Hi all, Apologies if this is a bit off-topic, but I know there's lots of IPv6 knowledge here :-) If I have an IPv6 ULA block (or several) using SLAAC, and I want to additionally give out some static addresses in one or more of those blocks, am I right in thinking I can pick anything I like as long as it doesn't have the magic fffe in the middle? Is there a more formal approach? Is this (SLAAC plus statics where required) the normal way of doing things? Thanks, Richard
On 17/03/2018 13:44, Richard Hector wrote:
Hi all,
Apologies if this is a bit off-topic, but I know there's lots of IPv6 knowledge here :-)
If I have an IPv6 ULA block (or several)
Why mention ULAs? Your question applies equally to normal (globally routeable, GUA) addresses. ULA and GUA prefixes are treated exactly the same both in SLAAC and in DHCPv6.
using SLAAC, and I want to additionally give out some static addresses in one or more of those blocks, am I right in thinking I can pick anything I like as long as it doesn't have the magic fffe in the middle?
As far as I can see you can pick any valid /128 address in the applicable /64 prefix. The probability of a clash with a SLAAC-generated address is minimal, and duplicate address detection works. I don't see where :fffe: comes in any more, we dropped the model of making up the interface identifier from the MAC address long ago. Modern operating systems just use a pseudo-random 64 bits. Generally people seem to use small integer identifiers for servers. smtp.gmail.com is 2404:6800:4008:c00::6c for example.
Is there a more formal approach? Is this (SLAAC plus statics where required) the normal way of doing things?
I think so, except for True Believers in DHCPv6, or people who pay good money for APAM software. Regards Brian
On 17/03/18 15:36, Brian E Carpenter wrote:
On 17/03/2018 13:44, Richard Hector wrote:
Hi all,
Apologies if this is a bit off-topic, but I know there's lots of IPv6 knowledge here :-)
If I have an IPv6 ULA block (or several)
Why mention ULAs? Your question applies equally to normal (globally routeable, GUA) addresses. ULA and GUA prefixes are treated exactly the same both in SLAAC and in DHCPv6.
Fair call - I had more or less assumed that, and was contemplating doing the same thing for the GUA addresses assigned by Vodafone (FibreX) - except that prefix is dynamic. But I know my knowledge is incomplete, and the general rule of asking questions on lists is to provide whatever info might be useful.
using SLAAC, and I want to additionally give out some static addresses in one or more of those blocks, am I right in thinking I can pick anything I like as long as it doesn't have the magic fffe in the middle?
As far as I can see you can pick any valid /128 address in the applicable /64 prefix. The probability of a clash with a SLAAC-generated address is minimal, and duplicate address detection works.
I don't see where :fffe: comes in any more, we dropped the model of making up the interface identifier from the MAC address long ago. Modern operating systems just use a pseudo-random 64 bits. Generally people seem to use small integer identifiers for servers. smtp.gmail.com is 2404:6800:4008:c00::6c for example.
Ok - I clearly need a better source of current IPv6 info than arbitrary web search results :-) Any tips? Hmm, perhaps https://www.apnic.net/community/ipv6-program/ipv6-bcp/ is a good start. I notice that all my addresses do have fffe in them though, and at a quick glance are based on the MAC address (Linux - debian stretch). Maybe there's a feature I need to enable. net.ipv6.conf.eth0.use_tempaddr looks like it; presumably it won't argue with my static allocations. What happens with the duplicate address detection? The SLAAC one tries again, and my static one stays put?
Is there a more formal approach? Is this (SLAAC plus statics where required) the normal way of doing things?
I think so, except for True Believers in DHCPv6, or people who pay good money for APAM software.
Great, thanks a lot :-) Richard
On 17/03/2018 15:54, Richard Hector wrote:
On 17/03/18 15:36, Brian E Carpenter wrote:
On 17/03/2018 13:44, Richard Hector wrote:
Hi all,
Apologies if this is a bit off-topic, but I know there's lots of IPv6 knowledge here :-)
If I have an IPv6 ULA block (or several)
Why mention ULAs? Your question applies equally to normal (globally routeable, GUA) addresses. ULA and GUA prefixes are treated exactly the same both in SLAAC and in DHCPv6.
Fair call - I had more or less assumed that, and was contemplating doing the same thing for the GUA addresses assigned by Vodafone (FibreX) - except that prefix is dynamic. But I know my knowledge is incomplete, and the general rule of asking questions on lists is to provide whatever info might be useful.
using SLAAC, and I want to additionally give out some static addresses in one or more of those blocks, am I right in thinking I can pick anything I like as long as it doesn't have the magic fffe in the middle?
As far as I can see you can pick any valid /128 address in the applicable /64 prefix. The probability of a clash with a SLAAC-generated address is minimal, and duplicate address detection works.
I don't see where :fffe: comes in any more, we dropped the model of making up the interface identifier from the MAC address long ago. Modern operating systems just use a pseudo-random 64 bits. Generally people seem to use small integer identifiers for servers. smtp.gmail.com is 2404:6800:4008:c00::6c for example.
Ok - I clearly need a better source of current IPv6 info than arbitrary web search results :-) Any tips? Hmm, perhaps https://www.apnic.net/community/ipv6-program/ipv6-bcp/ is a good start.
I think it's time the books written a few years ago were updated. There are a lot of books: https://ipv6.net/books/ but I'm not sure any of them are current.
I notice that all my addresses do have fffe in them though, and at a quick glance are based on the MAC address (Linux - debian stretch). Maybe there's a feature I need to enable. net.ipv6.conf.eth0.use_tempaddr looks like it; presumably it won't argue with my static allocations.
Probably. I installed Linux Mint a few months ago on a machine and it came up using pseudo-random addresses, so it may just be you have an older default setting. It doesn't really matter, unless you are worried by the privacy implications of somebody knowing your MAC address.
What happens with the duplicate address detection? The SLAAC one tries again, and my static one stays put?
Yes. This is a design feature of SLAAC. But in a 64 bit space, the collision risk is remarkably low. Brian
Is there a more formal approach? Is this (SLAAC plus statics where required) the normal way of doing things?
I think so, except for True Believers in DHCPv6, or people who pay good money for APAM software.
Great, thanks a lot :-)
Richard _______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz https://list.waikato.ac.nz/mailman/listinfo/nznog
participants (2)
-
Brian E Carpenter -
Richard Hector