Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Exerting control over IPV6 addressing.
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
Ralphred
l33t
l33t


Joined: 31 Dec 2013
Posts: 767

PostPosted: Fri Apr 11, 2025 6:10 pm    Post subject: Exerting control over IPV6 addressing. Reply with quote

Known hosts within my local LAN have DHCP assigned pseudo-static addresses, and my local "caching" named instance has a zone file for these so it can resolve and machines can be found from inside the network nice and easily (without any SNAT shenanigans).
Replicating this for IPV6 was a chore, firstly because it tries to auto-configure (as any instructions I read set this up without real explaination), and secondly because dhcp6d is kinda deprecated in favour of net-misc/kea, which is a "more complicated solution" than net-misc/dhcp at first glance.

To save others taking the same complicated reading journey I did, I'll post a snippet of my original /etc/dhcp/dhcpd.conf as a reference to what I was doing, then /etc/kea/dhcp{4,6}.conf snippets that replicate the original in both ipv4 and ipv6.
/etc/dhcp/dhcpd.conf:
## option definitions common to all supported networks...
include "/etc/dhcp/rndc.key";
ddns-updates on;
ddns-update-style interim;
update-static-leases on;
option domain-name "example.co.uk";
default-lease-time 172800;
max-lease-time 172800;
authoritative;
log-facility local7;
zone example.co.uk.              { primary localhost; key rndc-key; }
zone 0.0.10.in-addr.arpa.       { primary localhost; key rndc-key; }

subnet 10.0.0.0 netmask 255.255.255.0 {
  option routers 10.0.0.254;
  option domain-name-servers  10.0.0.254;
  option ntp-servers 10.0.0.254;
  option domain-name "example.co.uk";
  ddns-domainname "example.co.uk.";
  ddns-rev-domainname "in-addr.arpa.";

