Join Log in
Score:0
Scheintod avatar Server

ipv6 distribute an ula prefix without an router

bz flag
Scheintod

I have a network which has no ipv6 connectivity to the internet. But I'd like to play a little with private networking.

So I want to use ULAs for my devices and automatically distribute the prefix.

I know that ipv6 uses router advertisement to do so. But (hence the name...) it advertises a router, too. In my case using dnsmasq it's the address of the server running it. So it ends up in my clients as a default route.

Since I don't have a router and don't want my clients to have a default route is there a way to dynamically assign ula prefixes without a router?

And even more "advanced": Is there a way to use dhcpv6 without a router?

343
0 + 0
us flag
Lasse Michael Mølgaard
If you want to play / learn about IPv6, then I would recommend going to https://ipv6.he.net/certification/ as you will actually get a routable /64 IPv6 subnet as part of the test. As for dynamic IPv6 assignments, that is basically handled by `radvd` as it uses SLAAC to handout IPv6 addresses to the clients.
0
Reply
cn flag
hardillb
If you are not going to route traffic then just use the automatically generated LL addresses
0
Reply
Scheintod avatar
bz flag
Scheintod
@lasse. Thanks for the tip but I actually do have a tunnel there. It's just not what I can do here. (If you must know I'm behind a speedport router which is stupid and not mine and a fritzbox which is less (but still) stupid and mine but cant do magic either.)
0
Reply
us flag
Lasse Michael Mølgaard
@Scheintod: Well there is ways around THAT. I have a /48 subnet from Tunnelbroker that has an endpoint at my VPS. I then use Raspberry pi at home to make a WireGuard connection to my VPS and use the WireGuard connection to forward a /56 subnet to my home network. The router from my ISP is REALLY stupid as it is only **slightly** more advanced than a modem! It doesn't even know how to make a static route.
0
Reply
Scheintod avatar
bz flag
Scheintod
Hi Lasse. Thank you. I have a /48 on my servers. WireGuard looks nice. Perhaps I give it a try.
0
Reply
Score:1
John Mahowald avatar Server
cn flag
John Mahowald

No, Router Advertisements means the RA sender is willing to be a router, along with prefix information. And you need a router to do anything useful with IP.

Hosts will send Router Solicitations out. The Router Advertisement they get back they will assume is from a router, and use its link local address as a gateway. Benefit of this, discovering a gateway is inherent to neighbor discovery, automatic, and requires no DHCP.

Only allow RAs to be sent from hosts you wish to be routers. If you did not want dnsmasq to send RAs, disable that. Enable RAs on your router. If you aren't ready for an IPv6 implementation in production yet, practice in a test environment.

For your address plan, get a globally routable prefix from your ISP, or generate a unique ULA prefix to use. Note that ULA cannot get you to the internet.

0 + 0
Scheintod avatar
bz flag
Scheintod
Hi John. Thanks for your effort. But I really want to "do something usefull with IP" *without a router*. I know that doesn't get me to the internet. Now I want my devices to know that too even when they use ULA with the unique prefix I want them to use. But how do I get the prefix to the devices and they still know they can't get into the internet? Btw. the useful thing is playing (practicing if you will) with my local test environment. Since I can't get GUAs I want ULA to play with.
0
Reply
Scheintod avatar
bz flag
Scheintod
I give up. Dozens of ra-servers, docs, dhcpv6 servers later i admit defeat. There is no way of autoconfiguring a ipv6 network without a default route that I can find. I'm going with static addresses for now and sometime perhaps a tunnel to a better place...
0
Reply
Scheintod avatar
bz flag
Scheintod
Didn't give up. After finding rfc4861 it was not hard at all. The difference is always knowing what to look for...
0
Reply
Score:1
Scheintod avatar Server
bz flag
Scheintod

This is possible.

According to RFC 4861 (Neighbor Discovery in IPv6) Section 4.2. Router Advertisement Message Format:

Router Lifetime
[...]
A Lifetime of 0 indicates that the router is not a
default router and SHOULD NOT appear on the default
router list.  The Router Lifetime applies only to
the router's usefulness as a default router; it
does not apply to information contained in other
message fields or options.  Options that need time
limits for their information include their own
lifetime fields.

Using radvd this can be done with e.g.:

interface eth0
{
    AdvSendAdvert on;
    AdvDefaultLifetime 0;
    prefix fd10:1::/64
    {
    };
};

With dnsmasq this is what it could look like:

enable-ra
ra-param=eth0,0,0
dhcp-range=::,constructor:eth0,ra-stateless

(note the ra-param. The second zero is the router's lifetime) (although note that eth0 is configured to have fd10:1::XX/64)

Both result in an assigned prefix on the client used for stateless autoconfiguration which results in addresses like fd10:1::c00l:cafe:baad:food. No default route is set.

0 + 0
Score:0
fjch1997 avatar Server
us flag
fjch1997

Your intuition of using an DHCPv6 server without router is correct. I have just such working setup.

A windows server running DHCPv6 assigning IPv6 addresses. Clients are able to receive an IPv6 address and communicate with devices locally, without a router or receiving Router Advertisement packets.

enter image description here

enter image description here

+ 1
fjch1997 avatar
us flag
fjch1997
The reason why I have a public IPv6 address assigned but without a router is because I only found out that RRAS does not support sending out Router Advertisement... So I am in the process of setting up another router.
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.