Mailing List Archive

Prefix delegation to sub nets
I am trying to setup an IPv6 environment. There is a primary router (A) that receives a /48 prefix via DHCP6 from the ISP. That router configures itself properly via dhcp6c. It also creates 2 LAN /64 prefixes and creates EUI-64 addresses on the two LAN interfaces. One of those interfaces is connected to a second router (B), among other devices. The B router receives the prefix via SLAAC and creates its own EUI-64 address. However, that router needs to create a smaller subnet, /72, and distribute it to the devices on that LAN. I have not been able to figure out how to make that happen.

Clearly, manual configuration would work, but the prefix received from the ISP can change which would raise havoc with the network. I suspect that dhcp6s needto be run alongside dhcp6c on router B and then the other devices run dhcp6c. However, I don't see how to get the prefix that dhcp6c receives on router B to the dhcp6s process on router B. I believe I am missing something, but haven't been able to find it. Thanks,

-- Doug
Re: Prefix delegation to sub nets [ In reply to ]
RFC 5375 advises against prefixes longer than /64.

https://datatracker.ietf.org/doc/html/rfc5375#appendix-B.2

A /48 gives you 65535 /64?s, why not use some of them?

________________________________
From: ipv6-ops-bounces+kristian.mccolm=rci.rogers.com@lists.cluenet.de <ipv6-ops-bounces+kristian.mccolm=rci.rogers.com@lists.cluenet.de> on behalf of Doug Hardie <bc979@lafn.org>
Sent: Sunday, June 27, 2021 2:54:01 PM
To: ipv6-ops@lists.cluenet.de <ipv6-ops@lists.cluenet.de>
Subject: Prefix delegation to sub nets

I am trying to setup an IPv6 environment. There is a primary router (A) that receives a /48 prefix via DHCP6 from the ISP. That router configures itself properly via dhcp6c. It also creates 2 LAN /64 prefixes and creates EUI-64 addresses on the two LAN interfaces. One of those interfaces is connected to a second router (B), among other devices. The B router receives the prefix via SLAAC and creates its own EUI-64 address. However, that router needs to create a smaller subnet, /72, and distribute it to the devices on that LAN. I have not been able to figure out how to make that happen.

Clearly, manual configuration would work, but the prefix received from the ISP can change which would raise havoc with the network. I suspect that dhcp6s needto be run alongside dhcp6c on router B and then the other devices run dhcp6c. However, I don't see how to get the prefix that dhcp6c receives on router B to the dhcp6s process on router B. I believe I am missing something, but haven't been able to find it. Thanks,

-- Doug





________________________________
This communication is confidential. We only send and receive email on the basis of the terms set out at www.rogers.com/web/content/emailnotice<http://www.rogers.com/web/content/emailnotice>



Ce message est confidentiel. Notre transmission et r?ception de courriels se fait strictement suivant les modalit?s ?nonc?es dans l?avis publi? ? www.rogers.com/aviscourriel <http://www.rogers.com/aviscourriel>
________________________________
Re: Prefix delegation to sub nets [ In reply to ]
If you actually want that topology, I think in practice the downstream
router (B) must be at least a /64; if you got a /48 then I think you can
set up A with /56s, which it can use to sub-allocate a /64 to B.

https://tools.ietf.org/id/draft-ietf-homenet-arch-01.html

The config in section 7.2 of
https://wiki.archlinux.org/title/IPv6#Prefix_delegation_(DHCPv6-PD) might
be what you're looking for? (See the note about `sla-len`.)


On Sun, Jun 27, 2021 at 12:05 PM Kristian McColm <
Kristian.McColm@rci.rogers.com> wrote:

> RFC 5375 advises against prefixes longer than /64.
>
> https://datatracker.ietf.org/doc/html/rfc5375#appendix-B.2
>
> A /48 gives you 65535 /64’s, why not use some of them?
>
> ------------------------------
> *From:* ipv6-ops-bounces+kristian.mccolm=rci.rogers.com@lists.cluenet.de
> <ipv6-ops-bounces+kristian.mccolm=rci.rogers.com@lists.cluenet.de> on
> behalf of Doug Hardie <bc979@lafn.org>
> *Sent:* Sunday, June 27, 2021 2:54:01 PM
> *To:* ipv6-ops@lists.cluenet.de <ipv6-ops@lists.cluenet.de>
> *Subject:* Prefix delegation to sub nets
>
> I am trying to setup an IPv6 environment. There is a primary router (A)
> that receives a /48 prefix via DHCP6 from the ISP. That router configures
> itself properly via dhcp6c. It also creates 2 LAN /64 prefixes and creates
> EUI-64 addresses on the two LAN interfaces. One of those interfaces is
> connected to a second router (B), among other devices. The B router
> receives the prefix via SLAAC and creates its own EUI-64 address. However,
> that router needs to create a smaller subnet, /72, and distribute it to the
> devices on that LAN. I have not been able to figure out how to make that
> happen.
>
> Clearly, manual configuration would work, but the prefix received from the
> ISP can change which would raise havoc with the network. I suspect that
> dhcp6s needto be run alongside dhcp6c on router B and then the other
> devices run dhcp6c. However, I don't see how to get the prefix that dhcp6c
> receives on router B to the dhcp6s process on router B. I believe I am
> missing something, but haven't been able to find it. Thanks,
>
> -- Doug
>
>
>
>
>
> ------------------------------
> This communication is confidential. We only send and receive email on the
> basis of the terms set out at www.rogers.com/web/content/emailnotice
>
>
>
> Ce message est confidentiel. Notre transmission et réception de courriels
> se fait strictement suivant les modalités énoncées dans l’avis publié à www.rogers.com/aviscourriel
>
> ------------------------------
>


