Mailinglist Archive: opensuse (686 mails)

< Previous Next >
Re: [opensuse] IPv6 - do you use SLAAC or DHCP ?
  • From: Per Jessen <per@xxxxxxxxxxxx>
  • Date: Tue, 02 Jul 2013 23:49:29 +0200
  • Message-id: <kqvhta$m3d$>
James Knott wrote:

but with FFFE inserted in the middle. With openSUSE you should have
both address types, assuming you have RADVD running somewhere to
assign the network portion of the address.

Yes, I do. Not all systems got both types though. When a system is
assigned both, which one is used for outgoing connections?

I would still like to be able to recognize them in logs etc. With
ip6?tables, tcpdump and such I'd also still want to recognize them
in. For a server that has nnn.nn.2.49 today, I was thinking of
assigning 2001:db8:1020:ff1::1:2049 - no problem with DHCP6.

Once you've been working with them for a while, you'll soon recognize
the MAC based addresses.

Hmm, I rarely recognize MAC addresses today, somehow I can't imagine
that changing :-) I occasionally recognize the OUI, but not the rest.
I guess I could live with it, but I would prefer a more recognisable
scheme. Today I have a setup with 192.68.x, where x :

2 = physical servers,
3 = printers
4 = telephones & security cameras
6 = fixed desktops & laptops,
7 = dynamic clients (usually wifi),
9 = xen servers,
13 = ILO cards
1 = everything else.

(some of these will never do IPv6 though).

On my network, I use the SLAAP addresses as mention. I use manual
configuration for anything that's permanently attached to my network,
for things like NTP & DNS server.
Okay. How do you prevent those servers from getting a randomly
generated IPv6 address?

You should have both MAC based and random addresses already. Just use
the MAC based for your servers. It doesn't matter about the random
number one, so long as your DNS or hosts file contain the MAC based.
If you have a random address, it's normally used for outgoing
connections, not incoming.

When I started radvd on the router/firewall, most of my systems only had
one address, the MAC-based one. I would not want the random address
used for outgoing connections though. (for arbitrary clients yes, but
not for anything fixed). I mean, imagine a mailserver delivering
outgoing mail from a random address??

Hmm, so with SLAAC, systems are assigned an address based on the MAC of
the interface. That doesn't change so I can set up the DNS based on
that. Do you know how I can prevent the random address from being
used/allocated? It's possible that most of our systems are too old
(pre 12.x) for the random address to work, but with 13.1M2 I got this:

2: enp3s1f0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state
UP qlen 1000
link/ether 00:15:60:57:07:f1 brd ff:ff:ff:ff:ff:ff
inet brd scope global enp3s1f0
valid_lft forever preferred_lft forever
inet6 2001:db8:2010:1ff:a5e4:4fb7:2ef0:5d1b/64 scope global
temporary dynamic
valid_lft 557201sec preferred_lft 38201sec
inet6 2001:db8:2010:1ff:215:60ff:fe57:7f1/64 scope global dynamic
valid_lft 2550353sec preferred_lft 563153sec
inet6 fe80::215:60ff:fe57:7f1/64 scope link
valid_lft forever preferred_lft forever

Per Jessen, Zürich (18.1°C) - free DNS hosting, made in Switzerland.

To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >
Follow Ups