9

(this was flagged as off-topic over at Network Engineering, and suggested to move here)

I have finally got an IPv6 address for my network. Being able to do VoIP and peer-to-peer networking without NAT intermediaries is great. My (Linux-based) router receives a 128-bit IPv6 address corresponding with a 64-bit IPv6 subnet (e.g. 2aaa:::1234/64) from the ISP.

I'm trying to understand what is (are?) the correct, standard, flexible, future-proof ways to distribute IPv6 addresses to other systems within my home network. It appears that any of the 2^64 addresses within the /64 block assigned to the router will be routed to it. Great, but… there are a few things about IPv6 addressing and routing that are confusing me:

  1. I gather that "standard" IPv6 subnets are not supposed to be any smaller than /64. If that's the case, how is a home router with a /64 address supposed to subdivide this network to assign it to different devices within the network?
    • Is it sane/valid/reasonable for me to route the same /64 subnet to both the Internet-facing and LAN-facing interfaces of the router?
  2. Ignoring stateful firewalling, it seemed at first that I might not need the router to do anything at all other than forward IPv6 packets between its interfaces (Internet-facing and LAN-facing). It seems that the IPv6 address autoconfiguration mechanisms (SLAAC, DAD, RA) can in some cases remove the need for the intermediate router altogether; no NAT, no DHCP, nothing.
    • I tried this, but it doesn't seem to work on Android devices. If my router just forwards packets, the Android devices don't configure themselves to use IPv6; it appears I need DHCPv6 for this.
  3. Is prefix delegation part of the answer here? I'm fuzzy on exactly what it entails, but I believe it's supposed to mean that the ISP provides me with both an Internet-facing IPv6 /64 subnet as well as a LAN-facing IPv6 /64 subnet. I can't find a fully worked-through example of PD, though, and might be off-base.
    • Per rdisc6, my ISP gives me only a single /64 prefix… not multiple prefixes like in some examples I can find.

I guess what it comes down to is this: I have an Internet facing IPv6 address and 64-bit IPv6 subnet. What is the preferred standards-compliant, and ideally straightforward and portable, way for me to distribute IPv6 addresses to devices within the local network?

Dan
  • 474

2 Answers2

1

One /64 prefix is only enough for a single network, such as a single Ethernet LAN. If you want to have multiple separate IPv6 networks on your greater home network, such as a separate guest network or a separate IoT network, then you need your ISP to delegate a shorter prefix (more address space) to you, such as a /60, which would give you 16 /64's to play with. IPv6 prefix lengths are often multiples of 4 bits for various logistical reasons.

The standard way to have your devices get addresses is via SLAAC. It's universally supported and doesn't require any additional setup. I don't know why you saw an Android device fail to do SLAAC on your network. That's probably an issue to troubleshoot on your network or on your device, not a problem with all Android devices on all networks.

Prefix delegation is a way for an upstream network (router plus DHCP server) to tell a downstream router what prefix the downstream router should use on the downstream side. If you were already getting more than one /64, and you were setting up multiple separate IPv6 routers within your home, you could conceivably set up prefix delegation within your home, but that would probably be more hassle than it's worth. It would be way simpler to just manually configure each of your in-home IPv6 routers with the right prefixes, and configure your head-of-network IPv6 router with static routes to those routers.

Spiff
  • 110,156
0

On a 128 bit IPv6 address, it's spilt in half between the Network side(the first side) and the host side. You should have 2 (More but to simplify the answer)IPV6 addresses from your ISP.

The same as IPV4 you will have a fixed address for your outside interface and an internal /64 for your network. 2001::

There can be some configuration needed using SLACC or DHCPv6. You would need to look at your router(DHCP Server) and Android device settings to make sure it's all right.

I don't think it's prefix designation

https://www.cisco.com/c/en/us/support/docs/ip/ip-version-6-ipv6/113141-DHCPv6-00.html

unless you do not have an outside interface IP yet; then it would be an PPPoE issue.

Bottom line, if you only want that /64 be a single flat LAN; you're good to go. If you're doing separate networks you can break them down to /127s. The /64 matters for the network side of address to function as intended. Like if you started handing out /50s it would freak your host gear out.

If you want to post some more info we can go over it.

Dave M
  • 13,250
Reckless Liberty
  • 36