Due to an influx of spam, we have had to impose restrictions on new accounts. Please see this wiki page for instructions on how to get full permissions. Sorry for the inconvenience.
Admin message
The migration is almost done, at least the rest should happen in the background. There are still a few technical difference between the old cluster and the new ones, and they are summarized in this issue. Please pay attention to the TL:DR at the end of the comment.
DHCPv6 Prefix Delegation is the best practice IPv6 deployment method and supported by most ISPs who provide native IPv6 for consumers on fixed networks. NetworkManager should support this.
In a nutshell, a CPE router (which could be a Linux box running NetworkManager) sends a DHCPv6 solicit message that includes the IA_PD option. The ISP DHCPv6 response has BOTH a IPv6 address for the CPE WAN interface AND a IPv6 prefix.
The IPv6 Prefix is typically a /56 which can be subnetted into quantity 256 /64 networks that can be assigned to internal networks.
First use case that should be supported:
Given a two interface system (WAN and LAN), NetworkManager ought to be able to be configured so that it can make a IA_PD solicitation, configure the WAN interface with the IPv6 IA_NA address, get the the prefix (IA_PD) from the response, extract the first /64 from the prefix, assign that prefix to the LAN interface and setup radvd to advertise that prefix on the LAN including setting the RDNSS option to advertise the DNS server.
That first use case will cover 90% of the need.
Additional use cases to consider:
Support multiple LAN interfaces. Extract a /64 from the prefix for each LAN interface, setup radvd to advertise on each
Support setting the AdvManagedFlag setting for radvd for radvd+DHCPv6 configurations.
Hi, setting ipv6.method=shared in the LAN connection profile should already cover the main use case and possibly some of the additional ones. Can you please try it and report how it is working for you?
I have a CentOS 8 box with NetworkManager-1.20.0-3.el8.x86_64
eth0 - internal
eth1 - WAN
The KEA server is answering the DHCPv6 request made by eth1. I have eth0 ipv6.method set to shared.
Looking at the DHCP server logs, I only see a IA_NA request, not a IA_NA plus IA_PD like I was expecting. The eth1 is getting it's static IPv6 reservation, but the prefix isn't being handled.
I have a CentOS 8 box with NetworkManager-1.20.0-3.el8.x86_64
On that version, the default main.dhcp setting is "internal", which doesn't support IPv6-PD. You'd have to configure main.dhcp=dhclient. See man NetworkManager.conf.
In 1.20.0, "internal" used an implementation based on systemd code. That code got support for PD in 3c4f70c5 (1.22.0). However, at the same time, the implementation of the "internal" plugin changes to a new nettools based code. That means, on 1.22.0, you could also use the undocumented main.dhcp=systemd plugin that now supports it. That uses the same "internal" plugin as in 1.20, but with PD support. On 1.22.0, main.dhpc=internal now means main.dhcp=nettools, and that doesn't support PD yet. It's a bit confusing. The point is, that we are replacing the implementation of the internal plugin in 1.22, and while the old implementation got support for PD, the new still doesn't.
That means, PD should work in 1.20 with main.dhcp=dhclient and in 1.22 with main.dhcp=dhclient|systemd. Most important is of course to add support for the default (internal) plugin.
NetworkManager[1245]: <debug> [1583602595.0480] device[0x560918d4b590] (eth0): activation-stage: schedule activate_stage5_ip_config_result_6,v6 (id 179)NetworkManager[1245]: <debug> [1583602595.0480] policy: ipv6-pd: eth0 needs a subnetNetworkManager[1245]: <info> [1583602595.0480] policy: ipv6-pd: no device to obtain a subnet to share on eth0 from
Result: Not working.
Notice how the -P isn't set with dhclient, and looking at the dhcp server logs, no IA_PD was requested.
How do I get the WAN interface eth1 to make the prefix request?
Is there some other setting that needs to be set?
On a side note, is it possible to set main.dhcp=dhclient with nmcli?
policy: ipv6-pd: no device to obtain a subnet to share on
NM looks for a device with (the best) IPv6 default route, where to ask for the prefix (notice that you don't configure on which interface to as for a prefix)...
possibly NM is not smart enough to recover from activating the devices in the "wrong" order... the full log should tell you more.
IPV6 is a real joke in NM! #100 (closed) is still not fixed, IPV6 should be prefered, both ipv6 DNS servers must be first and AAAA RR must be done first (yes, second is hard to do)!
@ValZapod you're in no way helping the project behaving like this, there's no need to be aggressive about a specific NM issue, we appreciate people reporting problems and we do look at them trying to address them as soon as possible.
NetworkManager, being open-source, gives you the chance to contribute yourself to the codebase so if you think this is a priority for the project or even just for yourself then submit a patch, we will gladly review it and help you to get it merged, we're always happy to welcome new contributors.
If you need help in crafting the patch or just understanding the code you can reach us on (IRC) #nm on freenode.
there is nothing special (or plugin specific) to configure. Have the other profile with ipv6.method=shared, which will imply that NM attempts to delegate a prefix.