IPv6 DUID-EN Support

Started by gstuartj, April 08, 2019, 05:18:27 PM

Previous topic - Next topic
Print
Go Down Pages 1 2
User actions
April 23, 2019, 03:29:47 AM #15
OPNSense should get it's own.  It's free and takes a couple of days.

(I just got one for my DBA).

They are FREE.
April 26, 2019, 12:43:33 PM #16
Quote from: bimmerdriver on April 23, 2019, 03:25:50 AM
This enterprise number is administered by Poul-Henning Kamp. Maybe he would explain how (or if) it's intended to be used for generating DUIDs.


It's used when generating EN type DUIDs, it's stated quite clearly in the RFC docs. The question is rather should we allow the use of other PENs or only the FreeBSD one or only the one that would be  allocated to Opnsense. The latter would be my preference but in the meantime I've used the FreeBSD one.
OPNsense 24.7 - Qotom Q355G4 - ISP - Squirrel 1Gbps.

Team Rebellion Member
April 27, 2019, 12:31:55 PM #17
1. First of all, we have to define that this is a type 2 DUID (EN) by prepending two octets: "00:02"
2. Then, we have to convert the decimal to hex and format it as four octets, so "3562" becomes "DEA". Append it to the type indicator.
April 27, 2019, 12:37:39 PM #18
That is all done and it's in the PR.
OPNsense 24.7 - Qotom Q355G4 - ISP - Squirrel 1Gbps.

Team Rebellion Member
April 28, 2019, 12:02:05 AM #19
Quote from: marjohn56 on April 27, 2019, 12:37:39 PM
That is all done and it's in the PR.

Yeah, that dude just copied two lines from a previous post of mine in this thread without context. Can't tell if they're trying to make a point or if it's some kind of spam test, honestly.
April 29, 2019, 08:41:41 PM #20
Quote from: marjohn56 on April 26, 2019, 12:43:33 PM
The question is rather should we allow the use of other PENs or only the FreeBSD one or only the one that would be allocated to Opnsense. The latter would be my preference but in the meantime I've used the FreeBSD one.

I think it's a good idea to only use the FreeBSD PEN (or a yet to register OPNsense one) for the auto generation ('Insert a new EN DUID' link). Users can always enter a DUID-EN with custom PEN by calculating and entering it manually, right? Or did you mean whether to actively block that by asking "should we allow the use of other PENs"?

(Oh, and I think you forgot the hex conversion in your PR. Should be: "\x00\x02\x00\x00\x08\xBE")

Cheers

Maurice
OPNsense virtual machine images
OPNsense aarch64 firmware repository

Commercial support & engineering available. PM for details (en / de).
April 30, 2019, 04:52:19 PM #21
We've just applied for a PEN, if it gets assigned I will make sure to post it here.
May 01, 2019, 08:39:17 PM #22
ok, we've received feedback from iana:

Quote
Your Private Enterprise Number is: 53869

Below is a copy of your PEN record. This record will be visible in the PEN registry within an hour.

The PEN registry is available at the following address:

http://www.iana.org/assignments/enterprise-numbers
Print
Go Up Pages 1 2
User actions