<p>I haven't run into a Linux with DHCPv6 client software installed by default. No clue if Windows has it. It just provides the option to try an automatc address or statically assign one. I would hope it tries DHCPv6 if no router advertisements are seen.</p>
<p>--<br>
Sent from my phone... a G2 running CM7 nightlies!</p>
<div class="gmail_quote">On Feb 15, 2011 1:00 AM, "David Tomaschik" <<a href="mailto:david@systemoverlord.com">david@systemoverlord.com</a>> wrote:<br type="attribution">> Hrrm... yeah, I suppose DHCP6 would be the approach to use. Of<br>
> course, do devices that have not been manually configured try DHCP6<br>> and fall back to stateless autoconfigure? I guess some testing would<br>> be in order.<br>> <br>> As far as the routing/firewall goes: I current use an Asus RT-N16 with<br>
> DD-WRT to perform IPv4 NAT, 6rd IPv6 SIT/radvd, firewall, etc. In the<br>> past I've used a WRT54GL to create the 3 IPv4 networks<br>> (<a href="http://192.168.0.0/24">192.168.0.0/24</a>, <a href="http://192.168.1.0/24">192.168.1.0/24</a>, and <a href="http://10.100.100.0/24">10.100.100.0/24</a> for my lab).<br>
> Compared to the IPv6 subnetting, the routing & firewall should be<br>> easy, especially since it's "little" routing. (My term for anything<br>> where all the routes are static, no peering, etc.)<br>
> <br>> David<br>> <br>> On Tue, Feb 15, 2011 at 12:16 AM, Michael B. Trausch <<a href="mailto:mike@trausch.us">mike@trausch.us</a>> wrote:<br>>> On Mon, 2011-02-14 at 21:28 -0500, David Tomaschik wrote:<br>
>>> I'm no networking expert, so I hope I'm missing something here.<br>>>><br>>>> According to RFC 4291, all interface IDs for unicast addresses will be<br>>>> 64 bits in length. It's also widely believed that most residential<br>
>>> ISPs will hand out a /64 on a per-client basis. Because IPv6 does not<br>>>> have the concept of NAT, it seems that this forces all of the<br>>>> computers on that connection to be on a single subnet.<br>
>><br>>> More or less. Though it isn't exactly as black-and-white as all that.<br>>> There are options (albeit non-standard). It is (technically) possible to<br>>> do things that are slightly more complicated, at the expense of not<br>
>> being able to use stateless autoconfiguration).<br>>><br>>>> This is rather disappointing to me, as in the past I have run 3 NAT<br>>>> subnets off a single NAT router/firewall. I've used one as my<br>
>>> "regular" LAN (workstations, one wifi SSID), a "guest" LAN (another<br>>>> SSID with a different key for my guests) and a lab network (for<br>>>> testing things I'd rather keep separate). It seems to me that under<br>
>>> IPv6 this addressing scheme will be impossible unless I can convince<br>>>> my ISP to hand out a /56. (Or, I suppose, multiple /64s and have<br>>>> multiple (virtual) interfaces on the router.)<br>
>><br>>> It is possible to subnet further than /64, at least as I understand it.<br>>> So, let's say you've got a /64 prefix 2001:db8:49a1:39be::/64.<br>>><br>>> Now, you want three subnetworks from that. You will need a router at<br>
>> your network's edge (a true router; not a NAT). And of course, if you<br>>> desire firewalling, you'll want that at the edge of your network. The<br>>> router is likely then to be connected to all three subnetworks, and to<br>
>> the Internet. (At least, that's how I would likely do it, unless you<br>>> have a device like a WRT54G that will perform routing, but you'll need<br>>> to configure that specially for that purpose).<br>
>><br>>> Now, then, you can subnet two ways: take a nybble for the subnetwork, or<br>>> take a byte. If you have 3 subnets, and you don't think you'll ever go<br>>> above 16 subnets, take a nibble. That means your prefix that you'll<br>
>> actually use will be one of sixteen different /68 subnetworks inside<br>>> your /64. (For that matter, you can take just two bits, and have<br>>> exactly three subnetworks. Up to you---but either way, you break<br>
>> stateless autoconf, so might as well do four or eight bits and move on.)<br>>> If you take a nybble, then you will have the following subnetworks<br>>> available to use:<br>>><br>>> 2001:db8:49a1:39be:0000::/68 2001:db8:49a1:39be:8000::/68<br>
>> 2001:db8:49a1:39be:1000::/68 2001:db8:49a1:39be:9000::/68<br>>> 2001:db8:49a1:39be:2000::/68 2001:db8:49a1:39be:a000::/68<br>>> 2001:db8:49a1:39be:3000::/68 2001:db8:49a1:39be:b000::/68<br>
>> 2001:db8:49a1:39be:4000::/68 2001:db8:49a1:39be:c000::/68<br>>> 2001:db8:49a1:39be:5000::/68 2001:db8:49a1:39be:d000::/68<br>>> 2001:db8:49a1:39be:6000::/68 2001:db8:49a1:39be:e000::/68<br>
>> 2001:db8:49a1:39be:7000::/68 2001:db8:49a1:39be:f000::/68<br>>><br>>> The three zeros you see in each address there is, of course, part of the<br>>> host section, since each hex digit maps exactly to one nybble.<br>
>><br>>> If you use a /72 then you would have 256 subnetworks. Either way, you<br>>> need to use static addresses, stateless algorithmic address generation<br>>> (e.g., custom software to create shorter addresses in a stateless<br>
>> manner), or DHCPv6.<br>>><br>>> Your nodes will still make their link-local addresses the same way. And<br>>> as far as your ISP is concerned, you're using your /64. The details of<br>>> your routing behind that /64 do not matter to them: your address space<br>
>> is perfectly opaque as far as they're concerned.<br>>><br>>> You could actually, if you really wanted to, make subnetwork prefixes as<br>>> long as /112 or /120 or /126 if you wanted really small networks. I<br>
>> mean, crap. You've got 64 bits of network space to carve up and do with<br>>> what you wish. :-)<br>>><br>>> Now, that said, here is a BIG DISCLAIMER: I have never *actually*<br>>> performed this. I believe that Linux allows it; based on my<br>
>> understanding, any standards-compliant operating system should. YMMV.<br>>><br>>> --- Mike<br>>><br>>> _______________________________________________<br>>> Ale mailing list<br>
>> <a href="mailto:Ale@ale.org">Ale@ale.org</a><br>>> <a href="http://mail.ale.org/mailman/listinfo/ale">http://mail.ale.org/mailman/listinfo/ale</a><br>>> See JOBS, ANNOUNCE and SCHOOLS lists at<br>>> <a href="http://mail.ale.org/mailman/listinfo">http://mail.ale.org/mailman/listinfo</a><br>
>><br>>><br>> <br>> <br>> <br>> -- <br>> David Tomaschik, RHCE, LPIC-1<br>> System Administrator/Open Source Advocate<br>> OpenPGP: 0x5DEA789B<br>> <a href="http://systemoverlord.com">http://systemoverlord.com</a><br>
> <a href="mailto:david@systemoverlord.com">david@systemoverlord.com</a><br>> <br>> _______________________________________________<br>> Ale mailing list<br>> <a href="mailto:Ale@ale.org">Ale@ale.org</a><br>
> <a href="http://mail.ale.org/mailman/listinfo/ale">http://mail.ale.org/mailman/listinfo/ale</a><br>> See JOBS, ANNOUNCE and SCHOOLS lists at<br>> <a href="http://mail.ale.org/mailman/listinfo">http://mail.ale.org/mailman/listinfo</a><br>
</div>