|
Sharing /64 subnet prefix between sixxs and eth interface
![[de]](/s/countries/de.gif) Shadow Hawkins on Monday, 25 June 2012 01:41:15
Hi,
this is more of a theoretical question as sixxs is generous enough to provide /48 prefixes to its users, but still wonder how to set up IPv6 connectivity for my network in case my provider only gave me a /64 prefix.
I guess I could just use the same prefix that I get on the sixxs interface on one of the internal eth<X> ethernet devices, too? As long as routing tables are updated to only route prefix::1/128 through tunnel interface sixxs, and all the other addresses to eth<X>?
Now I wonder why aiccu (on Debian squeeze) sets up device sixxs in a way that makes it route all the prefix/64 addresses to the sixxs device per default.
I didn't find any example configuration nor any hints when googeling for this kind of setup, so I guess it's rare?
cheers,
David
Sharing /64 subnet prefix between sixxs and eth interface
this is more of a theoretical question as sixxs is generous enough to provide /48 prefixes to its users,
Note that one gets a /64 automatically per default for each tunnel next to the tunnel's /64 which only has ::2 for the user, the /48 has to be requested.
but still wonder how to set up IPv6 connectivity for my network in case my provider only gave me a /64 prefix.
You will need to setup Neighbor Discovery proxying in that case.
I guess I could just use the same prefix that I get on the sixxs interface on one of the internal eth<X> ethernet devices, too?
No, as out of the tunnel /64 only <prefix>::1 points to the PoP and <prefix>::2 points to your side, nothing else can be used.
Though this is valid for SixXS, other providers might allow actual usage of the rest of the /64 with the help of NDProxy.
I didn't find any example configuration nor any hints when googeling for this kind of setup, so I guess it's rare?
Not rare, eg Hetzer in Germany requires it, see for instance: http://www.ipsidixit.net/2010/03/24/239/ that explains this quite well.
Sharing /64 subnet prefix between sixxs and eth interface
Shadow Hawkins on Monday, 25 June 2012 03:16:04this is more of a theoretical question as sixxs is generous enough to provide /48 prefixes to its users, Note that one gets a /64 automatically per default for each tunnel next to the tunnel's /64 which only has ::2 for the user, the /48 has to be requested.
You're right, I completely missed that. Somehow I expected this to be visible by looking at my routing tables or ifconfig output, when in fact it's only to be discovered by closely looking at sixxs.net/home :)
I guess I could just use the same prefix that I get on the sixxs interface on one of the internal eth<X> ethernet devices, too? No, as out of the tunnel /64 only <prefix>::1 points to the PoP and <prefix>::2 points to your side, nothing else can be used.
This starts to make sense.
I didn't find any example configuration nor any hints when googeling for this kind of setup, so I guess it's rare? Not rare, eg Hetzer in Germany requires it, see for instance: http://www.ipsidixit.net/2010/03/24/239/ that explains this quite well.
Thanks for the link, this solution looks ugly enough for me not to feel tempted to ever attempt implementing it (or I'd change provider to evade it).
For multiple local subnets, shorewall has pretty good bridging support, guess if I really were restricted to one /64 subnet, the cleanest solution would be to merge all subnets into one bridged network and firewall via physdev rules. Of course I can't bridge eth<X> with ppp<Y>, so NDP may still apply in Hetzner-style setups. Yuck.
Sharing /64 subnet prefix between sixxs and eth interface
Not only Hetzner does this, Free.fr also is known to require a NDP Proxy.
It indeed is not pretty, especially as one needs to add the proxie'd hosts manually unless one uses a daemon for it.
Bridging those interfaces might indeed work but it is not always how one wants to setup a topology.
|
![[ch]](/s/countries/ch.gif)
on Monday, 25 June 2012 02:00:03
Posting is only allowed when you are