IPv6 DHCP Routing

Hi,

I have the following IPv6 subnet 2001:470:1f09:800::/64 and these addresses
are handed out correctly by dhcpd. However a single windows machine I have
insists on send all traffic destined for a 2001:470:1f09:800::/64 address to
the gateway when it should be sent straight to the device on the network.

For example it should be:
2001:470:1f09:800::10 --> 2001:470:1f09:800::5
but with this machine its:
2001:470:1f09:800::10 --> 2001:470:1f09:800::1 --> 2001:470:1f09:800::5

The IP of the gateway is 2001:470:1f09:800::1.

How do I avoid this?

Regards,
spaceman

_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users

_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users

Hi Brice,

>This seems to be a normal behaviors, because we dont have possibility to
>specify the prefix length in DHCPv6, so every simgle machine will have
>/128, then even if they are all on the same link we'll have routing, to
>avoid this,
>You can ask your router sending RA, to set the "L" flag to tell nodes to
>consider that they are on the same link, this way you could avoid all
>trafic to pass through the GW. And set manegement flag as well

I figured this out now. The reason for it was that the routing advertisement
was set for the network used by ip6 to ip4 tunnel. Thus all traffic went to
the router to be routed to the internal network. The reason why this only
happened on the windows machine is probably due to way the DHCP client works.

Internal: 2001:470:1f09:800::1/64
External: 2001:470:1f08:800::1/64

Anyway don't I feel stupid.

Thanks,
spaceman

_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users

Brice Abba <[hidden email]> wrote:

> This seems to be a normal behaviors, because we dont have possibility to specify the prefix length in DHCPv6, so every simgle machine will have /128, then even if they are all on the same link we'll have routing, to avoid this,
> You can ask your router sending RA, to set the "L" flag to tell nodes to consider that they are on the same link, this way you could avoid all trafic to pass through the GW. And set manegement flag as well

I think something is misconfigured then. The RAs should contain prefix(es)/information on what's considered on-link. If properly configured, each node should know what prefixes are on-link and should never need to send "local" traffic via a router.

There was "extensive 'discussion'"* a while back on the IETF DHC WG list about whether a DCHP server should include a prefix length with an address, and whether addres & prefix should form an "inseparable pair". I learned a lot from that, and specifically :

Each router should be advertising both the routes it can handle, and the list of prefixes on the link. Part of the information is whether a prefix should be considered "on-link" - which is a very different concept between IPv4 and IPv6. With IPv4 we've got used to "same subnet = on-link". With IPv6 we can have multiple prefixes which are all on-link, and it's supported to have an Ipv6 address which is not on-link with another address in the same prefix.

So an IPv6 is just an address, it doesn't automatically have a prefix with it (in the same way that IPv4 addresses have a subnet mask with them) - though many implementations don't support having one without the other. "on-link" is determined by reference to a list of prefixes that the router(s) tell the node are local to it - ie if the destination address is in an on-link prefix then it's on-link regardless of the source address.


* For 'discussion', read 'at times heated debate' ;-)
_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users