  pool {
    range 10.0.0.1 10.0.0.31;
    deny unknown-clients;
    host gentoo1                 { hardware ethernet ab:cd:ef:01:23:45; fixed-address 10.0.0.1;   }
    ~~snipped long list of clients~~
  }
  pool {
    range 10.0.0.101 10.0.0.150;
    max-lease-time 7200;
  }
  pool {
    max-lease-time 7200;
    option domain-name-servers  10.0.0.254;
    option ntp-servers 10.0.0.254;
    range 10.0.0.241 10.0.0.253;
    deny unknown-clients;
    host switch1                { hardware ethernet ab:cd:ef:01:23:46; fixed-address 10.0.0.241; }
    ~~snipped longish list of "infrastructure" clients~~
  }
}
/etc/kea/dhcp4.conf:
{
        "Dhcp4": {
                # First we set up global values
                "valid-lifetime": 4000,
                "renew-timer": 1000,
                "rebind-timer": 2000,
                #Next we set up the interfaces to be used by the server.
                "interfaces-config": {
                        "interfaces": [ "eth0.1", "eth0.3" ]
                },
                # And we specify the type of lease database
                "lease-database": {
                        "type": "memfile",
                        "persist": true,
                        "name": "/var/lib/kea/dhcp4.leases",
                        "lfc-interval": 1800
                },
                # Finally, we list the subnets from which we will be leasing addresses.
                "subnet4": [
                        {       "id": 1,
                                "subnet": "10.0.0.0/24",
                                "interface": "eth0.1",
                                "option-data": [
                                        { "space": "dhcp4", "name": "routers",                          "data": "10.0.0.254"       },
                                        { "space": "dhcp4", "name": "domain-name-servers",              "data": "10.0.0.254"       },
                                        { "space": "dhcp4", "name": "ntp-servers",                      "data": "10.0.0.254"       },
                                        { "space": "dhcp4", "name": "domain-name",                      "data": "example.co.uk"    }
                                ],
                                "pools": [
                                        { "pool": "10.0.0.1 - 10.0.0.31", "client-class": "know_clients" },
                                        { "pool": "10.0.0.101 - 10.0.0.150" },
                                        { "pool": "10.0.0.241 - 10.0.0.253", "client-class": "known_clients"}
                                ],
                                "reservations": [
                                        { "hostname": "gentoo1",                         "hw-address": "ab:cd:ef:01:23:45", "ip-address": "10.0.0.1"           },
                                        ~~snipped long list of clients~~
                                        { "hostname": "switch1",                         "hw-address": "ab:cd:ef:01:23:46", "ip-address": "10.0.0.241"        },
                                        ~~snipped longish list of "infrastructure" clients~~
                                ]
                        },
                        {       "id": 3,
                                "subnet": "192.168.3.0/24",
                                "interface": "eth0.3",
                                "option-data": [
                                        { "space": "dhcp4", "name": "routers",                  "data": "192.168.3.254"        },
                                        { "space": "dhcp4", "name": "domain-name-servers",      "data": "8.8.4.4, 8.8.8.8"      }
                                ],
                                "pools": [
                                        { "pool": "192.168.3.1 - 192.168.3.50" }
                                ]
                        }
                ],
                "loggers": [
                        {       "name": "kea-dhcp4",
                                "output_options": [
                                        {       "output": "/var/log/kea/dhcp4.log",
                                                "maxsize": 1048576,
                                                "maxver": 8
                                        }
                                ],
                                #FATAL, ERROR, WARN, INFO, DEBUG
                                "severity": "INFO",
                                #For serverity=DEBUG. 0 is least verbose, 99 is most verbose.
                                "debuglevel": 0
                        }
                ]
        }
}
As the keen eyed will see, during the "upgrade" I split eth0 into separate VLAN's, something that net-misc/dhcp didn't let me do so easily, hence it was just on a "todo" list, and not actually done.
/etc/kea/dhcp6.conf:
{
        "Dhcp6": {
                # First we set up global values
                "valid-lifetime": 4000,
                "renew-timer": 1000,
                "rebind-timer": 2000,
                # Next we set up the interfaces to be used by the server.
                "interfaces-config": { "interfaces": [ "eth0.1" ] },
                # And we specify the type of lease database
                "lease-database": {
                        "type": "memfile",
                        "persist": true,
                        "name": "/var/lib/kea/dhcp6.leases",
                        "lfc-interval": 1800
                },
                "subnet6": [
                        {       "id": 1,
                                "subnet": "2001:db8:fea1:94c6:258e::/80",
                                "interface": "eth0.1",
                                "pools": [ { "pool": "2001:db8:fea1:94c6:258e::1 - 2001:db8:fea1:94c6:258e::50" } ],
                                "option-data": [
                                        {       "space": "dhcp6", "name": "dns-servers",        "data": "2001:db8:fea1:94c6:258e::254" },
                                        {       "space": "dhcp6", "name": "domain-search",      "data": "example.co.uk" }
                                ]
                        }
                ],
                "reservations": [
                        {"hostname": "gentoo1",                            "hw-address": "ab:cd:ef:01:23:45", "ip-addresses": [ "2001:db8:fea1:94c6:258e::1" ] },
                        ~~snipped long list of clients~~
                ],
                "loggers": [
                        {       "name": "kea-dhcp6",
                                "output_options": [
                                        {       "output": "/var/log/kea/dhcp6.log",
                                                "maxsize": 1048576,
                                                "maxver": 8
                                        }
                                ],
                                #FATAL, ERROR, WARN, INFO, DEBUG
                                "severity": "INFO",
                                #0 is least verbose, 99 is most verbose
                                "debuglevel": 0
                        }
                ]
        }
}
I haven't done any "guest LAN" config in IPV6 (eth0.1 is "my LAN", eth0.3 is "guest LAN") but the similarities between the dhcp4 and dhcp6 config files means someone could without bother. I find JSON a chore to read, so have tried to rationalise it a best as possible with indentation, YMMV in reading it though.

So, to the final piece of the puzzle
/etc/radvd.conf:
interface eth0.1
{
    AdvSendAdvert on;
    AdvManagedFlag on;
    AdvRASrcAddress {2001:db8:fea1:94c6:258e::254;};
    AdvSourceLLAddress off;
    prefix 2001:db8:fea1:94c6:258e::254/80
    {
         AdvOnLink on;
         AdvAutonomous off;
         AdvRouterAddr on;
     };
};
The prefix for this rhetorical network would be 2001:db8:fea1:94c6::/64. There is a reason to list it as 258e::254/80 as opposed to just 258e::/80, I remember it having something to do with "Mobile IPv6 extensions", but can't find the source right now.

net-misc/dhcp's ddns-updates on; was making a proper mess of my zone files, so I'm kind of glad it's gone. Kea does have a ddns update thingy bundled with it, but I'm gonna steer clear because a tidy zone file is a happy admin, also as the AAAA records don't change inside/outside the LAN I can just cut/paste them into my real DNS hosts zone records at will.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum