James Knott wrote:
Per Jessen wrote:
Per Jessen wrote:
James Knott wrote:
Per Jessen wrote:
but the only truly dynamic devices I have are phones and pads etc. Even my Android smart phone and tablet use both SLAAC & random addresses. Yes, I figure that's what I'll be doing as well.
Hmmm, I guess running both SLAAC and DHCP isn't that easy. Once I started the RA daemon on the main router/firewall, every box on the network got a global IPv6 address. I guess I have to configure them individually to use DHCP. In fact, I don't want any automatic IPv6 assignment for existing boxes - this would mean IPv6 traffic where none existed before, I can think of scripts and apps that may very well choke on that.
Why are you bothering with DHCP6? It's really not needed, unless you want to provide IPv6 server addresses to clients.
That is primarily what my current DHCP4 setup does - provides static addresses to servers. Plus default route, ntp options and any static routes needed. It's mostly a way of keeping the config central. I'm possibly just thinking in old ways too much.
As I mentioned, it's easy enough to add IPv6 addresses to DNS
But when they're randomly generated even for well-known clients, how is my DNS updated?
or hosts file, so you don't have to worry about typing in an IPv6 address.
I would still like to be able to recognize them in logs etc. With ip6?tables, tcpdump and such I'd also still want to recognize them in. For a server that has nnn.nn.2.49 today, I was thinking of assigning 2001:db8:1020:ff1::1:2049 - no problem with DHCP6.
On my network, I use the SLAAP addresses as mention. I use manual configuration for anything that's permanently attached to my network, for things like NTP & DNS server.
Okay. How do you prevent those servers from getting a randomly generated IPv6 address?
Other devices, such as my smart phone, tablet and notebook computer use DHCP to get the IPv4 address for those servers. Everything just works well and uses IPv6 whenever possible. It sounds like you're making work for yourself, when you don't have to.
I agree, that is entirely possible. -- Per Jessen, Zürich (19.2°C) http://www.dns24.ch/ - free DNS hosting, made in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org