Hello! I’m trying to assign static DHCP leases for my small network behind MikroTik router.
I am connected to my ISP via PPPoE. I’ve configured DHCP6 client to get whole /64 prefix on my ppoe-out1 interface, it got status “bound” and received pool with given name.
Now I can set RA option in IPv6-Address List and use IPv6 on any machine, but it’s not enough-I want to set static DHCP leases to specific machines. I’ve tried to set DHCPv6 server via Winbox-I’ve specified internal interface to run it on, specified pool(which was received with DHCP6 client), specified 12h lease time and… nothing happens. Should I disable advertising? Any thoughts? Being newbie in IPv6 myself, I am open to any help. Thanks =)
DHCPv6 server in RouterOS so far only supports prefix delegation, it can’t give out addresses. You’d have to use external DHCPv6 server. Or you could disable Privacy Extensions on client devices and let them use default addresses derived from MAC addresses only (with always same right 64 bits).
DHCPv6 Server only offer prefix delegation from pools.
To get IPv6 from MikroTik in devices, only advertising them from /ipv6 address. MikroTik supports only IPv6 Stateless (advertise) for LAN clients. Maybe the IPv6 Stateful appear on RouterOS 7.
You can only use IPv6 Static if you set manually them on interfaces of devices which you desire use.
With Mikrotik, your only static option is to statically configure the address directly in your devices.
Since you’re an IPv6 newbie, then you might want to learn a bit more about what’s going on when it comes to the dynamic addressing with your network, though, read on to learn a bit…
The thing you’ll want to learn about here is called SLAAC (stateless auto adress configuration).
That’s the only dynamic end-device configuration method that Mikrotik allows.
SLAAC basically works like this:
device attaches to network and this is the conversation:
device: Any IPv6 routers here?
router: I’m a router. The IPv6 prefix here is 2001:db8:1234:5678::/64 and my router priority is XYZ
(device chooses the highest-priority reply and then uses its MAC address as a base to construct a unique 64-bit host address)*
device: Okay, all IPv6 speakers on this network, does anyone else have the address 2001:db8:1234:5678:0011:22ef:ff33:4455 ?
(nobody answers)
device uses the above as its IPv6 address.
device uses the link-local address of the router as its default gateay (the fe80:: address based on the router’s MAC)
Done.
Note the lack of DNS and the lack of any other kind of configuration information available in DHCP.
DHCPv6 supports 3 modes of operation:
-
PD - which is prefix delegation - which is what Mikrotik’s DHCPv6 server does. This is a way for routers to dynamically hand blocks of prefixes to other routers so they can use them.
-
Stateless - this is basically a DHCP server that sits there and passes out the “options” for anyone who wants them, but it does not assign individual addresses or hosts. The general idea is that SLAAC will be the method of address/gateway assignment, and the router’s announcement of the prefix will notify the hosts that they should also ask for a stateless DHCP server, and that server is where they will learn their DNS server address, timeserver, domain suffix, etc.
-
Stateful - this is pretty much the IPv6 equivalent of how DHCP works in IPv4. The server gives the clients specific addresses and tracks the availability of individual addresses within the scope, gives lease times, etc.
RouterOS does not support 2 or 3. What RouterOS DOES support is an extension to SLAAC (RDNSS) where there can be additional information in the RA messages which include the DNS server address. Guess what though - Microsoft does NOT support RDNSS. (Apple and Linux both do, but not MS). So Apple and Linux devices will work quite happily with only a Mikrotik on the network, but Microsoft, won’t learn its IPv6 DNS server addresses from a Mikrotik - you’ll have to statically configure the DNS IPv6 addresses on your computers, or else your computers will just use their IPv4 DNS servers, which works fine… Obviously this requires the device be dual-stack to operate properly. (you can ask an IPv4 DNS server a question about IPv6 addresses, so that doesn’t matter)
If you like, you can run a stateless DHCPv6 server on your network (not on the Mikrotik) and then Windows will learn the DNS server addresses dynamically as well, and can operate as a fully-functioning IPv6-only host with dynamic IPv6 everything.
*One last thing about SLAAC:
The way I explained SLAAC’s behavior is a bit of a fib in today’s world, though. In reality, Microsoft boxes nab TWO addresses - the “real” one as per the standard mechanism above, and it then generates a second random one periodically, called the “privacy” address. The computer actually uses the privacy address to make its outbound connections on the Internet. This is because if your 64-bit host ID is based on your MAC address, this can be considered a fingerprint which can be used to track your device on the Internet because ostensibly, no other device on the planet has the same MAC address as yours. You can connect to a hundred different networks a day, but if they all end with your MAC address, then it’s child’s play to track you on the Internet. Furthermore, they can correlate its movement between prefixes to track whose networks you connect to. (I think Linux and Apple use privacy addresses as well, but I could be wrong)
Thanks, everyone! Will use static, then.
Thanks @ZeroByte for this clear explanation. I was struggling for a few hours not understanding why my ROS would not answer DHCPv6 Solicit request from my computer in my LAN.
I was seeking to set static IPv6 addresses with DNS names with ROS only.
No I get it. Since this is nor supported by ROS, I have to use the advertisement only (no DNS name then…)
Thx
MikroTik, I see a lot of IPv6 / DHCPv6 threads popping up … I bet ZeroByte is getting sick of copy and pasting that big blurp he puts in. Let’s a post from you guys on when we are going to see some IPv6 / DHCPv6 love in RouterOS.