Allow radvd and DHCPv6 server configuration for interfaces in "Track interface" mode #2314
Comments
|
Hi Robert, We're bit by bit improving DHCPv6. Some things take longer to mature, others depend on use cases and that here falls into the latter which becomes more and more useful. In general, it's perfectly possible to add this given enough thought into how it works and to minimise interference / bugs with other existing components and features. At the end of the day someone needs to spearhead the work and most of the contributors have their queue quite full of work. @marjohn56 may be interested in seeing this as well. Cheers, |
|
Hi Franco, Good to hear that you think it's possible to add this in general. You are right, this is nothing really crucial, but it comes handy when deploying IPv6 seriously, and other routers/firewalls also support it. Unfortunately, I'm not familiar with writing PHP and the little bit I once wrote quickly convinced me not to learn it. But I'll try to get my hands dirty and see how far I get. From what I understand, there shouldn't be too much involved in order to get this working and the following steps should suffice.
What do you think. Does this sound reasonable? Best regards |
|
Hi All, Yes, this would be a useful addition. This was available in pf, but it failed often due to the ISP changing the address allocation on reboot/re-connect etc. This is something I think that Opnsense handles better in that the clients all get updated correctly should such a thing happen. @fichtner is in a better place than me to confirm this is the case. We need to watch out that any static assigned addresses correctly get the prefixes updated, so that throws a small spanner in the works, not insurmountable, but it will take a little thought. |
|
@marjohn56 Hmm, what do you think could cause the prefixes not to be updated anymore when just additional prefix blocks get added to Regarding the DHCPv6 server, maybe it should only be usable for announcing DNS/NTP servers etc, and not for assigning addresses. The alternative would be a bit more involved, because it would have to invalidate leases on prefix changes and I don't know whether that's possible with the software currently used. But at least setting the prefix-independent things should be easily possible and cause no problems with tracking interfaces. |
|
Don't know without looking and doing some research & testing. ;) I'll have a look at this when I have finished working on dpinger. |
|
Ok, thanks a lot. I currently can't really test in production because I'm in the process of changing the ISP and have no prefix delegation at the moment, but I'll try to construct a test setup with delegation of ULA prefixes. |
fichtner
added
feature
|
Started playing with this. I have now got the menus up and the ability to set radvd to managed. I think the other thing we do is add and advanced flag in the config. By default the system with use RADVD when Track6 is used, keep it simple for most users. @fichtner - where do we put the option:? |
|
OK, I think I have this basically working now. I've added a config option, dhcpd6 menu options are enabled and the dhcpd6 config file is being written correctly... once some testing by guinea pigs is done then end of week for a PR with any luck. |
|
@marjohn56 Thanks for dealing with this! Right after making the contract, my kind ISP suddenly explained that there will be no IPv6 in my region in the near future... So this has currently no real-world use case for me. Don't you think it would be better to just enable both the RADVD and DHCPv6 config menus for all tracking interfaces? We could then add an option on the two config pages to allow enabling/disabling the inclusion of the delegated prefix.This way, users can configure both radvd and dhcpd just as they would with static interfaces and change parameters like DNSSL, for instance, while still benefitting from the automatically added prefix stanzas. |
|
That's what I'm doing. The options will be there to enable and adjust both. |
|
Ah, great. You seem to have edited your post from yesterday and I only read the version I got by mail. It didn't become that clear in the original post. Sorry. Thanks for your work! |
|
I don't do clear. :) |
|
OK, I am ready now for some testing. I have it working and dhcpd is handing out addresses. Took me a while to get around an in issue with Net_IPv6, but sorted now. |
|
First Commit #2460 |
|
The initial version was added to master branch for 18.7. See 733f505 |
|
@marjohn56 and @fichtner This is so great. Thanks a lot for your work! I'm excited to test it when I finally get native IPv6 connectivity at my place. OPNsense rocks. :) |
Hi,
I'm new to OPNsense and so far find it really amazing how feature-loaded it is. Thanks a lot for this great piece of software!
Now let's come to my idea...
I've got an interface configured to advertise an IPv6 prefix learned via prefix delegation as provided by most ISPs that support IPv6. So far this works well.
But now I'm curious about why one can't customize the radvd and DHCPv6 server settings for interfaces configured this way. I want, for instance, configure custom name servers and domains to be handed out via RA and DHCPv6 the same way it works for interfaces with a static IPv6 address.
I see that the configuration options are somehow limited in this scenario (e.g. specifying address ranges for DHCPv6 wouldn't make sense), but the other features of the DHCPv6 server like advertising DNS and NTP servers are still useful.
As there are sections generated in
/var/etc/radvd.conffor tracking interfaces already, do you see a way of enabling the configuration menus for these interfaces as well?Best regards
Robert
The text was updated successfully, but these errors were encountered: