Training

Prefix Exclude Option for DHCPv6-based Prefix Delegation

2 min read

RFC 6603(https://tools.ietf.org/html/rfc6603) (Prefix Exclude Option for DHCPv6-based Prefix Delegation) introduced a new DHCPv6 option OPTION_PD_EXCLUDE to allow exclusion of one specific prefix from a delegated prefix set when using DHCPv6-based prefix delegation. RFC 6603 Section 1 states:

The prefix exclusion mechanism is targeted at deployments where DHCPv6-based prefix delegation is used, but a single aggregated route/prefix has to represent one customer, instead of using one prefix for the link between the delegating router and the requesting router and another prefix for the customer network. The mechanism defined in this specification allows a delegating router to use a prefix out of the delegated prefix set on the link through which it exchanges DHCPv6 messages with the requesting router, and is intended for use in networks where each requesting router is on its own layer-2 domain.

CDRouter IPv6 includes support for the PD Exclude mechanism using the testvar dhcpv6WanEnablePDExclude, and is supported for all IPv6 WAN modes except 6to4 and 6rd. When dhcpv6WanEnablePD and dhcpv6WanEnablePDExclude are set to yes in the configuration file, CDRouter requires the IPv6 WAN ISP prefix (ipv6WanIspIp/ipv6WanIspPrefixLen) to be contained within the DHCPv6 WAN PD prefix (dhcpv6WanAssignPrefix/dhcpv6WanAssignPrefixLen).

Below is an example configuration that uses PD Exclude.

    testvar dhcpv6WanEnablePD                yes
    testvar dhcpv6WanEnablePDExclude         yes

    testvar dhcpv6WanAssignPrefix            3001:dddd::
    testvar dhcpv6WanAssignPrefixLen         48

    testvar ipv6WanIspIp                     3001:dddd:0:1::1
    testvar ipv6WanIspAssignIp               3001:dddd:0:1::2

    testvar ipv6WanIspPrefixLen              64

When running a package with PD Exclude enabled, if CDRouter’s DHCPv6 server finds a OPTION_PD_EXCLUDE (67) option in the Option Request Option of the DUT’s DHCPv6 Solicit, Request, Renew or Rebind message containing an IA_PD option, it will include an OPTION_PD_EXCLUDE option in the IA_PREFIX option of the IA_PD option returned in the reply message. The OPTION_PD_EXCLUDE option returned will indicate to the DUT that the IPv6 WAN ISP prefix should be excluded from the DHCPv6 WAN PD prefix.

The DUT must not assign addresses from the excluded prefix to downstream LAN clients. Also, a successful DHCPv6 handshake using the PD Exclude mechanism does not authorize the DUT to assign an address from the excluded prefix on its WAN interface. Instead, the DUT must use the normal mechanism defined by ipv6WanMode to assign itself an address (which should end up being the value of ipv6WanIspAssignIp).

Get articles like this in your inbox: