Package: wide-dhcpv6 / 20080615-22

0013-added-several-comments-examples-by-Stefan-Sperling.patch Patch series | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
From: SUZUKI Shinsuke <suz@kame.net>
Date: Wed, 30 Jul 2008 15:29:42 +0000
Subject: added several comments/examples. (contributed by Stefan Sperling)

---
 CHANGES            |  4 ++++
 dhcp6c.conf.sample | 43 ++++++++++++++++++++++++++++++++++++++++---
 dhcp6s.conf.sample | 54 ++++++++++++++++++++++++++++++++++++++++++++++--------
 3 files changed, 90 insertions(+), 11 deletions(-)

diff --git a/CHANGES b/CHANGES
index a1f62d8..8fa1f7b 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,7 @@
+2008-07-30  SUZUKI, Shinsuke <suz@kame.net>
+	* dhcp6[cs].conf.sample: added several comments/examples.
+	  (contributed by Stefan Sperling)
+
 	--- 20080615 tar ball released ---
 2008-05-01  SUZUKI, Shinsuke <suz@kame.net>
 	* common.c: fixed a memory leak (Bug-ID: 1847587)
diff --git a/dhcp6c.conf.sample b/dhcp6c.conf.sample
index 3aeede1..0b192b9 100644
--- a/dhcp6c.conf.sample
+++ b/dhcp6c.conf.sample
@@ -1,11 +1,31 @@
-# The followings are a sample configuration for requiring the "stateless"
-# DHCPv6 service.
+# The following is an example for use with IPv6 auto-configuration.
+# The "information-only" statement makes dhcp6c exchange informational
+# configuration parameters with servers. A list of DNS server addresses
+# is an example of such parameters. This statement is useful when the
+# client does not need stateful configuration parameters such as IPv6
+# addresses or prefixes.
+
 interface ne0 {
 	information-only;
 };
 
 
-# The followings are a sample configuration to be delegated an IPv6 prefix
+# The following is a sample configuration for a client on a LAN
+# where IPv6 addresses are assigned via DHCPv6 ("stateful address
+# assignment"). Use this if you want the client to query the
+# DHCPv6 server for an IPv6 address and for DNS servers, as in
+# traditional IPv4 DHCP.
+
+interface em0 {
+       send ia-na 0;
+       send rapid-commit;
+       send domain-name-servers;
+};
+
+id-assoc na {
+};
+
+# The following is an example configuration for delegation of an IPv6 prefix
 # from an upstream service provider.  With this configuration dhcp6c will
 # send solicit messages containing an IA_PD option, with an IAID 0, on to
 # an upstream PPP link, ppp0.  After receiving some prefixes from a server,
@@ -22,3 +42,20 @@ id-assoc pd {
                 sla-id 1;
         };
 };
+
+# If a shared secret was to be configured in both the client and the server
+# for DHCPv6 authentication, it would be specified in this file as follows:
+
+keyinfo kame-key {
+     realm "kame.net";
+     keyid 1;
+     secret "5pvW2g48OHPvkYMJSw0vZA==";
+};
+
+# And the interface statement would be modified as follows:
+
+interface ppp0 {
+     send ia-pd 0;
+     send authentication kame;
+};
+
diff --git a/dhcp6s.conf.sample b/dhcp6s.conf.sample
index a3f5f27..cd903cc 100644
--- a/dhcp6s.conf.sample
+++ b/dhcp6s.conf.sample
@@ -1,5 +1,5 @@
-# The followings are a sample configuration to provide a DNS server address
-# for every client as well as to delegate a permanent IPv6 prefix
+# The following is an example configuration which provides a DNS server
+# address to every client, and also delegates a permanent IPv6 prefix
 # 2001:db8:1111::/48 to a client whose DUID is 00:01:00:01:aa:bb.
 
 option domain-name-servers 2001:db8::35;
@@ -9,12 +9,30 @@ host kame {
 	prefix 2001:db8:1111::/48 infinity;
 };
 
-# The followings are a sample configuration to provide an IPv6 address
-# from an address pool 2001:db8:1:2::1000-2000 for 3600[s].
-# Note. You have to send an RA to fxp0; otherwise a client cannot be sure 
-# about the prefix-length and the default router.  If you want to prevent
-# stateless address configuration via RA, please set the autonomous-flag to
-# OFF in your RA configuration.
+# If a shared secret was to be configured in both the server and the client
+# for DHCPv6 authentication, it would be specified in this file as follows:
+
+keyinfo kame {
+     realm "kame.net";
+     keyid 1;
+     secret "5pvW2g48OHPvkYMJSw0vZA==";
+};
+
+# And the host statement would be modified as follows:
+
+host kame {
+     duid 00:01:00:01:aa:bb;
+     prefix 2001:db8:1111::/48 infinity;
+     delayedkey kame;
+};
+
+# The following is an example configuration which provides an IPv6 address
+# from an address pool (2001:db8:1:2::1000-2000) with a lease time of 3600
+# seconds to any client attached to the fxp0 interface. Note that you have
+# to send router advertisements on fxp0, i.e. run rtadvd(8) on that interface.
+# Otherwise a client cannot know the prefix-length and the default router.
+# If you want to prevent stateless address configuration via RA, please 
+# set the autonomous-flag to OFF in your RA configuration.
 
 interface fxp0 {
 	address-pool pool1 3600;
@@ -23,3 +41,23 @@ interface fxp0 {
 pool pool1 {
 	range 2001:db8:1:2::1000 to 2001:db8:1:2::2000 ;
 };
+
+# The following is an example configuration which provides fixed IPv6
+# addresses to two known clients. It also provides every client with a
+# DNS server. Note that you have to send router advertisements on fxp0,
+# i.e. run rtadvd(8) on the interface the clients are attached to.
+# Otherwise a client cannot know the prefix-length and the default router.
+# If you want to prevent stateless address configuration via RA, please 
+# set the autonomous-flag to OFF in your RA configuration.
+
+option domain-name-servers 2001:db8::35;
+
+host puffy {
+        duid 00:01:00:01:0f:5b:29:7f:00:04:5a:35:1e:a1;
+        address 2001:db8:111::180 infinity;
+};
+
+host tux {
+        duid  00:01:00:01:0f:36:5f:31:00:0a:e4:3e:f2:4e;
+        address 2001:db8:111::181 infinity;
+};