--
Michael Chang
Re: Prefix delegation to sub nets [ In reply to ]
-- Doug

> On 27 June 2021, at 12:41, Michael Chang <thenewme91@gmail.com> wrote:
>
> If you actually want that topology, I think in practice the downstream router (B) must be at least a /64; if you got a /48 then I think you can set up A with /56s, which it can use to sub-allocate a /64 to B.
>
> https://tools.ietf.org/id/draft-ietf-homenet-arch-01.html <https://tools.ietf.org/id/draft-ietf-homenet-arch-01.html>
>
> The config in section 7.2 of https://wiki.archlinux.org/title/IPv6#Prefix_delegation_(DHCPv6-PD) <https://wiki.archlinux.org/title/IPv6#Prefix_delegation_(DHCPv6-PD)> might be what you're looking for? (See the note about `sla-len`.)

The addresses could be done that way. However, the issue still remains, how does router B distribute the prefix? Is using a dual dhcp6c - dhcp6s the way to go and how does dhcp6s get the prefix from dhcp6c?

>
>
> On Sun, Jun 27, 2021 at 12:05 PM Kristian McColm <Kristian.McColm@rci.rogers.com <mailto:Kristian.McColm@rci.rogers.com>> wrote:
> RFC 5375 advises against prefixes longer than /64.
>
> https://datatracker.ietf.org/doc/html/rfc5375#appendix-B.2 <https://datatracker.ietf.org/doc/html/rfc5375#appendix-B.2>
>
> A /48 gives you 65535 /64’s, why not use some of them?
>
> From: ipv6-ops-bounces+kristian.mccolm=rci.rogers.com@lists.cluenet.de <mailto:rci.rogers.com@lists.cluenet.de> <ipv6-ops-bounces+kristian.mccolm=rci.rogers.com@lists.cluenet.de <mailto:rci.rogers.com@lists.cluenet.de>> on behalf of Doug Hardie <bc979@lafn.org <mailto:bc979@lafn.org>>
> Sent: Sunday, June 27, 2021 2:54:01 PM
> To: ipv6-ops@lists.cluenet.de <mailto:ipv6-ops@lists.cluenet.de> <ipv6-ops@lists.cluenet.de <mailto:ipv6-ops@lists.cluenet.de>>
> Subject: Prefix delegation to sub nets
>
> I am trying to setup an IPv6 environment. There is a primary router (A) that receives a /48 prefix via DHCP6 from the ISP. That router configures itself properly via dhcp6c. It also creates 2 LAN /64 prefixes and creates EUI-64 addresses on the two LAN interfaces. One of those interfaces is connected to a second router (B), among other devices. The B router receives the prefix via SLAAC and creates its own EUI-64 address. However, that router needs to create a smaller subnet, /72, and distribute it to the devices on that LAN. I have not been able to figure out how to make that happen.
>
> Clearly, manual configuration would work, but the prefix received from the ISP can change which would raise havoc with the network. I suspect that dhcp6s needto be run alongside dhcp6c on router B and then the other devices run dhcp6c. However, I don't see how to get the prefix that dhcp6c receives on router B to the dhcp6s process on router B. I believe I am missing something, but haven't been able to find it. Thanks,
>
> -- Doug
>
>
>
>
>
> This communication is confidential. We only send and receive email on the basis of the terms set out at www.rogers.com/web/content/emailnotice <http://www.rogers.com/web/content/emailnotice>
>
>
>
> Ce message est confidentiel. Notre transmission et réception de courriels se fait strictement suivant les modalités énoncées dans l’avis publié à www.rogers.com/aviscourriel <http://www.rogers.com/aviscourriel>
>
>
> --
> Michael Chang
Re: Prefix delegation to sub nets [ In reply to ]
Please don't look at ancient drafts. Look at the homenet architecture RFC:
https://www.rfc-editor.org/info/rfc7368

Definitively, using any prefix longer than /64 *will not work*. The /64 has been carved in stone for many years; that's *why* you get a /48 or /56
from the ISP.

