Enabling a DHCPv6 client with Prefix Delegation ability on Ubuntu Server

What is Prefix Delegation?
Prefix Delegation (PD) is a mechanism for a DHCPv6 server to let a home networking router ask for an IPv6 prefix (subnet) that the router can then split up and delegate to the clients it serves.

Why?
In the (hopefully) not too distant future, ISPs will be offering native IPv6. Since there is no NAT in IPv6, and most people have at least a couple of computers sitting behind a hardware NAT box, they will need to get IPv6 addresses for every device they have. This is done via DHCPv6 and PD. When your ISP is ready (if it isn’t already) you’ll be able to use this to participate in the IPv6 world!

How?
Let’s just dig in then!
Required software:

  • wide-dhcp6c
  • RADVD

 

Why wide-dhcp6c, instead of ISC’s dhclient with IPv6 options?

  1. IPv6 documentation on dhclient is lacking and almost non-existant.
  2. wide-dhcp6c has the ability to assign a block from the received PD block to an interface.
  3. ISC requires you to run a separate instance for v6 anyway.

 

For this example network:
eth0 = WAN (ISP facing) interface
eth1 = LAN (home network) interface

in /etc/sysctl.conf add/set:

net.ipv6.conf.all.forwarding = 1
net.ipv6.conf.eth0.accept_ra=2

This makes the server a router (forwarding = 1) and allows eth0 to continue accepting Router Advertisements to get it’s default route. (by default, it will no longer accept Router Advertisements when forwarding is set.)

in /etc/network/interfaces add/set:

iface eth0 inet6 static

We set it to static because we will not be using the ISC DHCP client to obtain our IPv6 address and prefix, we will be using the wide dhcpv6 client.

To install the wide dhcpv6 client run this on the command line:

sudo apt-get install wide-dhcpv6-client

On install, you will get a prompt like this:
click to embiggen!
Enter the WAN interface (eth0 in our case)

Configure wide dhcp6c

cd /etc/wide-dhcp6c
sudo nano dhcp6c.conf

make it look like:

interface eth0 { # external facing interface (WAN)
  send ia-na 1;
  send ia-pd 1;
  request domain-name-servers;
  request domain-name;
  script "/etc/wide-dhcpv6/dhcp6c-script";
};

id-assoc pd 1 {
  prefix-interface eth1 { #internal facing interface (LAN)
    sla-id 0; # subnet. Combined with ia-pd to configure the subnet for this interface.
    ifid 1; #IP address "postfix". if not set it will use EUI-64 address of the interface. Combined with SLA-ID'd prefix to create full IP address of interface.
    sla-len 8; # prefix bits assigned. Take the prefix size you're assigned (something like /48 or /56) and subtract it from 64. In my case I was being assigned a /56, so 64-56=8
    };
  };

  id-assoc na 1 {
  # id-assoc for eth1
};

Install RADVD

sudo apt-get install radvd

Then change the default start from S20 to S98 and add a 10 second delay (to run *after* wide-DHCPv6 is done, otherwise it can’t pick up the IPv6 prefix that has been assigned)
– get normal runlevel:

/sbin/runlevel
N 2

Go to the runlevel directory:

cd /etc/rc2.d

(replace the 2 with the number from previous command)

mv S20radvd S98radvd

Edit S98radvd and add

sleep 10

after the first set of comments.
We move it to S98 so pretty much everything else is done starting and we’re not delaying anything important by that 10 seconds.

Configure the following in /etc/radvd.conf
interface eth1 # LAN interface
{
AdvManagedFlag off; # no DHCPv6 server here.
AdvOtherConfigFlag off; # not even for options.
AdvSendAdvert on;
AdvDefaultPreference high;
AdvLinkMTU 1280;
prefix ::/64 #pick one non-link-local prefix assigned to the interface and start advertising it
{
AdvOnLink on;
AdvAutonomous on;
};
};

Restart radvd
sudo /etc/init.d/radvd restart

And if your ISP has a DHCPv6 server running, you should have a happy IPv6 address everywhere.
To check if things are working:
ifconfig eth0
ifconfig eth1
(to see if IPv6 addresses are assigned.)
If you don’t have an IPv6 address on these interfaces that doesn’t start with fe80::, then it’s likely (at this point) that your ISP doesn’t have IPv6 enabled.

11 Responses to “Enabling a DHCPv6 client with Prefix Delegation ability on Ubuntu Server”

  1. Linus says:

    Worth to mention, I had to set the prefix deligation size to make it work, like following:
    id-assoc pd 1 {
    prefix-interface eth1 {
    sla-id 0;
    sla-len 4;
    ifid 1;
    };
    };

    Seems to default to a /48 (64-48=12) but my deligation is a /60 (64-60=4)

    • ipv6_twit says:

      Yup, I’ll add that in. I had to set it to 8, due to me getting a /56, and managed to not put it in my notes. 🙂

  2. […] to these two blog posts for information on these pesky sysctl variables. Go read them, they go far deeper in depth on […]

  3. Koenraad says:

    Could you specify which OS you used to do this ?
    I tried using ubuntu 10.04LTS, with no success. Now I’m trying ubuntu 12.04LTS but I don’t know how to disable the already working dhclient -6, and I don’t know how to ask for PD with that.

    • ipv6_twit says:

      This was with ubuntu 12.04LTS Server. If you’re using the Desktop version, you’ll have to remove network-manager:
      sudo apt-get remove network-manger

  4. Koenraad says:

    I found how to disable dhclient -6 (remove the line iface eth0 inet6 dhcp).
    I also managed to give the second nic a dummy ipv6 address, based on the prefix I got from the server. I would need a better script to make an address out of the returned values.
    This helped me : http://www.jodal.no/2012/09/16/get-ipv6-setup/, but I’m stuck at transforming the returned prefix to a real address.
    I’m going to give wide-dhcpv6-client a new try on ubuntu 12.04LTS (it’s the server version I’m using).
    Thanks.

  5. Koenraad says:

    I tried wide-dhcpv6-client, but it does not work. I modified the scripts to output something to syslog, but it seems eth1 is not seen. dhcp6c-ifupdown does its work for eth0, but it does nothing for eth1.
    Any suggestions ?

  6. Shaun Brady says:

    Hello, I needed “prefix ::/56 infinity;” in my “id-assoc pd 1” section (as well as the sla-id setting) in order to convince wide to get me a /56. I was getting a /64 previously. Thanks for the walk through!

  7. Jeff Clemmons says:

    Guide worked perfectly. I had IPv6 routing set up in literally 10 minutes. Nice work!

  8. Ron Murray says:

    Thanks for the write-up. On Debian jessie, I had to change the “iface eth0 inet6 static” line in /etc/network/interfaces to “iface eth0 inet6 manual”, otherwise it complained about not having enough information and didn’t bring the interface up.

    Another problem I had was not having a default ipv6 route when the box came up. Traced that to net.ipv6.conf.eth0.accept_ra being set to 1 rather than 2, although it’s set correctly in /etc/sysctl.conf. Looks like something switched it back, so, as a workaround, added a line in /etc/rc.local:

    echo 2 > /proc/sys/net/ipv6/conf/eth0/accept_ra

    and that seems to fix it.

Leave a Reply