On 2015-09-23, Giancarlo Razzolini <grazzol...@gmail.com> wrote: > Em 23-09-2015 11:16, Marios Makassikis escreveu: >> Rather than announcing the prefix obtained via DHCPv6-PD you can pick a >> prefix >> from fd00::/8 and announce that on your network. >> It is the equivalent to RFC1918 addresses, except it is for IPv6. > > Figured it. These are ULA, right?
yep. >> Therefore, it is >> not routable and you need to perform NAT on it. The global address is the one >> the router obtained via static configuration/SLAAC/DHCPv6, which will then be >> used by all your clients. > > It kind of defeats the purpose of IPv6, doesn't it? What is the purpose of IPv6? The main purpose that I see is "ability to continue getting internet addresses after v4 runout". (If it had been left at that and didn't change a bunch of other things at the same time, perhaps more people would be using it already). And, like it or not, the majority of network admins have learned their trade in a post-NAT world, and are relying on things which are difficult or impossible to do without that... >> Your CPE will see only the OpenBSD router's address so it should work. > > I ended up setting up a bridge for that. It's harder to filter on them > though. I plan to port some NDP proxy to OpenBSD, but all of the > candidates looked very cumbersome to my taste. I'll have eventually to > do it, unless someone else beat me to it. So you're relying on your ISPs CPE for network addressing and it doesn't have a way to add a static route? It seems like you would have the same problem with v4, doesn't it? Can you terminate the session on the OpenBSD box instead?
