I am using dhcp6leased obtain prefix delegations from an interface in rdomain 30 for interfaces in rdomain 0. I use pf to shift outbound packets from rdomain 0 to rdomain 30; return packets match pf state to shift from rdomain 30 to rdomain 0. Everything works fine (ip4, ip6).
However, I had never turned on inet6 on lo30, so dhcp6leased was unable to assign the reject route for my entire /56. If I enable inet6 on lo30 the reject route takes precedence over pf’s state table. Return packets are rejected with a “destination unreachable” message. If I manually add routes for the delegated prefixes in rdomain 30, using the interface’s link-local address as the gateway, then the reject route is ignored and packets reach pf and flow successfully. Should dhcp6leased automatically install routes for delegated prefixes in the source interface’s rdomain when the assigned interfaces are in different rdomains? If not, what is a good way to monitor dhcp6leased for changes so I can automate adding those routes when needed? Or I could use dhcpcd since it has hooks, but I’d like to use dhcp6leased if possible. Best, Brian
