It's even better: You can directly assign a PD address on the WAN interface:
interface FastEthernet0/1.1600
encapsulation dot1Q 1600
ipv6 address PREFIX ::/64 eui-64
ipv6 enable
ipv6 nd autoconfig default-route
ipv6 dhcp client pd PREFIX rapid-commit
end
CPE#sh ipv6 interface FastEthernet0/1.1600
FastEthernet0/1.1600 is up, line protocol is up
IPv6 is enabled, link-local address is FE80::219:AAFF:FE85:9981
No Virtual link-local address(es):
General-prefix in use for addressing
Global unicast address(es):
FD00:8C0:474E:9500:219:AAFF:FE85:9981, subnet is
FD00:8C0:474E:9500::/64 [EUI/CAL/PRE]
valid lifetime 42847 preferred lifetime 26647
<snip/>
BNG#ping FD00:8C0:474E:9500:219:AAFF:FE85:9981
Sending 5, 100-byte ICMP Echos to
FD00:8C0:474E:9500:219:AAFF:FE85:9981, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/1/4 ms
>> That's what I advocated for the CPE router draft anyway, I sure hope it
>> works to do what you want to do (make the customer only have IPs from the PD
>> space).
>
> I don't really see how this would improve anything. What's the point
> on assigning an IPv6 address on the WAN interface the BNG (PE) doesn't
> know about?
It do, the PD aggregate of course covers the WAN link. The BNG doesn't
need to know/care which subnet from the PD is used.
> And informing it by running SLAAC "backwards" (CPE assigns
> addresses to BNG) seams rather wierd... Risking the CPE sending a
> default route towards the BNG is even worse!
There is no need for SLAAC and thus no security risk.
In addition to those findings, I did discover a (new? can't find any
documentation) knob in IOS. By configuring an interface with "ipv6 nd
autoconfig default-route" it automatically installs a default-route
pointing to the BNG LL address. Nice!
CPE#sh ipv6 route
S ::/0 [2/0]
via FE80::207:84FF:FE22:FC1A, FastEthernet0/1.1600
<snip>
--
Pelle
RFC1925, truth 11:
Every old idea will be proposed again with a different name and
a different presentation, regardless of whether it works.
More information about the ipv6-ops
mailing list