[Kea-users] Assigning unique /64 to each CPE for IA_NA
Darren Ankney
darren.ankney at gmail.com
Tue Nov 29 11:58:36 UTC 2022
On Tue, Nov 29, 2022 at 6:29 AM Xuo Guoto via Kea-users
<kea-users at lists.isc.org> wrote:
>
> Thanks for the suggestion, I have made changes as suggested.
>
> ------- Original Message -------
> On Tuesday, November 29th, 2022 at 4:19 PM, Darren Ankney <darren.ankney at gmail.com> wrote:
>
> > "pools": [
> > {
> > "pool": "2404:640:4003:2640::1 -
> > 2404:0640:4003:26ff:ffff:ffff:ffff:fffe"
> > }
> > ],
>
>
> Now I am getting IA_NA for clients, but they are from a single prefix.
>
> From the output of bngblaster (which I am using for testing, and acts as a client)
>
> Nov 29 11:16:33.029719 All network interfaces resolved
> Nov 29 11:16:34.240887 IPv6 (ID: 1) DHCPv6 IA_NA address 2404:640:4003:2640::2/128
> Nov 29 11:16:34.241158 IPv6 (ID: 1) DHCPv6 IA_PD prefix 2404:640:5878:2641::/64
> Nov 29 11:16:34.470592 IPv6 (ID: 2) DHCPv6 IA_NA address 2404:640:4003:2640::3/128
> Nov 29 11:16:34.471111 IPv6 (ID: 2) DHCPv6 IA_PD prefix 2404:640:5878:2642::/64
> Nov 29 11:16:34.639572 IPv6 (ID: 1) ICMPv6 RA prefix 2024:2620:0:4::/64
> Nov 29 11:16:35.888214 IPv6 (ID: 2) ICMPv6 RA prefix 2024:2620:0:6::/64
> Nov 29 11:16:35.888769 ALL SESSIONS ESTABLISHED
>
> Two clients are getting address, 2404:640:4003:2640::2/128 and 2404:640:4003:2640::3/128 which are both from same prefix. IA_PD is getting delegated as expected.
>
> My expectation is that the two IA_NA IP address be allocated like
> 2404:640:4003:2640::2/64
> 2404:640:4003:2641::2/64
>
> (and IA_PD will be allocated similarly from next free /64 prefix)
>
> How can kea be configured for such a configuration?
I don't believe that is possible.
Your client will ask for an IA_NA which is a single address (see RFC
3315 section 22.4: https://www.rfc-editor.org/rfc/rfc3315#section-22.4
for the definition of IA_NA) for use on the "WAN" interface. A prefix
delegation is IA_PD which is an entire subnet. The IA_PD is requested
by the client if the client has a "LAN" or inside interface for use
inside by LAN clients. It wouldn't make any sense to assign an entire
subnet to the "WAN" side. There should already be a subnet there of
which the "WAN" interface only needs a single address in order to be
routable.
More information about the Kea-users
mailing list