Unique IPv6 Prefix per Host RFC8273

Hello everyone,

Whether it's possible to assign unique /64 IPv6 prefix per host via SLAAC from ISPs DHCP-PD /56 by means of openwrt configuration?
So each end-host device will have its own unique /64 IPv6 prefix that does not change over time.
For example DHCP-PD from ISP is 2001:abcd::/56

  1. Android smartphone should obtain 2001:abcd:0:1::/64
  2. Laptop should obtain 2001:abcd:0:2/64
  3. etc

Semi-automatic or manual /64 IPv6 prefixes configuration is also an option.

1 Like

Understanding the use case you have in mind would be helpful.

DHCPv6 or manual configuration of the hosts is a straightforward way of accomplishing this without SLAAC.

Splitting the /64s across multiple VLANs/network segments with an appropriate RA for each would be another approach.

2 Likes

If I understand you clearly:

  • As @jeff said, make a /64 subnet for each device
  • Assigning a subnet larger than /64 - but technically that would not make it a unique prefix; but a longer host address

Understanding the use case you have in mind would be helpful.

Due to IPv6 Privacy extensions it is not possible to identify particular device on the ISP network. So I want to have unique IPv6 Prefix per Host within my LAN = L2 broadcast domain (one VLAN ) to apply per device policy to it on the provider network.

DHCPv6 or manual configuration of the hosts is a straightforward way of accomplishing this without SLAAC.

Unfortunately, Android does not support DHCPv6 stateful (https://issuetracker.google.com/issues/36949085), it's huge number of devices.
Yes, manual configuration is a good way to accomplish this, but I'm trying to find how i can do it using SLAAC (autoconfiguration).

Splitting the /64s across multiple VLANs/network segments with an appropriate RA for each would be another approach.

I was thinking about several SSIDs connected to a different interfaces with appropriate RA for each and limit the number of devices that can connect to each SSID to 1 device, but it looks like workaround, not the solution.

How about 802.1x and dynamic VLANs?
https://openwrt.org/docs/guide-user/network/wifi/wireless.security.8021x#x_dynamic_vlans_on_an_openwrt_router