On 14/12/2011 11:41, Hiroki Sato wrote:
Mattia Rossi<mro...@swin.edu.au> wrote
in<4ee7cdbe.1090...@swin.edu.au>:
mr> Ok, this is something I always get a bit confused with. I understand
mr> that it's the right clean thing to set up a /64 on the interface which
mr> sends router advertisements, but I also would expect by nature, that
mr> whatever prefixlength you chose on the interface, rtadvd would simply
mr> grab the lowest /64 prefix out of the configured one to send router
mr> advertisements out.
mr>
mr> The idea there is, that you might use this router for multiple
mr> subnets, and have a single default route.
mr>
mr> Now of course to do that you'd need to configure rtadvd.conf, so I
mr> guess the whole thing missing here is a bit of documentation which
mr> says, that if you don't configure rtadvd via rtadvd.conf you're not
mr> allowed to be lazy and configure any prefix on the interface and
mr> expect rtadvd to do the right thing.
mr>
mr> It seems to me, that a lot of people (including me) would expect that,
mr> so maybe some info about that wouldn't be to bad.
I do not think it is a good idea that the rtadvd daemon automatically
splits prefixes shorter than 64 to ones with just 64. "Which prefix
should be advertised" is one of things which a sysadmin must specify
explicitly when it receives prefixes shorter than 64 via IA-PD or
something, and it should match the actual subnet structure. A simple
way to do so is to assign an address onto eth0, in his example, with
desired /64 subnet prefix from the delegated (shorter) prefix, and
run rtadvd with no configuration file. This is the expected
scenario. A /60 address assigned on eth0 does not work as a default
router address for multiple /64 subnets anyway...
This trouble is caused by misconfiguration of sla-len and non-/64
prefix is assigned unexpectedly to eth0. If all of the configuration
were correct rtadvd.conf was not needed in the first place, and even
if split /64 prefixes were automatically advertised by rtadvd at that
time the situation would not got better.
As said, I agree, it's probably not a good idea to autoselect a /64 from
a shorter prefix. But I can imagine that a lot of people out there would
expect this behaviour, and might just sit there and wonder why the hell
the RAs are not being sent, if they have an address configured on the
interface.
Most people do not look at the prefix length, also because many people
use tools which automatically set prefixes and addresses up and or
copy&paste configs from the Internet, as we've just seen.
So my suggestion here is to add some information to the rtadvd and
rtadvd.conf manual page which explicitly tells people to look at the
configured prefix length, as rtadvd will only work without configuration
if the prefix length is set to /64, and eventually point to the RFCs in
that paragraph as well.
From there people will figure out how to change their configs to get
addresses with a prefixlength of /64 themselves (e.g. change the sla-len
in the wide-dhcp client)
It's a simple addition to the manpage which helps educating people as
well and allows to keep things clean.
Mat
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
