Hurricane Electric's IPv6 Tunnel Broker Forums

General IPv6 Topics => IPv6 on Linux & BSD & Mac => Topic started by: takoateli on November 26, 2012, 09:44:09 AM

Title: RA vs DHCP? Advertise DNS?
Post by: takoateli on November 26, 2012, 09:44:09 AM
I'm able to configure my Mikrotik router as per HE's suggested settings and all works well. But I have no control over which client receives which IPv6 address. There are times when I want to identify and/or bandwidth manage certain clients, so I'd like to know who has which IP address. If I turn off RA and switch to IPv6 DHCP can I accomplish this by handing out certain IPv6 IPs to certain DUIDs?

Also how do I advertise the IPv6 DNS server? In my Mikrotik I can set it up so I can have clients query the Mikrotik router for DNS, but I'd like to have the clients go directly to an IPv6 DNS server. How can I configure the Mikrotik router to give out that info?

And lastly, when I configure the Mikrotik's IPv6 DHCP client it doesn't seem to get a DHCP lease from HE. Is that normal?

Thanks!
Greg
Title: Re: RA vs DHCP? Advertise DNS?
Post by: broquea on November 26, 2012, 09:50:50 AM
You still need RA running with the correct flags set, for DHCPv6 to work. That will let you propagate out the DNS servers. HE doesn't operate DHCPv6 so you shouldn't be expecting a lease from their side, everything for the tunnel is statically configured. I do not know if DHCPv6 allows the hosts to configure privacy addresses, but that might still be an issue (assuming it was with RA autoconf, otherwise with a bit of conversion you could just match the last 64bits of an auto-conf address to the MAC in the IPv4 ARP, managed switch and mac-addr-table, etc etc).
Title: Re: RA vs DHCP? Advertise DNS?
Post by: takoateli on November 26, 2012, 10:21:15 AM
Thanks for the reply! This is new territory for me. I've got some googlin to do.


Greg
Title: Re: RA vs DHCP? Advertise DNS?
Post by: kasperd on November 26, 2012, 01:16:40 PM
But I have no control over which client receives which IPv6 address.
If you use SLAAC, then you have little control over how they are assigned. There are still some addresses left in the segment, which means you can use a few static addresses for individual hosts and let the rest have automatically assigned addresses.

There are times when I want to identify and/or bandwidth manage certain clients, so I'd like to know who has which IP address.
The router knows which MAC address each IPv6 address is used by. So if the router has proper support, it should be able to manage all of this by MAC address rather than by IP address.

If I turn off RA and switch to IPv6 DHCP can I accomplish this by handing out certain IPv6 IPs to certain DUIDs?

Also how do I advertise the IPv6 DNS server? In my Mikrotik I can set it up so I can have clients query the Mikrotik router for DNS, but I'd like to have the clients go directly to an IPv6 DNS server. How can I configure the Mikrotik router to give out that info?
There are a few different ways it can be configured.
I'm not sure if you can combine SLAAC and DHCPv6 assigned addresses on the same segment. There certainly are enough addresses in a /64 to allow for both, but I am not sure if there is a way to let each host know, which of the two it is supposed to use.

And lastly, when I configure the Mikrotik's IPv6 DHCP client it doesn't seem to get a DHCP lease from HE. Is that normal?
The tunnel link is supposed to be statically configured, so there is no need to use RA, SLAAC or DHCPv6 on that link. I don't know if HE is going to respond to router-solicitation or DHCPv6 requests, if you do send them over the tunnel. I have never needed to send any of those on any of my tunnels.

Only ::1 and ::2 are mentioned as having a specific purpose on the tunnel link. AFAIK the entire range from ::2 through ::ffff:ffff:ffff:ffff is treated identical by the tunnel server. But the ::2 is pinged to verify that there is actually a tunnel endpoint responding.