Prefix delegation to sub nets

Doug Hardie bc979 at lafn.org
Mon Jun 28 00:39:05 CEST 2021 

> On 27 June 2021, at 14:07, Brian E Carpenter <brian.e.carpenter at gmail.com> wrote:
> 
> Please don't look at ancient drafts. Look at the homenet architecture RFC:
> https://www.rfc-editor.org/info/rfc7368

I went looking when I saw the date on the draft and found the RFC.

> 
> Definitively, using any prefix longer than /64 *will not work*. The /64 has been carved in stone for many years; that's *why* you get a /48 or /56 
> from the ISP.

Unfortunately there are ISPs that are giving out /64 or even smaller.  The claim is that is only temporary, but no indication of when that would stop.

> 
>> The B router receives the prefix via SLAAC and creates its own EUI-64 address. However, that router needs to create a smaller subnet...
> 
> That doesn't work. B needs to get its own /64 prefix(es) from A via DHCPv6-PD (https://www.rfc-editor.org/info/rfc8415). That's what DHCPv6-PD is for. So A will indeed need to be a DHCPv6 server on its downstream interfaces.

The issue is though how does the server get the prefix the client received?  I suspect the script and restart of the server is probably the only way at this tim.

> 
> If you run OpenWrt on A, this is apparently supported. See https://openwrt.org/docs/guide-user/network/ipv6/dhcp6c#example. But I have no experience with that.
> 
> Regards
>   Brian Carpenter
> 
> On 28-Jun-21 08:32, Doug Hardie wrote:
>> 
>> -- Doug
>> 
>>> On 27 June 2021, at 12:41, Michael Chang <thenewme91 at gmail.com <mailto:thenewme91 at gmail.com>> wrote:
>>> 
>>> If you actually want that topology, I think in practice the downstream 
> router (B) must be at least a /64; if you got a /48 then I think you can set up A with /56s, which it can use to sub-allocate a /64 to B.
>>>  
>>> https://tools.ietf.org/id/draft-ietf-homenet-arch-01.html <https://tools.ietf.org/id/draft-ietf-homenet-arch-01.html>
>>> 
>>> The config in section 7.2 of https://wiki.archlinux.org/title/IPv6#Prefix_delegation_(DHCPv6-PD) <https://wiki.archlinux.org/title/IPv6#Prefix_delegation_(DHCPv6-PD)> might be what you're looking for? (See the note about `sla-len`.)
>> 
>> The addresses could be done that way.  However, the issue still remains, how does router B distribute the prefix?  Is using a dual dhcp6c - dhcp6s the way to go and how does dhcp6s get the prefix from dhcp6c?
>> 
>>> 
>>> 
>>> On Sun, Jun 27, 2021 at 12:05 PM Kristian McColm <Kristian.McColm at rci.rogers.com <mailto:Kristian.McColm at rci.rogers.com>> wrote:
>>> 
>>>    RFC 5375 advises against prefixes longer than /64. 
>>> 
>>>    https://datatracker.ietf.org/doc/html/rfc5375#appendix-B.2 <https://datatracker.ietf.org/doc/html/rfc5375#appendix-B.2>
>>> 
>>>    A /48 gives you 65535 /64’s, why not use some of them?
>>> 
>>>    ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>>>    *From:* ipv6-ops-bounces+kristian.mccolm=rci.rogers.com at lists.cluenet.de <mailto:rci.rogers.com at lists.cluenet.de> <ipv6-ops-bounces+kristian.mccolm=rci.rogers.com at lists.cluenet.de <mailto:rci.rogers.com at lists.cluenet.de>> on behalf of Doug Hardie <bc979 at lafn.org <mailto:bc979 at lafn.org>>
>>>    *Sent:* Sunday, June 27, 2021 2:54:01 PM
>>>    *To:* ipv6-ops at lists.cluenet.de <mailto:ipv6-ops at lists.cluenet.de> 
> <ipv6-ops at lists.cluenet.de <mailto:ipv6-ops at lists.cluenet.de>>
>>>    *Subject:* Prefix delegation to sub nets
>>>     
>>>    I am trying to setup an IPv6 environment.  There is a primary 
> router (A) that receives a /48 prefix via DHCP6 from the ISP. That router 
> configures itself properly via dhcp6c.  It also creates 2 LAN /64 prefixes and creates EUI-64 addresses on the two LAN interfaces.  One of those interfaces is connected to a second router (B), among other devices.  The B router receives the prefix via SLAAC and creates its own 
> EUI-64 address.  However, that router needs to create a smaller subnet, /72, and distribute it to the devices on that LAN.  I have not been able to figure out how to make that happen.
>>> 
>>>    Clearly, manual configuration would work, but the prefix received from the ISP can change which would raise havoc with the network.  I 
> suspect that dhcp6s needto be run alongside dhcp6c on router B and then the other devices run dhcp6c.  However, I don't see how to get the prefix that dhcp6c receives on router B to the dhcp6s process on router B.  I believe I am missing something, but haven't been able to find it.  Thanks,
>>> 
>>>    -- Doug
>>> 
>>> 
>>> 
>>> 
>>> 
>>>    ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>>>    This communication is confidential. We only send and receive email 
> on the basis of the terms set out at www.rogers.com/web/content/emailnotice <http://www.rogers.com/web/content/emailnotice>
>>> 
>>> 
>>> 
>>>    Ce message est confidentiel. Notre transmission et réception de courriels se fait strictement suivant les modalités énoncées dans l’avis publié à www.rogers.com/aviscourriel <http://www.rogers.com/aviscourriel>
>>>    ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>>> 
>>> 
>>> 
>>> -- 
>>> Michael Chang
>> 
>

More information about the ipv6-ops mailing list