dhcpcd-discuss

Home Other Lists Thread Index Date Index Search
Thread Prev Thread Next Date Prev Date Next Thread Index Date Index

Re: Prefix Delegation

Roy Marples

Thu Nov 21 08:43:51 2013
On 20/11/2013 18:38, Brian De Wolf wrote:

I started playing with my residential IPv6 on my Linux router last
weekend and dhcpcd has been a great help.  I have a few questions,
though.


Glad to hear it's helped!


1) I was fiddling with the options and noticed that IA_PD and IA_NA
can't be mixed.  Is this a design limitation in DHCPv6 or just in
dhcpcd?  I noticed this while brainstorming my internal design, but I
don't think I actually need it (maybe that's why it's not there).
It's a design limitation of dhcpcd, partially enforced by RFC3663 Section 12.1 where it states the following: 

   In some circumstances the requesting router may need verification
   that the delegating router still has a valid binding for the
   requesting router.  Examples of times when a requesting router may
   ask for such verification include:

   o  The requesting router reboots.

   o  The requesting router's upstream link flaps.

   o  The requesting router is physically disconnected from a wired
      connection.

   If such verification is needed the requesting router MUST initiate a
   Rebind/Reply message exchange as described in section 18.1.4,
   "Creation and Transmission of Rebind Messages" of RFC 3315, with the
   exception that the retransmission parameters should be set as for the
   Confirm message, described in section 18.1.2, "Creation and
   Transmission of Confirm Messages" of RFC 3315.  The requesting router
   includes any IA_PDs, along with prefixes associated with those IA_PDs
   in its Rebind message.

...

   The Confirm and Decline message types are not used with Prefix
   Delegation.
This problem is was debated a while ago at the IETF and AFAIK no actual resolution was reached. 
http://www.ietf.org/mail-archive/web/dhcwg/current/msg12188.html
It is possible to manage PD in another session from NA but dhcpcd wasn't designed for that. I don't actually know of a use case where you would actually want it anyway. The reason that I say this is that one of the artifacts of using PD means than another interface on the clients network should get a working IPv6 address anyway.... 

This is noted in the BUG section of dhcpcd.conf(5) in my git HEAD now.


2) When using IA_PD, is it possible to change the address suffix dhcpcd
assigns with the PD?  Right now it looks like it uses EUI-64, but I
wouldn't mind changing it to ::1.  I'm also unable to get it to use
privacy extensions which would also be useful (Does that require RAs
or something else I'm missing?).
Already gotten a ticket for it, just not gotten around to implementing it yet. 
http://roy.marples.name/projects/dhcpcd/ticket/297


PS- roy.marples.name seems to be unavailable over IPv6 as of last
night-ish.  I get a TCP handshake but nothing further.


That was reported to me this morning.
Restarting nginx seems to have fixed it.
If it still fails over IPv6 mail me and I'll look into it more.

Thanks

Roy
Follow-Ups:
Re: Prefix DelegationBrian De Wolf
References:
Prefix DelegationBrian De Wolf
Archive administrator: postmaster@marples.name