Re: IPv6 default routes / NM vs. kernel autoconfig vs DHCP6

From: Tore Anderson <tore fud no>
To: <networkmanager-list gnome org>
Subject: Re: IPv6 default routes / NM vs. kernel autoconfig vs DHCP6
Date: Wed, 15 Aug 2012 11:09:15 +0200

* Stuart Gathman

> Forgive my ignorance, but when you have an address on a /80 LAN subnet,
> isn't it more efficient to send packets for that subnet directly, rather
> than bouncing them off a router?

Assuming the network type is broadcast/multicast capable, yes. In that
case, you'll want to advertise the prefix as on-link.

If the network type is not broadcast/multicast capable, for example
NBMA networks or Ethernet segments using PVLAN, you'll need to bounce
the traffic off the router. In this case, advertising the prefix as
off-link
is the right thing to do. However, the only reason to advertise a
off-link prefix at all is to use SLAAC, and since you can't use SLAAC
with anything but a /64, advertising a off-link /80 prefix is pointless.
But I digress...

> Unless I am missing something, you can only send the packets directly
> when you know the correct prefixlen.

Quite right. (Well, disregarding redirects.)

> is there some automatic kernel mechanism that figures out directly
> accessible prefixes?

Yes, this is precisely what you're missing. I did point this out to you
in my previous message:

«[...] what you need [...] is a on-link route. This is independent of
adressing and thus independent of DHCPv6. On-link routes are only
advertised in RAs, specifically in Prefix Information Options with the
L-flag set.»

The setup you're looking for can be expressed with this radvd.conf:

interface foo {
  # This set M=1, tells the host to go ask DHCPv6 for an address
  AdvManagedFlag on;
  # This advertises the prefix 2001:db8::/80 in a PIO
  prefix 2001:db8::/80 {
    # This sets A=0, disabling SLAAC (no address will be
auto-generated)
    # (Not strictly necessary since it's not a /64 -> SLAAC can't work)
    AdvAutonomous off;
    # This sets L=1, making the kernel add a on-link route to the
prefix
    AdvOnLink On; # *** THIS IS WHAT YOU'RE MISSING :-) ***
  };
};

Try it and see. Also, if you take the above config, but change it so
that it sets AdvManagedFlag off, you will see that you will *still* get
a on-link route to the /80 (visible in "ip -6 route"), even though you
won't have any address within that /80 at all.

The bottom line is that on-link routes and addressing are two
completely independent concepts in IPv6. On-link prefixes are *only*
advertised using ICMPv6 RA w/PIO w/L=1. Addresses are advertised using
ICMPv6 RA w/M=1 + DHCPv6 IA_NA, and/or ICMPv6 RA w/PIO w/A=1 (/64 only).
Learning an address does not mean you can invent/infer an on-link route
(this is very different from IPv4!), nor does learning an on-link prefix
mean you can invent/infer an address.

Best regards,
-- 
Tore Anderson

Follow-Ups:
- Re: IPv6 default routes / NM vs. kernel autoconfig vs DHCP6
  - From: Stuart Gathman

References:
- Re: IPv6 default routes / NM vs. kernel autoconfig vs DHCP6
  - From: Pavel Simerda
- Re: IPv6 default routes / NM vs. kernel autoconfig vs DHCP6
  - From: Stuart Gathman

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]