When I connect to eth3, I’m given 2 addresses in the same /64, however when I connect to eth3 I’m given 2 IPs in two different /64s. I suppose it’s not the end of the world, but I feel like something isn’t configured correctly.
The second thing I’m wondering about is how can I assign a static IPv6 address to clients if I’m getting a dynamic IPv6 from my ISP (it doesn’t change too often, but it does happen).
Coming from pfSense, I was able to have it assign the suffix part to clients based on the prefix my ISP provided.
eg if I was given 2607:fea8:5b00:486f::/64 from my ISP, it would assign ::1:1000 to ::1:ffff to my clients (just as an example).
I think you need to use two different address settigs for the interfaces. With this config it looks like it will assign the same address to both eth2 and eth3.
try changing address in eth3 to 1 or 3 and see what happens.
Hmmm I tried that, however I’m still getting the same result, which makes sense, because in theory then both interfaces would be given the same address as they were both ‘0’.
Can you try requesting more that a /64 from your isp? With just a single /64 yu cannot assign seperate /64’s to each of your lan interfaces which you should. Most isp’s would assign you at least a /56.
Also i am not sure if adding both interfaces to the same pd section will work.
If you only get a /64 from your ISP this shouldn’t work according to the IPv6 specs. You need a /56. ISPs shouldn’t hand out /64s at all but they do - I’m looking at you Comcast.
Okay this is going to seem like a silly question, but how do I request a /56 from my ISP? By default they only give out a /64, however if you send a prefix hint and request a /56 they will oblige.
dhcp6c should automatically take care of that when the sla-id is unique across the interfaces, like Ulrik mentioned. The docs mention the ID must be greater than 0.
And now on to my second question, which is starting to worry me that no one has said anything about it. It is possible to assign a static IPv6 address to my clients, correct?
I’m not well-versed in IPv6 enough and my lab setup doesn’t allow me to test this to inform you either way. It might be easier to understand your use-case and offer a solution.
The first thing that came to mind as something to test, would be to set up a separate VM running some ipv6 dhcp server. I don’t know how that would interact with the RA from your ISP; it wouldn’t work in the IPv4 world.
Assigning static adresses to your clients should not be impossible but kind of difficult to mange a better solution would be to use DHCPv6 with static leases.
I have experimented a bit with this but it sees that Vyos does not support getting the prefix/network part assigned form PD and then combine it with a local host part and assign the adress to you lan hosts. I know isc dhcpd supports this because i have done it on pfsense. I just seems that Vyos cannot generate the required config.
If you assign the ip using SLAAC as describe in the guide the addresses will be kind of static because they are typically generted based on the mac accress of the lan host. You will see that several os’es uses ipv6 privacy extension and generates two ipv6 addresses for each interface 1) semi permanet based on the interface mac and 2) one random that is the one use for traffic initiated form the host.
I have not tried but you should be able to use one of the generated adresses to access the host from the internet of that is your requirement.