simple DHCPv6 config with /56-Prefix

Sun Aug 28 17:52:36 UTC 2022

On 27.08.2022 21:44, Simon wrote:
> You can do that, you just need to configure your RAs to advertise the 
> single 2001:db8:0/56 prefix - and set the right flags to indicate to 
> clients that this is a managed network and they need to use DHCPv6 to 
> get addresses.
> However, be aware that SLAAC won’t work (properly/at all) on a /56 prefix, and Android does not support DHCPv6*, so Android devices won’t work on this network setup.
>
> But also, you can advertise multiple /64 (or /63, or /62, or ...) prefixes without the nodes needing to use the router to communicate. So you could advertise :
> 2001:db8:0:1e0/64, configured as managed (i.e. no SLAAC), and either use DHCP or manual config for you mail servers.
> Ditto for 2001:db8:0:180/64
> Provide a SLAAC configured prefix (/64) if you need to support Android devices
> Provide a (say) /60 for DHCP configured devices
> Configure all these as “on-link” and the devices can communicate directly just as they could if you used a single /56.
>
> Lots of options, but you need to “unlearn” some of the fundamentals you learned with IPv4 - and that’s hard !
when I read your text, it sounds not that complicated;

a workmate gave the hint to split one /64 from the /56 and use this - 
IPv6 works somewhat totally different from IPv4;

ok I did it like this:

lets say I'm using only 2001:db8:1:1::/64

the mail servers addresses have from 2001:db8:1:1:1e00::1 ... 
2001:db8:1:1:1e00:ffff:ffff:ffff

the proxy server an address from 2001:db8:1:1:1800::1 ... 
2001:db8:1:1:1800:ffff:ffff:ffff

I use only managed DHCP - no SLAAC - and for these clients I use these 
addresses

from 2001:db8:1:1:7f00::1 ... 2001:db8:1:1:7f00:ffff:ffff:ffff

and the router itself has this IPv6 address 2001:db8:1:1::1/64

now I got something weired and strange ...

e.g. one mail server has 2001:db8:1:1:1e00:1  and one dhcpv6 client got 
2001:db8:1:1:7f00:18e7:d9b6:550a

on the mail server ...

# traceroute6 2001:db8:1:1:7f00:18e7:d9b6:550a
traceroute to 2001:db8:1:1:7f00:18e7:d9b6:550a 
(2001:db8:1:1:7f00:18e7:d9b6:550a), 30 hops max, 80 byte packets
  1  2001:db8:1:1:7f00:18e7:d9b6:550a 
(2001:db8:1:1:7f00:18e7:d9b6:550a)  0.768 ms  0.759 ms  0.848 ms
#

on the DHCPv6 client

# traceroute6 2001:db8:1:1:1e00::1
traceroute to 2001:db8:1:1:1e00::1 (2001:db8:1:1:1e00::1), 30 hops max, 
80 byte packets
  1  2001:db8:1:1::1 (2001:db8:1:1::1)  0.423 ms  0.540 ms  0.621 ms
  2  2001:db8:1:1:1e00::1 (2001:db8:1:1:1e00::1)  1.975 ms  1.873 ms  
1.804 ms
#

where must I look for fixing this behaviour?

I guess this should be somewhat like this:

# traceroute6 2001:db8:1:1:1e00::1
traceroute to 2001:db8:1:1:1e00::1 (2001:db8:1:1:1e00::1), 30 hops max, 
80 byte packets
1  2001:db8:1:1:1e00::1 (2001:db8:1:1:1e00::1) 0.975 ms  0.873 ms  0.804 ms
#

Thanks,
Walter

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3550 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20220828/24b6233a/attachment.bin>