dhcpcd-discuss

What I've done on my Smoothwall Express (just testing IPv6 so far) to get dhcpcd to fetch a /60 from Comcrash and assign prefixes to my internal interfaces:

----
# Use smoothie's script (specific to Smoothwall Express; it handles the various 'reasons' it
#   it called (STOPPED, BOUND6, REBOOT6, RELEASE6, EXPIRE6, DELEGATED6, ROUTERADVERT; other
#   reasons are ignored).
script /etc/rc.d/rc.update6red

allowinterfaces eth0 eth1 eth2 eth3
denyinterfaces lo ipsec0 ipsec1
debug
ipv6only
#leasetime 31622400
nodhcp
nodhcp6
noipv6rs
#logfile /var/log/dhcpcd6.log

interface eth0
#iaid 4b:17:f2:7a

interface eth1
#iaid 4b:17:f2:7b

interface eth2
#iaid 4b:17:f2:7c
interface eth3
dhcp6
ipv6rs
ia_na 4b:17:f2:7d
ia_pd 1/::/60 eth0/1/64 eth1/2/64 eth2/3/64
----

Each iaid is the last four bytes of the respective MAC address. The ia_pd should be updated to contain the last delegated prefix once you get one. I haven't tried *not* letting dhcpcd assigned prefixes to the other interfaces, but with the information garnered from the data privded to rc.update6red, I can assign the correct *:1 address to each internal interface, configure dhcp to service internal clients, and even assign a /64 to the external interface.

Also note that Comcrash assigns a /128 for the external interface; that becomes your global 'default address' for the world to reach *your* networks (it's even used to route delegated addresses assigned to the external interface). Your mileage may vary.

I have several other scripts that prepare dhcpcd6.conf and other files needed to make IPv6 work internally. As stated, I've only done exploratory testing so far; I haven't gotten it all working yet (too many irons in other fires).

While this isn't a complete solution, it should give you a few clues and help you move forward.

N


On Fri, 6 Mar 2020 01:35:11 +0100
Torsten Krah <krah.tm@xxxxxxxxx> wrote:

> Hi,
> 
> I am wrapping my head around now for some days and need some help with ipv6 pd.
> I've tried isc-dhcp client and was able to request a prefix from my
> upstream router (well at least with debian buster running in a vm to
> see if it works at all).
> 
> Now raspian on the pi uses dhcpcd for this purpose, but I can't get
> prefix delegation working.
> 
> First I am happy with the fact, that the isc one does not assign the
> delegated prefix to an interface - because I want to handle that
> myself, I just need dhcp to request that prefix so the upstream paket
> filter does open / delegate all the traffic for that prefix to my
> requesting host / router which is my pi.
> 
> How to do that? Reading the manpage it says:
> 
>     dhcpcd has to be running for all the interfaces it is delegating to.
> 
> Its a wireguard virtual interface and I want to take care of assigning
> addresses for the clients / server myself in the wireguard config
> files - I just need the dhcpcd to request that prefix delegation, is
> that possible, if so how?
> 
> And the next question is - I am unable to request the prefix at all
> with dhcpcd, if I put this to the config:
> 
> interface eth0
>         ipv6rs
>         ia_na
>         ia_pd 1
> 
> I just get this as an answer in the log file:
> 
> eth0: DHCPv6 REPLY: no iaprefix
> eth0: DHCPv6 REPLY: no prefix available
> 
> Using isc-dhcp in my test vm it works with just this:
> 
> iface eth0 inet6 auto
>         dhcp 1
>         request_prefix 1
> 
> Any hints what I can try to a) get that prefix from my upstream
> "blackbox" with dhcpcd and b) don't have dhcpcd running on the
> interface it is delegating to?
> 
> Help appreciated, kind regards
> 
> Torsten
>