> The B router receives the prefix via SLAAC and creates its own EUI-64 address. However, that router needs to create a smaller subnet...

That doesn't work. B needs to get its own /64 prefix(es) from A via DHCPv6-PD (https://www.rfc-editor.org/info/rfc8415). That's what DHCPv6-PD is for. So A will indeed need to be a DHCPv6 server on its downstream interfaces.

If you run OpenWrt on A, this is apparently supported. See https://openwrt.org/docs/guide-user/network/ipv6/dhcp6c#example. But I have no experience with that.

Regards
Brian Carpenter

On 28-Jun-21 08:32, Doug Hardie wrote:
>
> -- Doug
>
>> On 27 June 2021, at 12:41, Michael Chang <thenewme91@gmail.com <mailto:thenewme91@gmail.com>> wrote:
>>
>> If you actually want that topology, I think in practice the downstream
router (B) must be at least a /64; if you got a /48 then I think you can set up A with /56s, which it can use to sub-allocate a /64 to B.
>>  
>> https://tools.ietf.org/id/draft-ietf-homenet-arch-01.html <https://tools.ietf.org/id/draft-ietf-homenet-arch-01.html>
>>
>> The config in section 7.2 of https://wiki.archlinux.org/title/IPv6#Prefix_delegation_(DHCPv6-PD) <https://wiki.archlinux.org/title/IPv6#Prefix_delegation_(DHCPv6-PD)> might be what you're looking for? (See the note about `sla-len`.)
>
> The addresses could be done that way.  However, the issue still remains, how does router B distribute the prefix?  Is using a dual dhcp6c - dhcp6s the way to go and how does dhcp6s get the prefix from dhcp6c?
>
>>
>>
>> On Sun, Jun 27, 2021 at 12:05 PM Kristian McColm <Kristian.McColm@rci.rogers.com <mailto:Kristian.McColm@rci.rogers.com>> wrote:
>>
>> RFC 5375 advises against prefixes longer than /64. 
>>
>> https://datatracker.ietf.org/doc/html/rfc5375#appendix-B.2 <https://datatracker.ietf.org/doc/html/rfc5375#appendix-B.2>
>>
>> A /48 gives you 65535 /64’s, why not use some of them?
>>
>> ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>> *From:* ipv6-ops-bounces+kristian.mccolm=rci.rogers.com@lists.cluenet.de <mailto:rci.rogers.com@lists.cluenet.de> <ipv6-ops-bounces+kristian.mccolm=rci.rogers.com@lists.cluenet.de <mailto:rci.rogers.com@lists.cluenet.de>> on behalf of Doug Hardie <bc979@lafn.org <mailto:bc979@lafn.org>>
>> *Sent:* Sunday, June 27, 2021 2:54:01 PM
>> *To:* ipv6-ops@lists.cluenet.de <mailto:ipv6-ops@lists.cluenet.de>
<ipv6-ops@lists.cluenet.de <mailto:ipv6-ops@lists.cluenet.de>>
>> *Subject:* Prefix delegation to sub nets
>>  
>> I am trying to setup an IPv6 environment.  There is a primary
router (A) that receives a /48 prefix via DHCP6 from the ISP. That router
configures itself properly via dhcp6c.  It also creates 2 LAN /64 prefixes and creates EUI-64 addresses on the two LAN interfaces.  One of those interfaces is connected to a second router (B), among other devices.  The B router receives the prefix via SLAAC and creates its own
EUI-64 address.  However, that router needs to create a smaller subnet, /72, and distribute it to the devices on that LAN.  I have not been able to figure out how to make that happen.
>>
>> Clearly, manual configuration would work, but the prefix received from the ISP can change which would raise havoc with the network.  I
suspect that dhcp6s needto be run alongside dhcp6c on router B and then the other devices run dhcp6c.  However, I don't see how to get the prefix that dhcp6c receives on router B to the dhcp6s process on router B.  I believe I am missing something, but haven't been able to find it.  Thanks,
>>
>> -- Doug
>>
>>
>>
>>
>>
>> ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>> This communication is confidential. We only send and receive email
on the basis of the terms set out at www.rogers.com/web/content/emailnotice <http://www.rogers.com/web/content/emailnotice>
>>
>>
>>
>> Ce message est confidentiel. Notre transmission et réception de courriels se fait strictement suivant les modalités énoncées dans l’avis publié à www.rogers.com/aviscourriel <http://www.rogers.com/aviscourriel>
>> ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>>
>>
>>
>> --
>> Michael Chang
>
Re: Prefix delegation to sub nets [ In reply to ]
> On 27 June 2021, at 14:07, Brian E Carpenter <brian.e.carpenter@gmail.com> wrote:
>
> Please don't look at ancient drafts. Look at the homenet architecture RFC:
> https://www.rfc-editor.org/info/rfc7368

I went looking when I saw the date on the draft and found the RFC.

