Re: Prefix delegation and IPv6 subnetting

Andrei Borzenkov <arvidjaar@xxxxxxxxx> · Sun, 10 Jul 2022 00:11:33 +0300

On 09.07.2022 18:48, Bent Bagger wrote:
> Thank you for the comments. They are most helpful.
> 
> Contrary to somebody’s belief sub-netting is indeed possible using 
> systemd in version 251.1.
> 

If you mean me, I never said that subnetting is not possible. I said
that sub-delegating is not possible.

> Here is what I have achieved so far:
> 
> My allocation from my ISP is a generous /48 (as recommended by Ripe) - 
> annotated as <PF> in the following. I have configured my main router to 
> delegate /56 prefixes to requesting routers so Net0 is delegated this: 

Mailing list is not web forum where you can scroll up to read previous
posts. On mailing list you are expected to include enough context from
the previous message. Without going to archives and searching for your
previous mail how should one know what Net0 etc means?

> <PF>:e00::/56 as evidenced by the routing tables:
> 
> |::1 dev lo proto kernel metric 256 pref medium
> <PF>:19::/64 dev enp0s3 proto ra metric 1024 expires 3090sec pref medium
> <PF>:e00::/64 dev enp0s8 proto kernel metric 256 expires 874sec pref medium
> <PF>:e01::/64 dev enp0s9 proto kernel metric 256 expires 874sec pref medium
> unreachable 2a06:4000:8073:e00::/56 dev lo proto dhcp metric 1024 pref 
> medium

Having <PF> in one line and full prefix in another line does not help in
understanding configuration. Is <PF> equal 2a06:4000:8073?

> fe80::/64 dev enp0s8 proto kernel metric 256 pref medium
> fe80::/64 dev enp0s3 proto kernel metric 256 pref medium
> fe80::/64 dev enp0s9 proto kernel metric 256 pref medium
> default via fe80::19 dev enp0s3 proto ra metric 1024 expires 874sec pref 
> medium|
> 
> Since networkd doesn’t (not yet?) include a DHCP6 server I installed an 
> ISC DHCP server on Net0 and configured it to delegate /60 prefixes to 
> requesting routers.

So you had to use external tool to implement prefix sub-delegation.
Which just confirms that it is not possible with systemd-networkd.

> Also I added this segment to the network file for 
> the downstream interface (enp0s8):
> 
> |[IPv6SendRA]
> Managed=yes
> RouterLifetimeSec=1500|
> 
> The line ‘Managed=yes’ is crucial in this context. Net2 gets this 
> routing table:
> 
> |::1 dev lo proto kernel metric 256 pref medium
> <PF>:e00::/64 dev enp0s3 proto ra metric 1024 expires 757sec pref medium
> <PF>:e80::/64 dev enp0s8 proto kernel metric 256 expires 2519453sec pref 
> medium
> unreachable <PF>:e80::/60 dev lo proto dhcp metric 1024 pref medium
> fe80::/64 dev enp0s8 proto kernel metric 256 pref medium
> fe80::/64 dev enp0s3 proto kernel metric 256 pref medium
> default via fe80::a00:27ff:fe3a:902b dev enp0s3 proto ra metric 1024 
> expires 1440sec pref medium|
> 
> Likewise Net3 ends up with this routing table:
> 
> |::1 dev lo proto kernel metric 256 pref medium
> <PF>:e80::/64 dev enp0s3 proto ra metric 1024 expires 3483sec pref medium
> fe80::/64 dev enp0s3 proto kernel metric 256 pref medium
> default via fe80::a00:27ff:fed7:6b82 dev enp0s3 proto ra metric 1024 
> expires 1083sec pref medium|
> 
> Now on to routing. Upstream routing is easy thanks to the default 
> routes, but how do I get the downstream routes established? The > delegating router should add a route for the chosen prefix to the
> requesting router, but can networkd do it or should I start looking at 
> routing protocols?
> 

It is amazing how hard this is. See as example

https://unix.stackexchange.com/questions/28106/dhcpv6-prefix-delegation-server-for-linux

The suggested patch to ISC-DHCPD sounds good, but unfortunately it is
not upstream.

https://github.com/mpalmer/isc-dhcp/blob/mpalmer/client-address-data-expression/contrib/prefix-delegation-routing.rb