Dualstack

Page content

DualStack & Prefix Delegation with OpenBSD

OS: OpenBSD 6.5

Hint: wide-dhcpv6-20080615p9 was not working fine. So, i gave a try with dhcpcd

Install Package

pkg_add dhcpcd-7.1.1p4

Configure dhcpcd

/etc/dhcpcd.conf
ipv6only
noipv6rs
duid
persistent
option rapid_commit
require dhcp_server_identifier

# disable running any hooks; not typically required for simple DHCPv6-PD setup
script ""

# List interfaces explicitly so that dhcpcd doesn't touch others
allowinterfaces em1 vlan108 vlan110 vlan112

interface em1
    # the following two lines tell dhcpcd to do router solicitation
    # itself. don't use them if using "inet6 autoconf" (slaacd)
    ipv6rs
    ia_na 1

    # request prefixes from the provider to use for downstream networks
    ia_pd 2 vlan108/1 vlan110/2 vlan112/3

Enable and Start Service

rcctl enable dhcpcd
rcctl restart dhcpcd

You sould now get a ip address on your public interface. adjust the pf.conf accordingly for ipv6 !

Configure rad

/etc/rad.conf
interface em1

interface vlan112 {
  prefix 2a0b:2e00:0:7c03::/64
  dns {
    nameserver 2001:4860:4860::8888
    nameserver 2001:4860:4860::8844
    nameserver 2a0b:2e00:0:7c03::1
    search planet.noflow.ch
  }
}

Enable and Start RAD

rcctl enable rad
rcctl restart rad

Edit unbound.conf

module-config: "dns64 validator iterator"
dns64-prefix: 64:ff9b::/96

Update pf.conf

# NAT 64, all outgoing traffic from vlan 112
pass  in  log quick on vlan112 inet6 from any to 64:ff9b::/96 af-to inet from (egress)

Reload unbound, pf. check log and traffic :)


Any Comments ?

sha256: 5d207bb665387c7bae85a5c1c13ca1e81467e1874617d21e75bcc546fe3f4185