[ipv6hackers] DHCPv6-PD , TR069 and local network security

Mikael Abrahamsson swmike at swm.pp.se
Tue Sep 3 07:24:53 CEST 2013

On Mon, 2 Sep 2013, Schmoll, Carsten wrote:

> To my knowledge, such "extended case" is not envisioned in the DHCPv6-PD use case. Correct?
> So, how could I still get my end systems configured with global IPv6 addresses from the delegated prefix space?
> (no, I don't want to use a web proxy and ULAs internally - that's like cheating around the problem ;)

A sensible ISP will give you at least a /60 which means you can have 
several routers in depth, making your problem go away. Your ISP provided 
CPE will do DHCPv6-PD to your CPE and then you can place all your devices 
behind that.

There is work for this in several places, look at the network drawing in 

I have already tried this with several boxes, it works already today 
(D-link DIR-655 hw B1 for instance). I had:


The Cisco delegated a /56 to the first DIR655 which then delegated a /64 
to the second DIR655.

Mikael Abrahamsson    email: swmike at swm.pp.se

More information about the Ipv6hackers mailing list