From: SUZUKI Shinsuke Date: Wed, 30 Jul 2008 15:29:42 +0000 Subject: added several comments/examples. (contributed by Stefan Sperling) --- CHANGES | 4 ++++ dhcp6c.conf.sample | 43 ++++++++++++++++++++++++++++++++++++++++--- dhcp6s.conf.sample | 54 ++++++++++++++++++++++++++++++++++++++++++++++-------- 3 files changed, 90 insertions(+), 11 deletions(-) diff --git a/CHANGES b/CHANGES index a1f62d8..8fa1f7b 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,7 @@ +2008-07-30 SUZUKI, Shinsuke + * dhcp6[cs].conf.sample: added several comments/examples. + (contributed by Stefan Sperling) + --- 20080615 tar ball released --- 2008-05-01 SUZUKI, Shinsuke * common.c: fixed a memory leak (Bug-ID: 1847587) diff --git a/dhcp6c.conf.sample b/dhcp6c.conf.sample index 3aeede1..0b192b9 100644 --- a/dhcp6c.conf.sample +++ b/dhcp6c.conf.sample @@ -1,11 +1,31 @@ -# The followings are a sample configuration for requiring the "stateless" -# DHCPv6 service. +# The following is an example for use with IPv6 auto-configuration. +# The "information-only" statement makes dhcp6c exchange informational +# configuration parameters with servers. A list of DNS server addresses +# is an example of such parameters. This statement is useful when the +# client does not need stateful configuration parameters such as IPv6 +# addresses or prefixes. + interface ne0 { information-only; }; -# The followings are a sample configuration to be delegated an IPv6 prefix +# The following is a sample configuration for a client on a LAN +# where IPv6 addresses are assigned via DHCPv6 ("stateful address +# assignment"). Use this if you want the client to query the +# DHCPv6 server for an IPv6 address and for DNS servers, as in +# traditional IPv4 DHCP. + +interface em0 { + send ia-na 0; + send rapid-commit; + send domain-name-servers; +}; + +id-assoc na { +}; + +# The following is an example configuration for delegation of an IPv6 prefix # from an upstream service provider. With this configuration dhcp6c will # send solicit messages containing an IA_PD option, with an IAID 0, on to # an upstream PPP link, ppp0. After receiving some prefixes from a server, @@ -22,3 +42,20 @@ id-assoc pd { sla-id 1; }; }; + +# If a shared secret was to be configured in both the client and the server +# for DHCPv6 authentication, it would be specified in this file as follows: + +keyinfo kame-key { + realm "kame.net"; + keyid 1; + secret "5pvW2g48OHPvkYMJSw0vZA=="; +}; + +# And the interface statement would be modified as follows: + +interface ppp0 { + send ia-pd 0; + send authentication kame; +}; + diff --git a/dhcp6s.conf.sample b/dhcp6s.conf.sample index a3f5f27..cd903cc 100644 --- a/dhcp6s.conf.sample +++ b/dhcp6s.conf.sample @@ -1,5 +1,5 @@ -# The followings are a sample configuration to provide a DNS server address -# for every client as well as to delegate a permanent IPv6 prefix +# The following is an example configuration which provides a DNS server +# address to every client, and also delegates a permanent IPv6 prefix # 2001:db8:1111::/48 to a client whose DUID is 00:01:00:01:aa:bb. option domain-name-servers 2001:db8::35; @@ -9,12 +9,30 @@ host kame { prefix 2001:db8:1111::/48 infinity; }; -# The followings are a sample configuration to provide an IPv6 address -# from an address pool 2001:db8:1:2::1000-2000 for 3600[s]. -# Note. You have to send an RA to fxp0; otherwise a client cannot be sure -# about the prefix-length and the default router. If you want to prevent -# stateless address configuration via RA, please set the autonomous-flag to -# OFF in your RA configuration. +# If a shared secret was to be configured in both the server and the client +# for DHCPv6 authentication, it would be specified in this file as follows: + +keyinfo kame { + realm "kame.net"; + keyid 1; + secret "5pvW2g48OHPvkYMJSw0vZA=="; +}; + +# And the host statement would be modified as follows: + +host kame { + duid 00:01:00:01:aa:bb; + prefix 2001:db8:1111::/48 infinity; + delayedkey kame; +}; + +# The following is an example configuration which provides an IPv6 address +# from an address pool (2001:db8:1:2::1000-2000) with a lease time of 3600 +# seconds to any client attached to the fxp0 interface. Note that you have +# to send router advertisements on fxp0, i.e. run rtadvd(8) on that interface. +# Otherwise a client cannot know the prefix-length and the default router. +# If you want to prevent stateless address configuration via RA, please +# set the autonomous-flag to OFF in your RA configuration. interface fxp0 { address-pool pool1 3600; @@ -23,3 +41,23 @@ interface fxp0 { pool pool1 { range 2001:db8:1:2::1000 to 2001:db8:1:2::2000 ; }; + +# The following is an example configuration which provides fixed IPv6 +# addresses to two known clients. It also provides every client with a +# DNS server. Note that you have to send router advertisements on fxp0, +# i.e. run rtadvd(8) on the interface the clients are attached to. +# Otherwise a client cannot know the prefix-length and the default router. +# If you want to prevent stateless address configuration via RA, please +# set the autonomous-flag to OFF in your RA configuration. + +option domain-name-servers 2001:db8::35; + +host puffy { + duid 00:01:00:01:0f:5b:29:7f:00:04:5a:35:1e:a1; + address 2001:db8:111::180 infinity; +}; + +host tux { + duid 00:01:00:01:0f:36:5f:31:00:0a:e4:3e:f2:4e; + address 2001:db8:111::181 infinity; +};