On Tue, Jun 15, 2021 at 03:44:47PM +0100, Steve Hill via networkmanager-list wrote:
I'm trying to get to grips with IPv6-PD over PPPoE. I'm on CentOS 8 (NetworkManager 1.30) and have main.dhcp=dhclient. My PPPoE connection is set to ipv6.method=auto. With no NICs set to ipv6.manual=shared, I can see from a traffic dump that: - PPP link comes up and assigns IPv4 through LCP. - I send an IPv6 router solicitation to my ISP. - ISP responds with a router advertisement, which has the "managed address configuration" and "other configuration" flags set. - I send DHCPv6 Solicit with an IA_NA option. - ISP responds with a DHCPv6 Advertise, which does NOT contain an IPv6 address. I end up with an IPv6 default route pointing at the PPP interface, but no public IPv6. IPv6 traffic from me to a public address ends up with my link-local address as the source, which is obviously broken. Conversely, with one or more NICs set to ipv6.method=shared (even if its only a dummy NIC), I get: - PPP link comes up and assigns IPv4 through LCP. - I send an IPv6 router solicitation to my ISP. - ISP responds with a router advertisement, which has the "managed address configuration" and "other configuration" flags set. - I send DHCPv6 Solicit with IA_NA and IA_PD options. - ISP responds with a DHCPv6 Advertise, which does NOT contain an IPv6 address, but does contain my /48 public prefix. Again, the PPP NIC ends up with no public address, but now the "shared" NIC gets a public v6 address. IPv6 traffic from me to a public address ends up with the "ipv6.method=shared" NIC's address as the source, as this is the only public v6 address available. Is my ISP behaving in a broken way, by not assigning me an address in response to IA_NA, or is it standard behaviour for ISPs to only respond to IA_PD requests? It feels as though NetworkManager should always be making both IA_NA and IA_PD requests and, if it didn't receive an IA_NA response from the ISP, it should assign an address from the delegated prefix to the PPP interface. This would prevent the situation where a machine with no "ipv6.method=shared" NICs ends up with no public v6 address at all. Any insight would be appreciated - many thanks. :)
Hi, as you have seen, currently NM only requests a prefix delegation when there is an other interface in IPv6 shared mode. The IPv6 address on the PPP interface itself can only be obtained via SLAAC or DHCPv6(IA_NA), not via DHCPv6(IA_PD). I'm not sure how the latter is common; to support it, NM would need to always request a prefix delegation (even without another interface in shared mode) or, better, to have a new option to make this behavior configurable (for example, "ipv6.dhcp-request-pd=yes|no|auto"). Beniamino
Attachment:
signature.asc
Description: PGP signature