I'm planning a network where a main router will obtain a /60 prefix from a cable modem and route it over a "backbone" LAN to several APs which serve users. Each AP will obtain a /64 or larger from the main router and use it to serve endpoint users. There will be no endpoint users connected directly to the "backbone" LAN.
The problem I'm having is that an ip6assign 60 on the LAN will always take the first address of the ip6assign prefix space for a local GUA on the LAN. Prefixes containing this address cannot and will not be delegated to further routers on the backbone. I would like the main router LAN serving the backbone to not have a GUA at all, it needs only have a link local and possibly a ULA for administrative connections.
What I would like is an option that has an effect like ip6ifaceid none but there is nothing documented to that effect. Trying it of course does not work (it assigns the default ::1).
I was just digging through netifd a couple weeks ago, so this sprang to mind:
I don't think you'll be able to get what you want without hacking that code or somehow messing with the interface after it's been configured. (Take that with a block of salt, I really don't understand very well what happens after that snippet...)
I'm trying to understand the code as well. It looks like the overall philosophy isn't aligned with what I want. Maybe the best way to approach it would be to have a different list that works like ip6class that are only delegated and not given interface IDs. My other thought was to have a setting of delegate 2 which means only know the prefix and delegate it, do not assign a local ifaceid IP.
I still have no idea how the prefix from a wan gets divided up and communicated to LANs. "Prefix" not a interface setting that the kernel uses. Prefix delegation involves making entries in a routing table, and loading interface specific pools of prefixes to the DHCPv6 server. Maybe ubus is involved?
I'm bumping this up since it's been really frustrating. I want the router to act like an ISP:
Take a prefix from the ISP upstream and DHCPv6 issue it (whole or in parts) to downstream router(s).
Do not locally hold an IP anywhere within that prefix. This eats up available prefix space, and I only have /60s from a cable modem. When an ISP routes a prefix to the customer, they do not hold any IPs or sub-prefixes within that prefix, the whole space is available to the customer's endpoints. I cannot get OpenWrt to work that way.
Do issue an IP from a disjoint address range, likely a ULA. That will be for management links to the downstream routers.
I think that I may need to write scripts to do this but I have no idea how odhcpd learns which addresses and prefixes to issue. It does not seem to be in any file anywhere.
Could you run a separate VLAN for each of the downstream APs? This would be on the "backbone LAN", onto which the APs "WAN" ports would be also connected, configured to use the corresponding VLAN tag.
Then, bridge each AP's "WAN" with that AP's client-facing LAN/WLAN/br-lan interface?
The main router can stay within the existing/supported pattern: Each of its "downstream" facing VLAN interfaces will host the DHCP (v4 and v6) service for the corresponding AP's clients and the AP itself, within the corresponding /64.
Effectively you're turning the downstream APs into "dumb"(er) APs instead of "also routers".
Edit: Using fewer words: Is it ok if you consolidated all "layer 3 work" into the main router?