Deployed IPv6 on my internal network of Linux machines. These machines work
with network-manager, dnsmasq and resolvconf. The moral of getting
IPv6 to work: radvd on the server, dhcpv6 didn't work for me.
If you want static IPv6 addresses you must disable the IPv6 privacy extensions
from within network-manager otherwise it won't work. In my case I had to
edit: /etc/NetworkManager/system-connections/Wired\ connection\ 1 and
changed:
[ipv6]
method=auto
To:
[ipv6]
method=auto
ip6-privacy=0
Settings from sysctl will be overruled... took me a while to find this.
Posted in: site
4 comments
Hi Miek,
did you enable the M-Flag and O-Flag in the Router Advertisements (radvd) to tell the clients to ask for DHCPv6?
DHCPv6 works fine for my Linux boxes, as well as for MacOS X 10.7 and Windows 7 upwards.
-- Carsten
did you enable the M-Flag and O-Flag in the Router Advertisements (radvd) to tell the clients to ask for DHCPv6?
DHCPv6 works fine for my Linux boxes, as well as for MacOS X 10.7 and Windows 7 upwards.
-- Carsten
no i didnt. i wanted to go dhcpv6 only, but radvd seems to be always needed. and with radvd running you dont really need dhcpv6...
Hi Miek,
the original design of DHCPv6 is in that way that DHCPv6 is enabled by Router Advertisements (RA). You always need the RA, to assign the routes, as DHCPv6 does not distribute a "default" route.
Some DHCPv6 clients can do DHCPv6 without receiving RAs, but maybe not this Linux you're using. But then you need to configure a route manually, not recommended.
DHCPv6 != DHCPv4 (it looks the same, but is not)
It can make sense to mix autoconfiguration via RA and DHCPv6.
One example: assign unique local (private) IPv6 addresses via RA, and global route-able IPv6 addresses (public) via DHCPv6. That way, the IPv6 addresses used to talk to the outside world are not based on the hardware (MAC) address (privacy benefit), but all internal communication (using the ULA addresses) is trackable to the physical machines in logs and in the firewall (privacy extensions turned off).
If you do not like autoconfiguration, but DHCPv6, enable the M+O-Flags and disable the autoconfiguration flag in the Router-Advertisements .
-- Carsten
the original design of DHCPv6 is in that way that DHCPv6 is enabled by Router Advertisements (RA). You always need the RA, to assign the routes, as DHCPv6 does not distribute a "default" route.
Some DHCPv6 clients can do DHCPv6 without receiving RAs, but maybe not this Linux you're using. But then you need to configure a route manually, not recommended.
DHCPv6 != DHCPv4 (it looks the same, but is not)
It can make sense to mix autoconfiguration via RA and DHCPv6.
One example: assign unique local (private) IPv6 addresses via RA, and global route-able IPv6 addresses (public) via DHCPv6. That way, the IPv6 addresses used to talk to the outside world are not based on the hardware (MAC) address (privacy benefit), but all internal communication (using the ULA addresses) is trackable to the physical machines in logs and in the firewall (privacy extensions turned off).
If you do not like autoconfiguration, but DHCPv6, enable the M+O-Flags and disable the autoconfiguration flag in the Router-Advertisements .
-- Carsten
Thanks for the extra info! It still consider it a design mistake of the ipng-wg to not re-use dhcpv4 for v6. They really did their best to make it as backwards incompatible as possible it seems...
