Date: Fri, 31 Oct 2014 22:53:51 -0700 From: Rui Paulo <rpaulo@me.com> To: Chris Inacio <nacho319@gmail.com> Cc: freebsd-net@freebsd.org Subject: Re: Help with IPv6 router gateway config, Comcast, DHCP, dnsmasq Message-ID: <44D1EB57-CFB0-4E78-822C-29A9FEA85A66@me.com> In-Reply-To: <CAG_PEez92O0%2Ba-_OsQ%2BmUx_s58ttkPcvW05e8x3-CHWHv2kp1g@mail.gmail.com> References: <CAG_PEez92O0%2Ba-_OsQ%2BmUx_s58ttkPcvW05e8x3-CHWHv2kp1g@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Oct 31, 2014, at 20:23, Chris Inacio <nacho319@gmail.com> wrote:
>=20
> Hello all,
>=20
> I've tried to find this information in so many ways, but I just can't =
piece
> it together, maybe my Google fu is failing me.
>=20
> I have my router/gateway device running FreeBSD 10p11 - so its up to =
date.
> On my internal network interface, re1, I'm using dnsmasq to serve both =
IPv4
> DHCP and current private network IPv6 (fc00::).
This prefix has been depreciated. Why aren't you giving global IPv6 =
addresses internally anyway?
> I can successfully configure my public interface (re0) to get IPv6
> information from Comcast. I'm getting both a /128 NA for the =
interface as
> well as a prefix /64 to allocate IPv6 addresses.
>=20
> The problem is that I get the /64 via dhcp6c operating on my re0 =
interface,
> and then I can't figure out how to pass that information to dnsmasq to =
use
> it for my internal network. I could only see the /64 by running =
dhcp6c in
> foreground+debug mode.
The way this works is by prefix delegation. dhcp6c gets a delegated =
prefix from the DHCPv6 server and then it's supposed to configure it on =
your internal network (re1).
You could theoretically write a script that runs when you get a prefix =
which configures dnsmasq, but to be honest letting dhcp6c configure the =
prefix on your internal network and then running rtadvd is much easier. =
Not to mention that not every system out there supports DHCPv6 by =
default.
> Is there a simple solution to this? I'm okay with variations such as =
"stop
> using dhcp6c to get the /64 prefix and add `XXXXX` to dnsmasq to do =
it" or
> "use dhcp6s to serve the /64 prefix".
>=20
> I am currently having a few issues with dnsmasq, but generally, I =
still
> like it. (It keeps crashing with signal 11, but I'm using the version =
from
> pkg which doesn't call out to an init script.) But the way dnsmasq =
handles
> DHCP, local DNS, and support DNSSEC I like a lot.
>=20
> I find the man pages for dhcp6 pretty awful. The man pages describe =
the
> options - but not being able to find what /64 is assigned to dhcp6c =
other
> than running in debug mode seems crazy.
There's an alternative: dhclient from ports which includes DHCPv6 =
support with prefix delegation.
>=20
> My configs are really basic. dhcp6c.conf:
>=20
> interface re0 {
>=20
> send ia-pd 0;
>=20
> send ia-na 1;
>=20
> };
>=20
>=20
> id-assoc na 1 {
>=20
> };
>=20
>=20
> id-assoc pd {
>=20
> prefix ::/56 infinity;
>=20
> prefix-interface re0 {
>=20
> sla-len 4;
>=20
> sla-id 1;
>=20
> };
>=20
> };
>=20
>=20
> dnsmasq.conf:
>=20
>=20
> interface=3Dre1
>=20
> dhcp-range=3Dre1,192.168.1.1,192.168.1.150,255.255.255.0,12h
>=20
> domain-needed
>=20
> bogus-priv
>=20
> resolv-file=3D/usr/local/etc/dnsmasq-resolv.conf
>=20
>=20
> #
>=20
> # serve up our own name
>=20
> #
>=20
> interface-name=3Daticusjr,re1
>=20
>=20
>=20
> #
>=20
> # enable DNSSEC
>=20
> #
>=20
> conf-file=3D/usr/local/share/dnsmasq/trust-anchors.conf
>=20
> dnssec
>=20
> dnssec-check-unsigned
>=20
>=20
> #
>=20
> # do IPv6 router advertisements for internal network
>=20
> #
>=20
> dhcp-range=3D::,constructor:re1,ra-only
>=20
> enable-ra
>=20
>=20
> Any help would be greatly appreciated.
>=20
>=20
> thanks
>=20
> Chris
> _______________________________________________
> freebsd-net@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
--
Rui Paulo
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44D1EB57-CFB0-4E78-822C-29A9FEA85A66>