KEA is still a mess IMHO

Started by JamesFrisch, May 06, 2026, 09:34:40 PM

Previous topic - Next topic
Print
Go Down Pages 1 2 3
User actions
Today at 05:53:36 PM #30 Last Edit: Today at 06:08:55 PM by OPNenthu
Sorry guys, it's not a safe bet that there will always be an EUI-64 address present.  I agree there will be a stable address, but it can be what's known as a 'stable privacy' address not related to the MAC and thus not able to be guessed by Dnsmasq.

For example:

Code Select
3: enp10s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 24:xx:xx:xx:77:cd brd ff:ff:ff:ff:ff:ff
    inet 172.21.30.100/24 brd 172.21.30.255 scope global dynamic noprefixroute enp10s0
       valid_lft 77087sec preferred_lft 77087sec
    inet6 fd5a:xxxx:xxxx:1003:5dec:dd53:a78e:2964/64 scope global temporary dynamic
       valid_lft 86375sec preferred_lft 76947sec
    inet6 fd5a:xxxx:xxxx:1003:xxxx:610f:948:xxxx/64 scope global dynamic mngtmpaddr noprefixroute
       valid_lft 86375sec preferred_lft 86375sec
    inet6 fe80::xxxx:xxxx:xxxx:xxxx/64 scope link noprefixroute
       valid_lft forever preferred_lft forever

The management address here ("mngtmpaddr") does not have the signature "ff:fe" bits in the host part and the 'tmp' in the name gives it away.  The host is using this:

You cannot view this attachment.

"EUI64" is the other option on the drop-down menu, but they are mutually exclusive.
N5105 | 8/250GB | 4xi226-V | Community

https://www.youtube.com/watch?v=XI9NG068TwI
Today at 07:24:09 PM #31
Can we let this thread die now please? Its not about KEA anymore. For general discussions about IPv6 please open a new thread.

Since I develop a lot in the current KEA implementation I'd like actionable tickets that can be solved.

Thank you :)
Hardware:
DEC740
Today at 08:57:40 PM #32
Quote from: Patrick M. Hausen on May 08, 2026, 08:01:56 AMAll my servers use SLAAC. The addresses are stable unless I change the MAC address of the server for some reason. I can then point Caddy (or NginX in your case) at these addresses. DHCPv6 is rarely needed.

Interesting, I thought that I had changing IPv6, but that was in the beginning of my journey. So maybe I looked at the privacy extended IPv6 back then. So in theory, I could ditch DHCPv6, and go with SLAAC only you think?

Hmm... I have to think about that, I quiet liked to have 10.10.50.4 and 2000:2000:2000:50::4 for simplicity.
Print
Go Up Pages 1 2 3
User actions