[ previous ] [ next ] [ threads ]
 
 From:  Andrew White <andywhite at gmail dot com>
 To:  Ray Soucy <rps at maine dot edu>
 Cc:  Egbert Jan <egbert at vandenbussche dot nl>, m0n0wall dash dev at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall-dev] native IPV6 needs dhcp6c
 Date:  Thu, 29 Apr 2010 15:42:28 +0100
true for a static ip'd WAN, but not for pppoe interface as it's unnumbered.
 radvd will not advertise out and will error on receiving an RA to it's log,
which is what m0n0 catches to suggest your LAN side IP as that message has
your prefix.  I'm away from my box to confim the exact way this works ....



On Thu, Apr 29, 2010 at 3:36 PM, Ray Soucy <rps at maine dot edu> wrote:

> DHCPv6 and IPv6 RA are related but different things.
>
> You should _never_ send an IPv6 RA out the WAN connection, you should
> only send RA to advertise the prefixes you are the router for.
>
> There is currently no way to filter rogue RA, so RA out the WAN
> connection could bring down IPv6 for everyone on the ISPs network.
>
> RA messages have a "managed config" flag that indicates the host
> should use DHCPv6 to configure its address (as opposed to stateless).
>
> So the WAN port would need a DHCPv6 client listening, and the LAN port
> would need to send RA of the prefix delegated though DHCPv6-PD.
>
> On Thu, Apr 29, 2010 at 10:18 AM, Egbert Jan <egbert at vandenbussche dot nl>
> wrote:
> > Andy, Ray,
> >
> > IMHO dhcpdc *IS* needed to accept the PD RA advertisement from the ISP.
> > Switching om RA om the WAN side of Monowall will act as ISP and advertise
> > instead of listen. Or am I completely wromg here?
> > Maybe I should just test that bij connecting the modem (Vigor120 in
> > PPPoE->PPPoA bridge mode) to the Soekris running Monowall and reconfigure
> > for PPPoE. Unfortunately I have only one ADSL line here and can only test
> > when nobody is at home except myself...
> >
> > Egbert Jan
> >
> >> -----Oorspronkelijk bericht-----
> >> Van: Andrew White [mailto:andywhite at gmail dot com]
> >> Verzonden: donderdag 29 april 2010 14:47
> >> Aan: Egbert Jan
> >> CC: m0n0wall dash dev at lists dot m0n0 dot ch
> >> Onderwerp: Re: [m0n0wall-dev] native IPV6 needs dhcp6c
> >>
> >>
> >> My last comment on this outside of the forums because it's
> >> important these questions are asked on the forums as others
> >> will learn from the thread , it's searchable (including
> >> google) and others can contribute.
> >>
> >>
> >> You may not need to do anything at all.
> >>
> >> m0n0wall supports ipv6 via a number of mechanisms including ppp/pppoe.
> >>
> >> DHCP-PD is an aide to help configure your LAN side
> >> addressing, but more than likely they will announce your
> >> subnet down your ppp tunnel, or give you your assignment on
> >> your support page after you login.  This being the case,
> >> m0n0wall will suggest an ip address based on receiving this
> >> announcement if you enable RA on the WAN, and wait to receive
> >> an announcement.
> >>
> >> DHCP-PD should only be required if you are given a different
> >> home subnet on a regular basis, and reconfiguring your WAN
> >> would be a pain, but that really would not be normal in an
> >> ipv6 environment where you get a subnet associated with your UID.
> >>
> >> DUID's are supposed to be static according to the RFC's and
> >> most OS's use the MAC address to form their DUID, but Windows
> >> 7 , for example, doesn't.  AFAIK, MS don't clearly publish
> >> their method for deriving their DUID (which is why you must
> >> enter a DUID in dhcp6d for windows 7 systems, and just a MAC
> >> for others).
> >>
