68 lines
2.2 KiB
Text
68 lines
2.2 KiB
Text
+-----------------------------------------------------------------------
|
|
| Running ${PKGSTEM} on OpenBSD
|
|
+-----------------------------------------------------------------------
|
|
|
|
DHCPv6-PD (Prefix Delegation)
|
|
=============================
|
|
As OpenBSD doesn't yet support DHCPv6 in the base OS, one common use of
|
|
this package is to request Prefix Delegation from an ISP, which hands you
|
|
one or more routable IPv6 subnet that can be assigned to interfaces
|
|
facing your local network.
|
|
|
|
Here is a sample configuration achieving this, fetching addresses over the
|
|
pppoe0 interface and assigning it to multiple local networks.
|
|
|
|
Also ensure that pf.conf(5) allows DHCPv6 traffic to pass, for example:
|
|
|
|
pass out quick on pppoe0 proto udp from port dhcpv6-client \
|
|
to port dhcpv6-server received-on none
|
|
|
|
pass in quick on pppoe0 proto udp from port dhcpv6-server \
|
|
to fe80::/10 port dhcpv6-client
|
|
|
|
As usual with IPv6, you will also need to allow address resolution
|
|
(with IPv6 this is done "in band" using icmp6 packets which must be allowed
|
|
to pass PF - with IPv4 this is done by ARP which is ignored by PF).
|
|
|
|
-- -- -- -- -- --
|
|
ipv6only
|
|
noipv6rs
|
|
duid
|
|
persistent
|
|
option rapid_commit
|
|
require dhcp_server_identifier
|
|
|
|
# disable running any hooks; not typically required for simple DHCPv6-PD setup
|
|
script ""
|
|
|
|
# List interfaces explicitly so that dhcpcd doesn't touch others
|
|
allowinterfaces pppoe0 em0 vlan3 vlan5
|
|
|
|
interface pppoe0
|
|
# the following two lines tell dhcpcd to do router solicitation
|
|
# itself. don't use them if using "inet6 autoconf" (slaacd)
|
|
ipv6rs
|
|
ia_na 1
|
|
|
|
# request prefixes from the provider to use for downstream networks
|
|
ia_pd 2 em0/1 vlan3/2 vlan5/3
|
|
-- -- -- -- -- --
|
|
|
|
(By default, dhcpcd will request a prefix length that is the largest
|
|
multiple of 8 that fits the networks. In some unusual cases, the
|
|
provider may require a specific prefix length hint instead; to
|
|
modify the above example for such a provider,
|
|
"ia_pd 2/::/48 em0/1 vlan3/2 vlan5/3").
|
|
|
|
In normal cases, you would use rad(8) to advertise these prefixes to
|
|
clients. Put the following in /etc/rad.conf:
|
|
|
|
-- -- -- -- -- --
|
|
interface em0
|
|
interface vlan3
|
|
interface vlan5
|
|
-- -- -- -- -- --
|
|
|
|
And enable rad(8):
|
|
|
|
# rcctl enable rad
|