>
> Definitively, using any prefix longer than /64 *will not work*. The /64 has been carved in stone for many years; that's *why* you get a /48 or /56
> from the ISP.

Unfortunately there are ISPs that are giving out /64 or even smaller. The claim is that is only temporary, but no indication of when that would stop.

>
>> The B router receives the prefix via SLAAC and creates its own EUI-64 address. However, that router needs to create a smaller subnet...
>
> That doesn't work. B needs to get its own /64 prefix(es) from A via DHCPv6-PD (https://www.rfc-editor.org/info/rfc8415). That's what DHCPv6-PD is for. So A will indeed need to be a DHCPv6 server on its downstream interfaces.

The issue is though how does the server get the prefix the client received? I suspect the script and restart of the server is probably the only way at this tim.

>
> If you run OpenWrt on A, this is apparently supported. See https://openwrt.org/docs/guide-user/network/ipv6/dhcp6c#example. But I have no experience with that.
>
> Regards
> Brian Carpenter
>
> On 28-Jun-21 08:32, Doug Hardie wrote:
>>
>> -- Doug
>>
>>> On 27 June 2021, at 12:41, Michael Chang <thenewme91@gmail.com <mailto:thenewme91@gmail.com>> wrote:
>>>
>>> If you actually want that topology, I think in practice the downstream
> router (B) must be at least a /64; if you got a /48 then I think you can set up A with /56s, which it can use to sub-allocate a /64 to B.
>>>
>>> https://tools.ietf.org/id/draft-ietf-homenet-arch-01.html <https://tools.ietf.org/id/draft-ietf-homenet-arch-01.html>
>>>
>>> The config in section 7.2 of https://wiki.archlinux.org/title/IPv6#Prefix_delegation_(DHCPv6-PD) <https://wiki.archlinux.org/title/IPv6#Prefix_delegation_(DHCPv6-PD)> might be what you're looking for? (See the note about `sla-len`.)
>>
>> The addresses could be done that way. However, the issue still remains, how does router B distribute the prefix? Is using a dual dhcp6c - dhcp6s the way to go and how does dhcp6s get the prefix from dhcp6c?
>>
>>>
>>>
>>> On Sun, Jun 27, 2021 at 12:05 PM Kristian McColm <Kristian.McColm@rci.rogers.com <mailto:Kristian.McColm@rci.rogers.com>> wrote:
>>>
>>> RFC 5375 advises against prefixes longer than /64.
>>>
>>> https://datatracker.ietf.org/doc/html/rfc5375#appendix-B.2 <https://datatracker.ietf.org/doc/html/rfc5375#appendix-B.2>
>>>
>>> A /48 gives you 65535 /64’s, why not use some of them?
>>>
>>> ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>>> *From:* ipv6-ops-bounces+kristian.mccolm=rci.rogers.com@lists.cluenet.de <mailto:rci.rogers.com@lists.cluenet.de> <ipv6-ops-bounces+kristian.mccolm=rci.rogers.com@lists.cluenet.de <mailto:rci.rogers.com@lists.cluenet.de>> on behalf of Doug Hardie <bc979@lafn.org <mailto:bc979@lafn.org>>
>>> *Sent:* Sunday, June 27, 2021 2:54:01 PM
>>> *To:* ipv6-ops@lists.cluenet.de <mailto:ipv6-ops@lists.cluenet.de>
> <ipv6-ops@lists.cluenet.de <mailto:ipv6-ops@lists.cluenet.de>>
>>> *Subject:* Prefix delegation to sub nets
>>>
>>> I am trying to setup an IPv6 environment. There is a primary
> router (A) that receives a /48 prefix via DHCP6 from the ISP. That router
> configures itself properly via dhcp6c. It also creates 2 LAN /64 prefixes and creates EUI-64 addresses on the two LAN interfaces. One of those interfaces is connected to a second router (B), among other devices. The B router receives the prefix via SLAAC and creates its own
> EUI-64 address. However, that router needs to create a smaller subnet, /72, and distribute it to the devices on that LAN. I have not been able to figure out how to make that happen.
>>>
>>> Clearly, manual configuration would work, but the prefix received from the ISP can change which would raise havoc with the network. I
> suspect that dhcp6s needto be run alongside dhcp6c on router B and then the other devices run dhcp6c. However, I don't see how to get the prefix that dhcp6c receives on router B to the dhcp6s process on router B. I believe I am missing something, but haven't been able to find it. Thanks,
>>>
>>> -- Doug
>>>
>>>
>>>
>>>
>>>
>>> ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>>> This communication is confidential. We only send and receive email
> on the basis of the terms set out at www.rogers.com/web/content/emailnotice <http://www.rogers.com/web/content/emailnotice>
>>>
>>>
>>>
>>> Ce message est confidentiel. Notre transmission et réception de courriels se fait strictement suivant les modalités énoncées dans l’avis publié à www.rogers.com/aviscourriel <http://www.rogers.com/aviscourriel>
>>> ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>>>
>>>
>>>
>>> --
>>> Michael Chang
>>
>
Re: Prefix delegation to sub nets [ In reply to ]
> Unfortunately there are ISPs that are giving out /64 or even smaller. The claim is that is only temporary, but no indication of when that would
stop.

