Description
Currently, you must know what prefix is assigned to your router by an upstream device or via DHCPv6 in order to create prefix delegation unless you specify prefix-length:
[interfaces ethernet eth0] address dhcp address dhcpv6 description "WAN_PORT" dhcpv6-options { prefix-delegation { prefix-length 56 interface eth1 { address 1 sla-id 0 sla-len 8 } } }
In the above example, I must know that I receive a /56 and not a /48 or /60 from my upstream DHCPv6 server.
I can specify the prefix-length option to request a /56 explicitly, but if my DHCPv6 server is assigning correctly this is unnecessary. In addition, I may wish to have my configuration work in multiple environments, regardless of specific prefix-length given to delegate from.
In the past I have used EdgeOS and they handle the same configuration in the following manner:
[interfaces ethernet eth0] address dhcp address dhcpv6 description WAN_PORT dhcpv6-pd { pd 0 { interface eth1 { host-address ::1 prefix-id :1 } } }
Note that the prefix-length is set to 56 by my upstream DHCPv6 server, but no equivalent to sla-len is required. EdgeOS assumes a /64 is desired unless something else is specified, likely based on RFC7242 and the default expectations of neighbor discovery.
It does not care as long as the netmask is smaller than /64 and can have /64 networks delegated from it.
Proposal
I would like to propose the following syntax change to make configuration of DHCPv6 more clear in VyOS:
- Assume that an interface created with set dhcpv6-options prefix-delegation interface will be assigned a netmask of /64 unless the sla-len exists already
- Allow an alternative option to sla-len that allows specifying the netmask, such as sla-mask /64
- If sla-len remains, create validation error for when sla-mask and sla-len are both specified and prefix-delegation prefix-length added to sla-len does not equal sla-mask
- If sla-len does not make sense or is ambiguous to remain with sla-mask, create validation error that allows one or the other
- (Optional) Allow the address syntax to accept a netmask, consistent with how one would be set in interface ethernet iface_name address, e.g. address ::1/64
Examples
Conditions:
- User does not know what prefix will be assigned by upstream DHCPv6 server
- User does not wish to set netmask explicitly
- User wishes to set address of VyOS as ::1/64
Configuration:
[interfaces ethernet eth0] dhcpv6-options { prefix-delegation { interface eth1 { address ::1 sla-id 0 } } }
Conditions:
- User does not know what prefix will be assigned by upstream DHCPv6 server
- User wishes to explicitly use a netmask of /64
- User wishes to set address of VyOS as ::1/64
Configuration:
[interfaces ethernet eth0] dhcpv6-options { prefix-delegation { interface eth1 { address ::1/64 sla-id 0 } } }
Conditions:
- User wishes to request a specific prefix of /56 from upstream DHCPv6 server
- User assumes netmask will be /64 on LAN
- User does not care what address of VyOS is
Configuration:
[interfaces ethernet eth0] dhcpv6-options { prefix-delegation { prefix-length 56 interface eth1 { sla-id 0 } } }
Conditions:
- User wishes to request a specific prefix of /60
- User wishes to explicitly use a netmask of /64
- User does not care what address of VyOS is
Configuration:
[interfaces ethernet eth0] dhcpv6-options { prefix-delegation { prefix-length 60 interface eth1 { sla-mask /64 sla-id 0 } } }