Recently my ISP fixed the compatibility issues between their Huawei BRAS and my Junos router. After some digging, I managed to get some IPv6 address allocation for all my client devices. Here’s how I achieved it.
Disclaimer: This article assumes you have basic understanding on IPv6 as we are not going to dig into the very details of the IPv6 standards.
Planning
My router is a Juniper SRX300 (JUNOS Software Release [19.4R3-S1.3]). I have a PPPoE interface configured in a routing instance as the uplink, and multiple irb interfaces in another routing instance as the local networks. SLAAC requires at least a /64 IPv6 section per layer 2, so I have to request a DHCPv6 PD for more than /64 (my ISP currently allows up to /56) and chop the address blocks into smaller chunks, one per VLAN.
DHCPv6 Client on PPPoE
Very basic config and doesn’t have much variations. Here you can also propagate your ISP’s DNS config to your clients, but I chose to opt out.
|
1 2 3 4 5 6 7 8 9 10 |
set interfaces pp0 unit 0 ppp-options initiate-ncp ipv6 set interfaces pp0 unit 0 family inet6 rpf-check set interfaces pp0 unit 0 family inet6 dhcpv6-client client-type stateful set interfaces pp0 unit 0 family inet6 dhcpv6-client client-ia-type ia-pd set interfaces pp0 unit 0 family inet6 dhcpv6-client rapid-commit set interfaces pp0 unit 0 family inet6 dhcpv6-client prefix-delegating preferred-prefix-length 56 set interfaces pp0 unit 0 family inet6 dhcpv6-client prefix-delegating sub-prefix-length 64 set interfaces pp0 unit 0 family inet6 dhcpv6-client client-identifier duid-type duid-ll set interfaces pp0 unit 0 family inet6 dhcpv6-client retransmission-attempt 5 set interfaces pp0 unit 0 family inet6 dhcpv6-client update-server |
Prepare for Router Advertisement on LAN Interfaces
There are 2 methods to configure RA on a interface. One is to configure a static IPv6 range under protocols router-advertisement (only available under the default routing instance, and works for all the routing instances in current logical system), another is to use dhcpv6-client update-router-advertisement under a interface for dynamically-acquired address blocks. These two methods are exclusive. My ISP only offers dynamic addresses, so I’ll go with the latter one.
Enable the “other” flag here since we’ll use stateless DHCPv6 to send DNS config to the clients.
|
1 2 |
set interfaces irb unit 100 family inet6 rpf-check set interfaces pp0 unit 0 family inet6 dhcpv6-client update-router-advertisement interface irb.100 other-stateful-configuration |
Stateless DHCPv6
We can use stateless DHCPv6 server to set DNS, search domain, etc. for SLAAC clients. You may use RDNSS too, but it falls out of the scope of this article. Stateless DHCPv6 only works if the “other” flag is set in the RA, so make sure you set it.
Notes:
- If your LAN interface is in a routing instance, set everything below inside the routing instance
- access address-assignment pool <*> family is exclusive; config one family and you’ll lose everything for the other family
- access address-assignment pool <*> family inet6 prefix is required even if the pool is only used for stateless DHCPv6; just config something so that the client address can match the pool
- You can config one pool for all DHCPv6 groups under system services dhcp-local-server dhcpv6 overrides process-inform pool if their config is the same
|
1 2 3 4 5 6 7 8 9 10 11 |
set system services dhcp-local-server dhcpv6 overrides interface-client-limit 255 set system services dhcp-local-server dhcpv6 overrides rapid-commit set system services dhcp-local-server dhcpv6 overrides process-inform set system services dhcp-local-server dhcpv6 group LAN overrides process-inform pool LAN_V6 set system services dhcp-local-server dhcpv6 group LAN interface irb.100 set access address-assignment pool LAN_V6 family inet6 prefix 2000::/3 set access address-assignment pool LAN_V6 family inet6 dhcp-attributes dns-server 2001:4860:4860::8888 set access address-assignment pool LAN_V6 family inet6 dhcp-attributes dns-server 2001:4860:4860::8844 set access address-assignment pool LAN_V6 family inet6 dhcp-attributes valid-lifetime 3600 set access address-assignment pool LAN_V6 family inet6 dhcp-attributes preferred-lifetime 1800 |
DHCPv6 Client Stuck
If your PPPoE session is kicked by BRAS, the DHCPv6 client might get stuck. Use the following event script to solve the problem. (Don’t forget to adjust the interface name and routing instance name!)
|
1 2 3 |
set event-options policy PPPOE_DHCPV6_REQ events SNMP_TRAP_LINK_UP set event-options policy PPPOE_DHCPV6_REQ attributes-match SNMP_TRAP_LINK_UP.interface-name matches pp0.0 set event-options policy PPPOE_DHCPV6_REQ then execute-commands commands "request dhcpv6 client renew routing-instance ISP interface pp0.0" |