Em 09-11-2015 12:45, Sly Midnight escreveu: > I am writing the misc@openbsd.org thread to see if anyone else with IPv6 > experience on OpenBSD has noticed this behavior with the rtadvd daemon.
I did. > > I have been using OpenBSD as my firewall now for just under 4 years > (prior to that I used FreeBSD). When I first started using it I used > HE.net's tunnelbroker service to provision my internal network with an > IPv6 subnet with my firewall being the routing endpoint. I've used sixxs. > > This worked well with the rtadvd daemon even without a config, because > it was a static tunnel where the prefix of the subnet was always the > same (unless I manually did something to change it myself). The prefix sixxs give you is also static, so, rtadvd can be run without a config and everything just works. > > However sometime in late 2012 I was able to start taking advantage of > the native IPv6 of my ISP (Comcast), when I was troubleshooting some > other setup a tcpdump showed IPv6 was finally live in my area. After > going through the trouble of finding a way to make it work with a > combination of RA's (Router Advertisements) and DHCPv6, I was able to > get myself directly on my ISP's IPv6 connection. I still employed > rtadvd for provisioning IPv6 internally on my internal subnet. > > The only thing I noticed was that unlike my static IPv6 tunnel, the IPv6 > service from my ISP would change the subnet prefix almost any time the > DHCPv6 client was restarted or at a minimum the firewall was rebooted > (like when a new version of OpenBSD was released and I upgraded in place). Same here. My prefix changes every time my CPE is restarted, or the connection is lost. It stays stable across my OpenBSD firewall reboots though, since my CPE is a router and I'm not using pppoe. > > This was not a big deal as rtadvd would simply see the new prefix on my > internal interface and start sending out RA's with that prefix. And > naturally my internal clients would automatically reconfigure themselves. > > Now I've noticed for a couple releases or more rtadvd does not notice a > change of the available prefixes assigned to the interface it both > monitors and advertises on. I have not changed my config for it, as I > just run it without a configuration file invoking it's default behavior > (since I cannot know what my IPv6 prefix will be ahead of time). I noticed this same behaviour. I devised two solutions, one is to use ifstated to monitor link changes and restart rtadvd accordingly and the other is to use ULA on the internal network. > > Any idea if this was an intentional change to rtadvd or is this a bug > I've run into? I know it used to work that way. I don't know, but things have been changing fast on the IPv6 OpenBSD world. There are some things which didn't made in time for 5.8 that might help you, if you're willing to run -current. These days I prefer using ULA and making nat, so I can assure my internal address space will never change. Cheers, Giancarlo Razzolini