> >> On Wed, Apr 28, 2010 at 6:32 PM, Egbert Jan
> >> <egbert at vandenbussche dot nl> wrote:
> >>
> >> > Hi Andy.
> >> >
> >> > Well.. the request is to put into the image what is
> >> neccessary to get
> >> > native Ipv6 going. I'm currently in a pilot for native IPv6 with
> >> > prefix delegation on unnumbered link organized by XS4ALL a major
> >> > player here in NL.
> >> >
> >> > Integration is needed for wide-dhcp6-client and radvd might need
> >> > pacthing. The DHCP6 client needs a configuration file. Parameters
> >> > should be set via the GUI. Logging what goes on is
> >> essential as is a
> >> > status display. ppp might need extensions to send/receive
> >> IPV6CP. Also
> >> > a unique but no-changing DUID must be created (or kept) in the
> >> > confuguration. I would advise a type 3 DUID; only based on MAC
> >> > address, or a choice of all three  types. ;-)
> >> >
> >> > I saw that it should be possible to use exec.php to add dhcp6c and
> >> > config. I did not go thru that all, though... I took
> >> another piece of
> >> > (x86) hardware and installed OpenWRT 10.03. Got that working today.
> >> > Still, when monowall becomes available, I will stay on that
> >> platform.
> >> > OpenWRT is quite new to me.
> >> > It has a nice look and feel and there is a full commandline (ash in
> >> > busybox). I must say that it rocks.
> >> >
> >> > I do not know how rigid the 8 Mb image size barrier is that you
> >> > developers seem to have set for yourselves. With the newer
> >> hardware it
> >> > is hardly an issue anymore imho. OpenWRT formats whatever
> >> extra space
> >> > you have and uses unionfs to overlap. So I have plenty of
> >> room on my
> >> > 256 Mb IDE-Flashcard.
> >> >
> >> > HTH
> >> > Egbert Jan
> >> >
> >> >
> >> > > -----Oorspronkelijk bericht-----
> >> > > Van: Andrew White [mailto:andywhite at gmail dot com]
> >> > > Verzonden: woensdag 28 april 2010 17:31
> >> > > Aan: Egbert Jan
> >> > > CC: m0n0wall dash dev at lists dot m0n0 dot ch
> >> > > Onderwerp: Re: [m0n0wall-dev] native IPV6 needs dhcp6c
> >> > >
> >> > >
> >> > > Can you post the feature request here ?  I might get some time to
> >> > > look at this in the next 2-3 weeks, work permitting.
> >> > >
> >> > > Also, if you tried using dhcp6c , posting your results in
> >> there too
> >> > > ?
> >> > >
> >> > > On Thu, Apr 22, 2010 at 2:14 PM, Egbert Jan
> >> > > <egbert at vandenbussche dot nl> wrote:
> >> > >
> >> > > > It would be wonderful when dhcp6c could be in the 1.33 (or
> >> > > a later...)
> >> > > > release! With a posibility to configure via the
> >> > > webinterface offcause!
> >> > > > There is some activity already; there is an image that can
> >> > > be uploaded
> >> > > > via the exec.php page. This is cumbersome though...
> >> > > >
> >> > > > Any chance that dhcp6c is finding its way into Monowall???
> >> > > >
> >> > > > Egbert Jan
> >> > > >
> >> > > >
> >> > > >
> >> > >
> >> --------------------------------------------------------------------
> >> > > -
> >> > > > To unsubscribe, e-mail: m0n0wall dash dev dash unsubscribe at lists dot m0n0 dot ch
> >> > > > For additional commands, e-mail: m0n0wall dash dev dash help at lists dot m0n0 dot ch
> >> > > >
> >> > > >
> >> > >
> >> >
> >> >
> >>
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: m0n0wall dash dev dash unsubscribe at lists dot m0n0 dot ch
> > For additional commands, e-mail: m0n0wall dash dev dash help at lists dot m0n0 dot ch
> >
> >
>
>
>
> --
> Ray Soucy
>
> Epic Communications Specialist
>
> Phone: +1 (207) 561-3526
>
> Networkmaine, a Unit of the University of Maine System
> http://www.networkmaine.net/
>