AW: Prefix delegation to multiple interfaces delayed
andrey
Sat Sep 21 12:02:36 2019
Hi Roy,
>> It's receiving the /62 prefix from the upstream router. The IPv6
>> address and prefix are dynamic and changes at least once a day. Dhcpcd
>> gets
>> RECONFIGURE6 message from the upstream router and should delegate it
>> to
>> 4 local subnets; configuration file contains following:
>>
>> ia_pd 0 lan33/0/64 lan34/1/64 lan36/2/64 dmz0/3/64
>>
>> I expect immediate delegation to all 4 subnets but it delegates it
>> one-by-one every 30 minutes. How can I fix it?
> Well, firstly you cannot use an SLA of 0 with other SLA's.
> SLA 0 means use the route as it comes - ie you're delegated a /64 so it
delegates the whole /64 to another interface.
> Secondly, you're getting a /62 - which means you only get two bits to
spare, so you're limited to two /64's but you've configued 4.
maybe you are right, but mathematically you answer doesn't sound logically
for me, let me please explain how I understand the situation, then you can
eventually point out where my error actually is...
I get /62 delegateable subnet from upstream server:
Sep 19 04:36:07 [2458]: wan0: ADV 2001:16b8:2226:a7fc::/62 from
fe80::7eff:4dff:fe03:2c18
According to
ia_pd 0 lan33/0/64 lan34/1/64 lan36/2/64 dmz0/3/64
I going to delegate 4 /64 prefixes to local subnets. That means, I have two
bits (64-62=2) to fit sla differentiating 4 networks. This is just enough,
because 2 bits allows 4 combination (2^2=4) and I need exactly 4. So my 4
/64 subnets are:
2001:16b8:2226:a7fc::/62 ->- sla 0 -> 2001:16b8:2226:a7fc::/64
2001:16b8:2226:a7fc::/62 ->- sla 1 -> 2001:16b8:2226:a7fd::/64
2001:16b8:2226:a7fc::/62 ->- sla 2 -> 2001:16b8:2226:a7fe::/64
2001:16b8:2226:a7fc::/62 ->- sla 3 -> 2001:16b8:2226:a7ff::/64
Even the network with sla 0 actually has different address space as
delegated prefix: it starts at the same address but is "narrower" (/64
instead of /62)
I'm not aware of details of DHCP standards, but at least from pure logical
point of view my approach should actually work...
> You're using an old version, dhcpcd-8.0.6 is the latest.
> Saying that I don't recall changing the delegation code much but I'll
check if I need to put some extra hardening in so you can't delegate past
your delegation.
I didn't tested with dhcpcd 8.0.6 because it doesn't packaged for arch linux
yet, but I can build it myself if you think that it makes sense, up to now
I've checked history of changes (comments) and didn't found anything going
in my direction ...
I did a couple of other experiments to "work around" the issue:
Changed sla to avoid zero and get larger subnet to delegate (larger as /62)
ia_pd 0 lan33/4/64 lan34/1/64 lan36/2/64 dmz0/3/64
but still getting /62 from upstream dhcp server
Explicitely requested larger subnet to delegate (larger as /62)
ia_pd 0/::/60 lan33/4/64 lan34/1/64 lan36/2/64 dmz0/3/64
but still getting /62 from upstream dhcp server
Tried to get two subnets
ia_pd 0 lan36/2/64 dmz0/1/64
ia_pd 1 lan33/2/64 lan34/1/64
But still getting only one /62
I didn't drill deeper into that but it all could be a limitation of SOHO
upstream router fritz.box provided by my ISP. My current configuration
actually works except of strange "staggered" delegation of prefixes... Could
you assist me to solve that?
Best Regards,
A. Vakhitov
Archive administrator: postmaster@marples.name