5

Experiments run on Ubuntu 22.04 and Debian 12.

I'm new to network and trying to understand if the behavior mandated by an RFC or the actual implementation: Prefixes with lengths other than 64 bits are not used for global unicast address auto-configuration.

When configuring router advertisement daemon to advertise the following prefix

interface eth0                                                                                                                                                                                                     
{                                                                                                                                                                                                                  
        AdvSendAdvert on;                                                                                                                                                                                          
        # Note: {Min,Max}RtrAdvInterval cannot be obtained with radvdump                                                                                                                                           
        AdvManagedFlag off;                                                                                                                                                                                        
        AdvOtherConfigFlag off;                                                                                                                                                                                    
        AdvReachableTime 0;                                                                                                                                                                                        
        AdvRetransTimer 0;                                                                                                                                                                                         
        AdvCurHopLimit 64;                                                                                                                                                                                         
        AdvDefaultLifetime 300;                                                                                                                                                                                    
        AdvHomeAgentFlag off;                                                                                                                                                                                      
        AdvDefaultPreference medium;                                                                                                                                                                               
        AdvSourceLLAddress on;

    prefix 1000:2000:3000:4000:5000::/80                                                                                                                                                                       
    {                                                                                                                                                                                                          
            AdvValidLifetime 86400;                                                                                                                                                                            
            AdvPreferredLifetime 14400;                                                                                                                                                                        
            AdvOnLink on;                                                                                                                                                                                      
            AdvAutonomous on;                                                                                                                                                                                  
            AdvRouterAddr off;                                                                                                                                                                                 
    }; # End of prefix definition                                                                                                                                                                              




}; # End of interface definition

I noticed the the route is configured successfully, but global unicast address does not. When changing the prefix length to /64 the global unicast address configured successfully as well.

The closest I could find is RFC 4291/2.5.4:

All Global Unicast addresses other than those that start with binary 000 have a 64-bit interface ID field (i.e., n + m = 64), formatted as described in Section 2.5.1. Global Unicast addresses that start with binary 000 have no such constraint on the size or structure of the interface ID field.

But not sure if it's relevant since it has clause regarding 000 initial prefix sequence which relaxes the requirement.

Some Name
  • 171
  • 4

3 Answers3

4

Because using network sizes other than /64 will break NDP (Neighbor Discovery Protocol), and SLAAC uses NDP for things like DAD (Duplicate Address Detection), you will break SLAAC.

See RFC 5375, IPv6 Unicast Address Assignment Considerations, especially Section 3. Subnet Prefix Considerations:

Using a subnet prefix length other than a /64 will break many features of IPv6, including Neighbor Discovery (ND), Secure Neighbor Discovery (SEND) [RFC3971], privacy extensions [RFC4941], parts of Mobile IPv6 [RFC4866], Protocol Independent Multicast - Sparse Mode (PIM-SM) with Embedded-RP [RFC3956], and Site Multihoming by IPv6 Intermediation (SHIM6) [SHIM6], among others. A number of other features currently in development, or being proposed, also rely on /64 subnet prefixes.

The exceptions to this include loopback addresses (/128) and point-to-point links (/127).

There are other RFCs which discuss this, including RFC 7421, Analysis of the 64-bit Boundary in IPv6 Addressing, particularly Section 4. Effects of Varying the Interface Identifier Length:

This section of the document analyzes the impact and effects of varying the length of an IPv6 unicast IID by reducing it to less than 64 bits.

4.1. Interaction with IPv6 Specifications

The precise 64-bit length of the IID is widely mentioned in numerous RFCs describing various aspects of IPv6. It is not straightforward to distinguish cases where this has normative impact or affects interoperability. This section aims to identify specifications that contain an explicit reference to the 64-bit length. Regardless of implementation issues, the RFCs themselves would all need to be updated if the 64-bit rule was changed, even if the updates were small, which would involve considerable time and effort.

Also, your prefix 1000:2000:3000:4000:5000::/80 is an invalid prefix at this time as it is in a Reserved range. If you want something like that, you should use ULA, where you can use fd00::/8 with 40 bits of random addressing that will give you a /48 prefix from which you can derive 65,536 /64 networks.

Ron Maupin
  • 102,040
  • 26
  • 123
  • 202
3

This is "as per design". SLAAC (and a few other misguided things) mandate a LAN prefix length of 64 bits. SLAAC "doesn't work" with other lengths because it builds addresses by adding on an EUI-64 interface identifier. The addition of privacy addresses extends SLAAC with a randomly generated 64bit address. Being a randomly generated address, it can fundamentally be other sizes, but the spec still says it MUST be 64bits.

The only way to have a LAN other than /64 within the published specs is with DHCPv6.

** You're free to ignore the specs in your own code, but the rest of the world will not agree with you. I've built linux kernels that don't follow that rule, and my network functions just fine. Of course, only the systems running my modified ipv6 stack will get an address.

[ Also, radvd should be emitting a warning about setting the "A" bit on a non-/64 prefix. ]

Ricky
  • 32,810
  • 2
  • 45
  • 85
2

Auto-configuring a Global Unicast Address (GUA) with prefixes other than the standard 64-bit length can be challenging because IPv6 was designed with a fixed 64-bit interface identifier (IID) for Stateless Address Autoconfiguration (SLAAC). However, there are some considerations and methods to handle such configurations.

Key Concepts

  1. Global Unicast Address (GUA):

    • An IPv6 address assigned to devices for communication across the global internet.
    • Typically in the range 2000::/3.

  2. Standard 64-bit IID Requirement:

    • SLAAC relies on the assumption that the prefix length is 64 bits.
    • This design simplifies generating addresses using MAC addresses (via EUI-64) or randomization.

Challenges with Non-64-bit Prefixes

  1. Incompatibility with SLAAC:

    • If the prefix is not 64 bits, SLAAC cannot function as designed.
    • Devices might fail to auto-configure a valid address.

  2. Router Advertisement (RA):

    • RAs include the prefix length. Non-64-bit lengths can confuse hosts expecting 64-bit lengths for SLAAC.

Options for Non-64-bit Prefix Configurations

  1. Static Addressing:

    • Manually assign the IPv6 address to the host with a non-64-bit prefix length.
    • Example: 
      sudo ip addr add 2001:db8::1/48 dev eth0

  2. DHCPv6:

    • Use a DHCPv6 server to assign addresses with non-64-bit prefixes.
    • This bypasses SLAAC entirely, providing full control over the prefix length.

  3. Custom Auto-Configuration Logic:

    • Some advanced network setups use custom scripts or software to generate and assign addresses dynamically based on non-64-bit prefixes.

  4. Use a 64-bit Prefix for SLAAC and Route Subnets:

    • Allocate a /64 subnet to hosts but route larger prefixes (e.g., /56, /48) to the local network.
    • This ensures compatibility with SLAAC while using broader prefixes for routing.

Router Advertisement with Non-64-bit Prefixes

  • RA Configuration:
    Some routers allow non-standard configurations in RA messages.

    • Use AdvPrefixLength in the router’s RA configuration to define the prefix length.

    Example (using radvd configuration):

    interface eth0 {
    AdvSendAdvert on;
    prefix 2001:db8:abcd::/56 {
        AdvOnLink on;
        AdvAutonomous on;
    };
};
Zac67
  • 90,111
  • 4
  • 75
  • 141
Precious Handle
  • 21
  • 2