They need to be named and shamed. We have that problem with 3GPP operators in particular.

Regards
Brian Carpenter

On 28-Jun-21 10:39, Doug Hardie wrote:
>> On 27 June 2021, at 14:07, Brian E Carpenter <brian.e.carpenter@gmail.com> wrote:
>>
>> Please don't look at ancient drafts. Look at the homenet architecture RFC:
>> https://www.rfc-editor.org/info/rfc7368
>
> I went looking when I saw the date on the draft and found the RFC.
>
>>
>> Definitively, using any prefix longer than /64 *will not work*. The /64 has been carved in stone for many years; that's *why* you get a /48 or /56
>> from the ISP.
>
> Unfortunately there are ISPs that are giving out /64 or even smaller. The claim is that is only temporary, but no indication of when that would
stop.
>
>>
>>> The B router receives the prefix via SLAAC and creates its own EUI-64
address. However, that router needs to create a smaller subnet...
>>
>> That doesn't work. B needs to get its own /64 prefix(es) from A via DHCPv6-PD (https://www.rfc-editor.org/info/rfc8415). That's what DHCPv6-PD is for. So A will indeed need to be a DHCPv6 server on its downstream interfaces.
>
> The issue is though how does the server get the prefix the client received? I suspect the script and restart of the server is probably the only
way at this tim.
>
>>
>> If you run OpenWrt on A, this is apparently supported. See https://openwrt.org/docs/guide-user/network/ipv6/dhcp6c#example. But I have no experience with that.
>>
>> Regards
>> Brian Carpenter
>>
>> On 28-Jun-21 08:32, Doug Hardie wrote:
>>>
>>> -- Doug
>>>
>>>> On 27 June 2021, at 12:41, Michael Chang <thenewme91@gmail.com <mailto:thenewme91@gmail.com>> wrote:
>>>>
>>>> If you actually want that topology, I think in practice the downstream
>> router (B) must be at least a /64; if you got a /48 then I think you can set up A with /56s, which it can use to sub-allocate a /64 to B.
>>>>
>>>> https://tools.ietf.org/id/draft-ietf-homenet-arch-01.html <https://tools.ietf.org/id/draft-ietf-homenet-arch-01.html>
>>>>
>>>> The config in section 7.2 of https://wiki.archlinux.org/title/IPv6#Prefix_delegation_(DHCPv6-PD) <https://wiki.archlinux.org/title/IPv6#Prefix_delegation_(DHCPv6-PD)> might be what you're looking for? (See the note
about `sla-len`.)
>>>
>>> The addresses could be done that way. However, the issue still remains, how does router B distribute the prefix? Is using a dual dhcp6c - dhcp6s the way to go and how does dhcp6s get the prefix from dhcp6c?
>>>
>>>>
>>>>
>>>> On Sun, Jun 27, 2021 at 12:05 PM Kristian McColm <Kristian.McColm@rci.rogers.com <mailto:Kristian.McColm@rci.rogers.com>> wrote:
>>>>
>>>> RFC 5375 advises against prefixes longer than /64.
>>>>
>>>> https://datatracker.ietf.org/doc/html/rfc5375#appendix-B.2 <https://datatracker.ietf.org/doc/html/rfc5375#appendix-B.2>
>>>>
>>>> A /48 gives you 65535 /64’s, why not use some of them?
>>>>
>>>> ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>>>> *From:* ipv6-ops-bounces+kristian.mccolm=rci.rogers.com@lists.cluenet.de <mailto:rci.rogers.com@lists.cluenet.de> <ipv6-ops-bounces+kristian.mccolm=rci.rogers.com@lists.cluenet.de <mailto:rci.rogers.com@lists.cluenet.de>> on behalf of Doug Hardie <bc979@lafn.org <mailto:bc979@lafn.org>>
>>>> *Sent:* Sunday, June 27, 2021 2:54:01 PM
>>>> *To:* ipv6-ops@lists.cluenet.de <mailto:ipv6-ops@lists.cluenet.de>
>> <ipv6-ops@lists.cluenet.de <mailto:ipv6-ops@lists.cluenet.de>>
>>>> *Subject:* Prefix delegation to sub nets
>>>>
>>>> I am trying to setup an IPv6 environment. There is a primary
>> router (A) that receives a /48 prefix via DHCP6 from the ISP. That router
>> configures itself properly via dhcp6c. It also creates 2 LAN /64 prefixes and creates EUI-64 addresses on the two LAN interfaces. One of those interfaces is connected to a second router (B), among other devices. The B router receives the prefix via SLAAC and creates its own
>> EUI-64 address. However, that router needs to create a smaller subnet, /72, and distribute it to the devices on that LAN. I have not been able to figure out how to make that happen.
>>>>
>>>> Clearly, manual configuration would work, but the prefix received
from the ISP can change which would raise havoc with the network. I
>> suspect that dhcp6s needto be run alongside dhcp6c on router B and then the other devices run dhcp6c. However, I don't see how to get the prefix that dhcp6c receives on router B to the dhcp6s process on router B. I
believe I am missing something, but haven't been able to find it. Thanks,
>>>>
>>>> -- Doug
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>>>> This communication is confidential. We only send and receive email
>> on the basis of the terms set out at www.rogers.com/web/content/emailnotice <http://www.rogers.com/web/content/emailnotice>
>>>>
>>>>
>>>>
>>>> Ce message est confidentiel. Notre transmission et réception
de courriels se fait strictement suivant les modalités énoncées dans l’avis publié à www.rogers.com/aviscourriel <http://www.rogers.com/aviscourriel>
>>>> ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>>>>
>>>>
>>>>
>>>> --
>>>> Michael Chang
>>>
>>
>
Re: Prefix delegation to sub nets [ In reply to ]
> On 27 Jun 2021, at 23:07, Brian E Carpenter <brian.e.carpenter@gmail.com> wrote:
>
> That doesn't work. B needs to get its own /64 prefix(es) from A via DHCPv6-PD (https://www.rfc-editor.org/info/rfc8415). That's what DHCPv6-PD is for. So A will indeed need to be a DHCPv6 server on its downstream interfaces.

