How to Set Fix IP on WAN

[frankcrawford]

I'm trying to work out a suitable configuration to do the following, but can't do so: WAN:

• Accept the default prefix from the router (as sent in RA packet from router), and add a fixed host config (::1, WAN_NODE=1), and LAN:
• use the 1st prefix (i.e. LAN_SITE=0) given out via dhclient call to router (with a fixed host config again ::1, LAN_NODE=1)

Mostly the LAN is okay (it is getting a host entry as well, but I think that is NM doing it), but the WAN is not co-operating.

To not apply a new prefix I need to have all setting for the WAN default (or auto), but that then applies a host if address to the WAN but also seems to use the prefix from the LAN? If LAN_SITE=auto for the LAN then it allocates a host address on the right prefix.

And if I totally disable settings on the WAN interface no address is assigned, but it also seems to ignore any RA broadcasts.

Any suggestions?

[sshambar]

Do you know if the RA mark the interface as "managed"? If so, you might need to run the prefix delegation dhclient on a different port (WAN_DHCLIENT_OPTIONS="-p #"), and then let NM handle address assignment with ipv6.method=auto.

I'm actually in the middle of re-writing dhclient-ipv6-prefix to handle this exact scenario... one of my ISPs recently stopped allowing any dhclients running on non-standard ports, and so now I have to run a single dhclient with "-P -N" args and let it do prefix AND address assignment (with NM ipv6.method=link-local). However, the script didn't handle addresses (just prefixes), so I'm updating it to "do the right thing" -- in the process I'm also fixing the address/prefix assignment to include lifetimes, multiple prefixes/addresses, dns (using nmcli) and a bunch of other nice things...

Basically, it's a pretty big change and I didn't want to release it until I've tested all the corner cases on a set of VMs... but I'll probably push a development branch sometime soon.... that would then be a much better base to test your new setup (also cleaning up everything to use the Google Inc's shellstyle, and have it pass shellcheck, oh and did I mention the close to 100 tests? :)

I'll post here when the branch it up, and you can see if it "works out of the box" or it needs further tweaking for you're setup.

[frankcrawford]

Yeah, it is listed as managed by NM, so I may need your hack. So, does NM treat it differently if there is a dhclient running on that interface? It would explain it, as I tried telling your scripts to just ignore that interface and it just got a link-local address, nothing else, even though prior to implementing your scripts it was working.

BTW, two other minor items I found while exploring this: 1) RedHat and Fedora have all their interfaces marked as "ignore-carrier" so the script often times out before the link-local address is available (stupid idea by them). I've now set it to not ignore-carrier, so it won't run the script until carrier is available and so works correctly. 2) The timeout for scripts in NetworkManager is now something like 20 secs, not 3 secs, as you have in your script. It changed about 10 years ago. If you want to update it or make it configurable, it would be handy, although this didn't cause any issues once I found out about point 1.

Also, I'm willing to try your updated scripts, when you feel they are ready for testing.

[SpareSimian]

Did this make it into the master branch? I'm wanting to assign my WAN address and route by the modem's RA (ie. SLAAC), and then assign the LAN interface by prefix delegation and fire up radvd to assign addresses to LAN clients. I can then use DDNS to update my public DNS with the SLAAC address.

[sshambar]

Yes, all the edge cases should be handled gracefully with the current master branch... just set ipv6.method=link-local on the WAN in NM and then create the (perhaps empty) file nmconf/ipv6-prefix-${wan-interface}.conf. The 08-ipv6-prefix script documents all the config options... it will setup the interface to assign the RA auto addrs/routes, but will also spawn dhclient to request any DHCP delegated addresses and assign them to the WAN using nmcli. The same dhclient will also pull delegated prefixes to assign to the LAN interfaces as expected...

[SpareSimian]

Aha. Setting it to "link-local" seemed counter-intuitive since all the NM docs suggested that it prevents automatic address assignment. But I guess nmutils then takes over and implements this functionality, instead? Note that I'm using Rocky 8 (equivalent to RHEL 8) so I need to look up the matching setting in the ifcfg file. I don't see one here. https://www.thegeeksearch.com/how-to-configure-ipv6-networking-in-centos-rhel-7/ https://developer-old.gnome.org/NetworkManager/stable/nm-settings-ifcfg-rh.html

[sshambar]

Not sure when, but nm-settings-nmcli(5) for ipv6.method doesn't even document "ignore" anymore... I think they may have renamed it "link-local" (I might need to update the doc in 08-ipv6-prefix), but the network-scripts setting suggested there of IPV6INIT=no should work; if it doesn't I'll break out a VM and try Rocky out :)