[ipv6hackers] IPv6 configure HomeNet with multiple subnets
Marc Heuse
mh at mh-sec.de
Mon Oct 30 12:38:44 CET 2017
>> Are you sure your customer-based LAN prefix is not a static assignment ?
>
> www.netcologne.de/ipv6 says: static only if you pay for it.
that is the usual in Germany, yes
> On Mo 2017-10-30 06:51, Marc wrote:
>> I don't think there is a dhcpv6 or RA daemon that handles getting the range and distributing it locally, but you might be lucky by searching the open source directory of dsl router vendors like avm etc
>
> After continuing research I found the dhcpv6 relay functionality: page 17 section 4.2 in http://klub.com.pl/dhcpv6/doc/dibbler-user.pdf
> This looks promising. But I have still no clue how to inform the isp-router (fritzbox) that my connected linux-gateway acts as router for 2001:4dd5:LLLL::/48
>
> My linux-gateway gets the following IPv6 address: 2001:4dd5:LLLL:0:NNNN:NNNN:NNNN:NNNN/64 (scope global mngtmpaddr dynamic)
>
> so the isp-router already use only a part (/64) of the /48 Range as link local network.
that is different depending on the ISP. some use the first :0::/64 of
the /48 network as the outside (internet/isp facing) network, others use
a different /64 for that.
>> Otherwise just roll your own, should be pretty easy when using RA. When the network range changes you deprecate the old one (lifetime 0) and send the new one.
>
> Yea, I hoped not need to develop my own script/daemon, because there is some ICMPv6 mechanism I just do not know right now.
>
> But still, if I go for developing my own solution, is there an ICMPv6 message that I can use to say: "Hey guys on this side, I know I am not your default gateway, but if you have packages for 2001:4dd5:LLLL::/48 you need to use me as hop."
telling hosts on the network is as easy as sending a router
advertisement ICMPv6 packet (runs continiously):
fake_router26 -R 2001:4dd5:LLLL::/48 -r 60 -l 60 -p high eth0
if you want to also do autoconfiguration on this address area, add as
options:
-A 2001:4dd5:LLLL::/48 -a 3600
if you want to deprecate the network just send this (runs for 10 seconds):
fake_router26 -R 2001:4dd5:LLLL::/48 -r 0 -l 60 -A 2001:4dd5:LLLL::/48
-a 0 -n 2 eth0
if you use debian or similar and install thc-ipv6 through apt then the
command is named atk6-fake_router26
If you need to inform the fritzbox then you need to either run a routing
protocol the fritzbox understands or configure something via the GUI or
enable the telnet daemon and fiddle there ...
Greets,
Marc
--
Marc Heuse
www.mh-sec.de
PGP: AF3D 1D4C D810 F0BB 977D 3807 C7EE D0A0 6BE9 F573
More information about the Ipv6hackers
mailing list