My IPv6 ip is not static

Started by flac_rules, February 18, 2025, 08:48:39 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
February 18, 2025, 08:48:39 PM
I though (and wanted) my ipv6-ip to be static, (not the temporary ipv6-adresses of course, but the "secret" ipv6 address) but it doesn't seem to be, have i misunderstood something? Is there a setting that decides this?

My settings is  IPv6 Configuration Type: DHCPv6 with Prefix delegation size 48
February 18, 2025, 09:27:08 PM #1 Last Edit: February 18, 2025, 09:29:28 PM by meyergru
What is a "secret" address?

The first 48 bits of any routeable IPv6 (i.e. GUA) you are using is determined by your ISP. If he hands out dynamic prefixes, you obviously cannot have static GUAs, no matter how the lower 64 bits are determined. Why do you need static IPv6, seriously? If you really do, you can use only static ULAs in that situation.

Maybe it would be beneficial for you to read this.
Intel N100, 4 x I226-V, 16 GByte, 256 GByte NVME, ZTE F6005

1100 down / 770 up, Bufferbloat A
February 18, 2025, 09:32:55 PM #2
Did you set a ,,DHCP Unique Identifier" and enabled ,,Prevent release" in Interfaces->Settings?
For the unique identifier you can use the ,,insert existing DUID" below the input field.

I don't actually know if it will work, but I had the same issue. But since I set the DUID yesterday, I ll get the same prefix after a reboot. Hope it will stay that way...

This explains the DUID: https://datatracker.ietf.org/doc/html/rfc8415
February 19, 2025, 09:45:12 AM #3
Quote from: meyergru on February 18, 2025, 09:27:08 PMWhat is a "secret" address?

The first 48 bits of any routeable IPv6 (i.e. GUA) you are using is determined by your ISP. If he hands out dynamic prefixes, you obviously cannot have static GUAs, no matter how the lower 64 bits are determined. Why do you need static IPv6, seriously? If you really do, you can use only static ULAs in that situation.

Maybe it would be beneficial for you to read this.

I am sure it is not the right way to say it, but I have several adresses, some are temporary and what the outside world normally uses to communicate with my computer, but there is also the "regular" ipv6-adress which no-one needs to know besides me.

I need it because it is more convenient to communicate with my gear if they have a static address. You can get around it with dyndns and the like but a static address is useful.
February 19, 2025, 09:57:40 AM #4
Quote from: senser on February 18, 2025, 09:32:55 PMDid you set a ,,DHCP Unique Identifier" and enabled ,,Prevent release" in Interfaces->Settings?
For the unique identifier you can use the ,,insert existing DUID" below the input field.

I don't actually know if it will work, but I had the same issue. But since I set the DUID yesterday, I ll get the same prefix after a reboot. Hope it will stay that way...

This explains the DUID: https://datatracker.ietf.org/doc/html/rfc8415

Thanks, I will try that, and see how it works out.
February 19, 2025, 10:02:17 AM #5
Quote from: flac_rules on February 19, 2025, 09:45:12 AMI am sure it is not the right way to say it, but I have several adresses, some are temporary and what the outside world normally uses to communicate with my computer, but there is also the "regular" ipv6-adress which no-one needs to know besides me.

I need it because it is more convenient to communicate with my gear if they have a static address. You can get around it with dyndns and the like but a static address is useful.

What you mean is the EUI-64-derived static IPv6 (often called "management address") vs. the dynamic "privacy extensions" IPv6. How to have both is explained in the linked article.
Intel N100, 4 x I226-V, 16 GByte, 256 GByte NVME, ZTE F6005

1100 down / 770 up, Bufferbloat A
February 19, 2025, 11:55:24 AM #6 Last Edit: February 19, 2025, 11:57:41 AM by flac_rules
Quote from: meyergru on February 19, 2025, 10:02:17 AM
Quote from: flac_rules on February 19, 2025, 09:45:12 AMI am sure it is not the right way to say it, but I have several adresses, some are temporary and what the outside world normally uses to communicate with my computer, but there is also the "regular" ipv6-adress which no-one needs to know besides me.

I need it because it is more convenient to communicate with my gear if they have a static address. You can get around it with dyndns and the like but a static address is useful.

What you mean is the EUI-64-derived static IPv6 (often called "management address") vs. the dynamic "privacy extensions" IPv6. How to have both is explained in the linked article.


Just to be clear, I have both, it is just that the static address isn't static. (that is, i am not sure what the "main/static" address is derived from, but i have 4 adresses, 2 temporary ones, one link-local and one "regular")
February 19, 2025, 12:24:16 PM #7
I fully understand your situation.

Note that I said "EUI-64-derived" address, meaning the static lower 64 bits of the GUA IPv6. I told you before that if your ISP does only dynamic prefixes, the whole GUA address cannot be static.

While you can try to keep your ISP from using dynamic prefixes, most ISPs will ignore that. I also gave you a link that explains how to handle that situation for different purposes and also shows how the static lower 64 bits are generated. Please read it and then keep asking questions.

Intel N100, 4 x I226-V, 16 GByte, 256 GByte NVME, ZTE F6005

1100 down / 770 up, Bufferbloat A
February 19, 2025, 12:29:51 PM #8
OP, are you talking about LAN hosts here (as opposed to the firewall itself)?

If those hosts are Windows, this might be an interesting read: https://www.networkacademy.io/ccna/ipv6/ipv6-on-windows

If you want a "static" address on Windows hosts, I think your choices are to disable "RandomizeIdentifiers" (note that "UseTemporaryAddresses" should remain in effect), or use DHCPv6 with static mappings.
Print
Go Up Pages1
User actions