[ipv6hackers] DHCPv6-PD , TR069 and local network security
Mikael Abrahamsson
swmike at swm.pp.se
Tue Sep 3 07:24:53 CEST 2013
On Mon, 2 Sep 2013, Schmoll, Carsten wrote:
> To my knowledge, such "extended case" is not envisioned in the DHCPv6-PD use case. Correct?
> So, how could I still get my end systems configured with global IPv6 addresses from the delegated prefix space?
> (no, I don't want to use a web proxy and ULAs internally - that's like cheating around the problem ;)
A sensible ISP will give you at least a /60 which means you can have
several routers in depth, making your problem go away. Your ISP provided
CPE will do DHCPv6-PD to your CPE and then you can place all your devices
behind that.
There is work for this in several places, look at the network drawing in
<http://tools.ietf.org/html/draft-grundemann-homenet-hipnet-01#section-3.2>.
I have already tried this with several boxes, it works already today
(D-link DIR-655 hw B1 for instance). I had:
Cisco---DIR655---DIR655---PC
The Cisco delegated a /56 to the first DIR655 which then delegated a /64
to the second DIR655.
--
Mikael Abrahamsson email: swmike at swm.pp.se
More information about the Ipv6hackers
mailing list