To the extent it matters, it’s not what DHCP PD was designed for.

HNCP does internal prefix assignment in a network.

Now, if you were to use DHCP PD for this, I would recommend a single PD server in the network (on A). DHCP PD clients on all internal routers. Either DHCP relays or more simply each internal router PD client configured with the address of the PD server directly. Then an IGP to advertise prefixes.

The PD clients should request individual /64s for each of their downstream interfaces.

This scheme does not work great in networks with loops or multiple routers on a link. If using DHCP relays you manually have to make a spanning tree.
And you risk links being assigned multiple prefixes.

HNCP solves all of this.

Cheers
Ole
Re: Prefix delegation to sub nets [ In reply to ]
Is HNCP available for the various Linux distros?
If not, it has to be PD, I think.

Regards,
Brian Carpenter
(via tiny screen & keyboard)

On Mon, 28 Jun 2021, 20:51 Ole Troan, <otroan@employees.org> wrote:

>
>
> > On 27 Jun 2021, at 23:07, Brian E Carpenter <brian.e.carpenter@gmail.com>
> wrote:
> >
> > That doesn't work. B needs to get its own /64 prefix(es) from A via
> DHCPv6-PD (https://www.rfc-editor.org/info/rfc8415). That's what
> DHCPv6-PD is for. So A will indeed need to be a DHCPv6 server on its
> downstream interfaces.
>
> To the extent it matters, it’s not what DHCP PD was designed for.
>
> HNCP does internal prefix assignment in a network.
>
> Now, if you were to use DHCP PD for this, I would recommend a single PD
> server in the network (on A). DHCP PD clients on all internal routers.
> Either DHCP relays or more simply each internal router PD client configured
> with the address of the PD server directly. Then an IGP to advertise
> prefixes.
>
> The PD clients should request individual /64s for each of their downstream
> interfaces.
>
> This scheme does not work great in networks with loops or multiple routers
> on a link. If using DHCP relays you manually have to make a spanning tree.
> And you risk links being assigned multiple prefixes.
>
> HNCP solves all of this.
>
> Cheers
> Ole
Re: Prefix delegation to sub nets [ In reply to ]
You could try https://github.com/jech/shncpd or
https://github.com/sbyx/hnetd/, though the last update to those
repositories was 2017-2018...


