Date: Fri, 31 Oct 2014 23:23:02 -0400 From: Chris Inacio <nacho319@gmail.com> To: freebsd-net@freebsd.org Subject: Help with IPv6 router gateway config, Comcast, DHCP, dnsmasq Message-ID: <CAG_PEez92O0%2Ba-_OsQ%2BmUx_s58ttkPcvW05e8x3-CHWHv2kp1g@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hello all,
I've tried to find this information in so many ways, but I just can't piece
it together, maybe my Google fu is failing me.
I have my router/gateway device running FreeBSD 10p11 - so its up to date.
On my internal network interface, re1, I'm using dnsmasq to serve both IPv4
DHCP and current private network IPv6 (fc00::).
I can successfully configure my public interface (re0) to get IPv6
information from Comcast. I'm getting both a /128 NA for the interface as
well as a prefix /64 to allocate IPv6 addresses.
The problem is that I get the /64 via dhcp6c operating on my re0 interface,
and then I can't figure out how to pass that information to dnsmasq to use
it for my internal network. I could only see the /64 by running dhcp6c in
foreground+debug mode.
Is there a simple solution to this? I'm okay with variations such as "stop
using dhcp6c to get the /64 prefix and add `XXXXX` to dnsmasq to do it" or
"use dhcp6s to serve the /64 prefix".
I am currently having a few issues with dnsmasq, but generally, I still
like it. (It keeps crashing with signal 11, but I'm using the version from
pkg which doesn't call out to an init script.) But the way dnsmasq handles
DHCP, local DNS, and support DNSSEC I like a lot.
I find the man pages for dhcp6 pretty awful. The man pages describe the
options - but not being able to find what /64 is assigned to dhcp6c other
than running in debug mode seems crazy.
My configs are really basic. dhcp6c.conf:
interface re0 {
send ia-pd 0;
send ia-na 1;
};
id-assoc na 1 {
};
id-assoc pd {
prefix ::/56 infinity;
prefix-interface re0 {
sla-len 4;
sla-id 1;
};
};
dnsmasq.conf:
interface=re1
dhcp-range=re1,192.168.1.1,192.168.1.150,255.255.255.0,12h
domain-needed
bogus-priv
resolv-file=/usr/local/etc/dnsmasq-resolv.conf
#
# serve up our own name
#
interface-name=aticusjr,re1
#
# enable DNSSEC
#
conf-file=/usr/local/share/dnsmasq/trust-anchors.conf
dnssec
dnssec-check-unsigned
#
# do IPv6 router advertisements for internal network
#
dhcp-range=::,constructor:re1,ra-only
enable-ra
Any help would be greatly appreciated.
thanks
Chris
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAG_PEez92O0%2Ba-_OsQ%2BmUx_s58ttkPcvW05e8x3-CHWHv2kp1g>