On Sat, May 2, 2026 at 5:41 PM Zack Newman <[email protected]> wrote:
> Some of what I'm about to say is conjecture; in particular I'm
> intrigued why
>
> > request prefix delegation on em0 for { em1/64 vlan66/64 }
>
> does not work for dhcp6leased(8) while
>
> > ipv6only
> > noipv6rs
> > interface em0
> > ipv6rs
> > ia_na 1
> > ia_pd 2 em1/0
> > ia_pd 3 vlan66/0
>
> works for dhcpcd(8).
Both provide a /64 on the internal interfaces but only dhcpcd gives an
address to the external interface (em0).
Must be a routing issue, as If I only request one interface pd with
dhcp6leased the downstream clients work fine. If I request and receive
two there is no ipv6 net access. Seems that with multiple ipv6 subnets
there needs to be an ipv6 address on the external interface.
As a note (with my service), requesting more than two pd's does not
work with either dhpc6leased or dhcpcd.
> Apparently Xfinity does support multiple prefix delegation requests;
> otherwise dhcpcd(8) would have failed as well. I conjecture that when
> Xfinity is requested to delegate multiple prefixes they internally
> delegate a /60 to you and manually carve out the requested /64 prefixes
> from it. Personally, even though it works, I'd configure dhcpcd(8) to
> request a /60 and have it assign /64 prefixes from that /60. For
> example my dhcpcd.conf(5) looks like:
>
> > noipv6rs
> > denyinterfaces !(ixl2)
> > allowinterfaces ixl2
> > script ""
> > link_rcvbuf 65536
> > interface ixl2
> > duid
> > iaid 0
> > ia_na 0
> > ia_pd 0/::/60 -
> > ipv6rs
> > nooption domain_name,domain_name_servers,domain_search,fqdn,
> > host_name,ntp_servers,time_offset,time_servers
> > option rapid_commit
> > persistent
> > require dhcp_server_identifier
> > waitip 64
>
> In your case you'd have something like:
>
> > ia_pd 0/::/60 em1/0/64 vlan66/1/64
>
> Note you'd also need to add those interfaces to allowinterfaces.
>
> If you wanted to test the theory that Xfinity doesn't support /63
> prefix delegations using dhcpcd(8), change above to:
>
> > ia_pd 0/::/63 em1/0/64 vlan66/1/64
>
> If IPv6 doesn't work, then that lends credence to my conjecture.
>
> To get dhcp6leased(8) to request a /60 prefix delegation and have it
> manage the /64 subnets, I think the below may work:
>
> > request prefix delegation on em0 for { em1/64 vlan66/64 reserve/61 }
>
> Per dhcp6leased.conf(5):
>
> > The special name reserve can be used to reserve space in the delegated
> > prefix for later use or when an interface is removed.
>
> Here the minimum prefix delegation necessary to support above is /60
> -the /60 will be subnetted into two /61s: one used for "reserve" while
> the other will be subnetted further into two /64s to be used for em1
> and vlan66 respectively.
>
> Do note that dhcp6leased(8) only implements DHCPv6-PD; in particular it
> does _not_ implement DHCPv6-NA. A consequence of this is that em0 will
> not have IPv6 connectivity to the global Internet. If that's important,
> then you (likely) have no choice but to use dhcpcd(8)-the line ia_na 0
> is what directs dhcpcd(8) to request a non-temporary address for ixl2.
> Xfinity is also my ISP, and it supports both DHCPv6-NA and DHCPv6-PD.
> I don't _think_ Xfinity supports RFC 6603[^1]; and even if it does,
> I'm not sure dhcp6leased(8) does. If both do though, then you can
> assign a /128-/63 to em0 from the /60. For example:
>
> > request prefix delegation on em0 for { em0/128 em1/64 vlan66/64
> reserve/61 }
None of the above contructs work at all.