On Mon, 28 Jun 2021 at 11:10, Brian Carpenter
<brian.e.carpenter@gmail.com> wrote:
>
> Is HNCP available for the various Linux distros?
> If not, it has to be PD, I think.
>
> Regards,
> Brian Carpenter
> (via tiny screen & keyboard)
>
> On Mon, 28 Jun 2021, 20:51 Ole Troan, <otroan@employees.org> wrote:
>>
>>
>>
>> > On 27 Jun 2021, at 23:07, Brian E Carpenter <brian.e.carpenter@gmail.com> wrote:
>> >
>> > That doesn't work. B needs to get its own /64 prefix(es) from A via DHCPv6-PD (https://www.rfc-editor.org/info/rfc8415). That's what DHCPv6-PD is for. So A will indeed need to be a DHCPv6 server on its downstream interfaces.
>>
>> To the extent it matters, it’s not what DHCP PD was designed for.
>>
>> HNCP does internal prefix assignment in a network.
>>
>> Now, if you were to use DHCP PD for this, I would recommend a single PD server in the network (on A). DHCP PD clients on all internal routers. Either DHCP relays or more simply each internal router PD client configured with the address of the PD server directly. Then an IGP to advertise prefixes.
>>
>> The PD clients should request individual /64s for each of their downstream interfaces.
>>
>> This scheme does not work great in networks with loops or multiple routers on a link. If using DHCP relays you manually have to make a spanning tree.
>> And you risk links being assigned multiple prefixes.
>>
>> HNCP solves all of this.
>>
>> Cheers
>> Ole



--
Chriztoffer
Re: Prefix delegation to sub nets [ In reply to ]
I have been working my way through the RFCs and it appears HNCP might be the solution. However, both of those implementations require the prefix from the ISP be configured by hand. That is not viable in situations where a dynamic IP address is provided. I suspect that HNCP and DHCP6 will need to be integrated for that.

-- Doug

> On 28 June 2021, at 03:00, Chriztoffer Hansen <ch@ntrv.dk> wrote:
>
> You could try https://github.com/jech/shncpd or
> https://github.com/sbyx/hnetd/, though the last update to those
> repositories was 2017-2018...
>
>
> On Mon, 28 Jun 2021 at 11:10, Brian Carpenter
> <brian.e.carpenter@gmail.com> wrote:
>>
>> Is HNCP available for the various Linux distros?
>> If not, it has to be PD, I think.
>>
>> Regards,
>> Brian Carpenter
>> (via tiny screen & keyboard)
>>
>> On Mon, 28 Jun 2021, 20:51 Ole Troan, <otroan@employees.org> wrote:
>>>
>>>
>>>
>>>> On 27 Jun 2021, at 23:07, Brian E Carpenter <brian.e.carpenter@gmail.com> wrote:
>>>>
>>>> That doesn't work. B needs to get its own /64 prefix(es) from A via DHCPv6-PD (https://www.rfc-editor.org/info/rfc8415). That's what DHCPv6-PD is for. So A will indeed need to be a DHCPv6 server on its downstream interfaces.
>>>
>>> To the extent it matters, it’s not what DHCP PD was designed for.
>>>
>>> HNCP does internal prefix assignment in a network.
>>>
>>> Now, if you were to use DHCP PD for this, I would recommend a single PD server in the network (on A). DHCP PD clients on all internal routers. Either DHCP relays or more simply each internal router PD client configured with the address of the PD server directly. Then an IGP to advertise prefixes.
>>>
>>> The PD clients should request individual /64s for each of their downstream interfaces.
>>>
>>> This scheme does not work great in networks with loops or multiple routers on a link. If using DHCP relays you manually have to make a spanning tree.
>>> And you risk links being assigned multiple prefixes.
>>>
>>> HNCP solves all of this.
>>>
>>> Cheers
>>> Ole
>
>
>
> --
> Chriztoffer
>
Re: Prefix delegation to sub nets [ In reply to ]
I suggest raising that on homenet@ietf.org
https://datatracker.ietf.org/wg/homenet/about/

Regards
Brian Carpenter

On 03-Jul-21 07:19, Doug Hardie wrote:
> I have been working my way through the RFCs and it appears HNCP might be the solution. However, both of those implementations require the prefix from the ISP be configured by hand. That is not viable in situations where a dynamic IP address is provided. I suspect that HNCP and DHCP6 will need to be integrated for that.
>
> -- Doug
>
>> On 28 June 2021, at 03:00, Chriztoffer Hansen <ch@ntrv.dk> wrote:
>>
>> You could try https://github.com/jech/shncpd or
>> https://github.com/sbyx/hnetd/, though the last update to those
>> repositories was 2017-2018...
>>
>>
>> On Mon, 28 Jun 2021 at 11:10, Brian Carpenter
>> <brian.e.carpenter@gmail.com> wrote:
>>>
>>> Is HNCP available for the various Linux distros?
>>> If not, it has to be PD, I think.
>>>
>>> Regards,
>>> Brian Carpenter
>>> (via tiny screen & keyboard)
>>>
>>> On Mon, 28 Jun 2021, 20:51 Ole Troan, <otroan@employees.org> wrote:
>>>>
>>>>
>>>>
>>>>> On 27 Jun 2021, at 23:07, Brian E Carpenter <brian.e.carpenter@gmail.com> wrote:
>>>>>
>>>>> That doesn't work. B needs to get its own /64 prefix(es) from A via
DHCPv6-PD (https://www.rfc-editor.org/info/rfc8415). That's what DHCPv6-PD is for. So A will indeed need to be a DHCPv6 server on its downstream interfaces.
>>>>
>>>> To the extent it matters, it’s not what DHCP PD was designed
for.
>>>>
>>>> HNCP does internal prefix assignment in a network.
>>>>
>>>> Now, if you were to use DHCP PD for this, I would recommend a single
PD server in the network (on A). DHCP PD clients on all internal routers. Either DHCP relays or more simply each internal router PD client configured with the address of the PD server directly. Then an IGP to advertise prefixes.
>>>>
>>>> The PD clients should request individual /64s for each of their downstream interfaces.
>>>>
>>>> This scheme does not work great in networks with loops or multiple routers on a link. If using DHCP relays you manually have to make a spanning tree.
>>>> And you risk links being assigned multiple prefixes.
>>>>
>>>> HNCP solves all of this.
>>>>
>>>> Cheers
>>>> Ole
>>
>>
>>
>> --
>> Chriztoffer
>>
>
Re: Prefix delegation to sub nets [ In reply to ]
Doug,

I am pretty sure that the openwrt implementation done by Markus, Pierre and Steven of hncp integrates with DHCPv6.

Cheers,
Ole

> On 2 Jul 2021, at 21:19, Doug Hardie <bc979@lafn.org> wrote:
>
> ?I have been working my way through the RFCs and it appears HNCP might be the solution. However, both of those implementations require the prefix from the ISP be configured by hand. That is not viable in situations where a dynamic IP address is provided. I suspect that HNCP and DHCP6 will need to be integrated for that.
>
> -- Doug
>
>> On 28 June 2021, at 03:00, Chriztoffer Hansen <ch@ntrv.dk> wrote:
>>
>> You could try https://github.com/jech/shncpd or
>> https://github.com/sbyx/hnetd/, though the last update to those
>> repositories was 2017-2018...
>>
>>
>>> On Mon, 28 Jun 2021 at 11:10, Brian Carpenter
>>> <brian.e.carpenter@gmail.com> wrote:
>>>
>>> Is HNCP available for the various Linux distros?
>>> If not, it has to be PD, I think.
>>>
>>> Regards,
>>> Brian Carpenter
>>> (via tiny screen & keyboard)
>>>
>>> On Mon, 28 Jun 2021, 20:51 Ole Troan, <otroan@employees.org> wrote:
>>>>
>>>>
>>>>
>>>>> On 27 Jun 2021, at 23:07, Brian E Carpenter <brian.e.carpenter@gmail.com> wrote:
>>>>>
>>>>> That doesn't work. B needs to get its own /64 prefix(es) from A via DHCPv6-PD (https://www.rfc-editor.org/info/rfc8415). That's what DHCPv6-PD is for. So A will indeed need to be a DHCPv6 server on its downstream interfaces.
>>>>
>>>> To the extent it matters, it’s not what DHCP PD was designed for.
>>>>
>>>> HNCP does internal prefix assignment in a network.
>>>>
>>>> Now, if you were to use DHCP PD for this, I would recommend a single PD server in the network (on A). DHCP PD clients on all internal routers. Either DHCP relays or more simply each internal router PD client configured with the address of the PD server directly. Then an IGP to advertise prefixes.
>>>>
>>>> The PD clients should request individual /64s for each of their downstream interfaces.
>>>>
>>>> This scheme does not work great in networks with loops or multiple routers on a link. If using DHCP relays you manually have to make a spanning tree.
>>>> And you risk links being assigned multiple prefixes.
>>>>
>>>> HNCP solves all of this.
>>>>
>>>> Cheers
>>>> Ole
>>
>>
>>
>> --
>> Chriztoffer
>>
>