IPv6 custom static interface identifier

[Migsi]

Hello!
I recently changed my ISP and now I'm getting a real dual stack (yay!) with dynamic v4 addresses and dynamic v6 /64 prefixes (nay...). So far so good, I figured out that on my linux hosts I could simply set so called IPv6 address tokens for an interface, which then are used to create the full IPv6 using SLAAC. Thus while I've got assigned prefix "A", one of my services is reachable via "A::45" and as soon as the prefix changes to "B", my service automatically gets available through "B::45". After adjusting all my linux hosts I wanted to continue with my TrueNAS 12 box, when I discovered there is no such thing as an "IPv6 address token" or "IPv6 interface identifier in FreeBSD (yet?). I spent two long days googling around, checking forums and other places of BSD knowledge exchange with no luck. I found plenty of information on the concept of address tokens itself, like in this gentoo wiki entry, but there seems to be no information on this topic related to FreeBSD at all. I hope there might some people on this forum who can enlight me a little.

EDIT: I currently use SLAAC with EUI64 host parts as a "workaround". This works perfectly fine, but is in some cases not as convenient as tokenized host parts, thus my request.

Best regards
Michael

 

[Tigersharke]

I assume the forums/sites you included were for FreeBSD-based firewalls also? I know nothing of this token concept and generally expect others to grease the networking setup for me since it always seems like voodoo or blackmagic or something rather arcane.

 

[Migsi]

Of course, with pfSense beeing the most widespread firewall, I expected to find some information on their community. But either I'm looking for the wrong terms (to name it "token" appearently is already deprecated, "interface identifier" seems to be preferred, but what do I know), or nobody running a FreeBSD system had this problem before. Even though the latter sounds kinda weird, it could perfectly make sense, as most of the people running e.g. a pfSense box probably have a static v6 prefix anyways and thus would not neccessarily need such a feature.

If i where you I'd give the basics a try ;) I learned a lot about IPv4 in school and some aspects of it always made me shiver. Let alone IPv6 at those times... But after I gave it a try, I was mind blown about how easy the basics became with v6. I'm still wondering why we didn't learn about it at school, let alone why it is still neglected.

Anyway, I'd still appreciate any hints on address tokens in FreeBSD, or suggestions on where to post about it to get this feature rollin :)

 

[Tigersharke]

I think that perhaps your search term may need to be "dynamic IPv6 subhosts" as I found this which may be in the neighborhood of what you seek, though probably oriented to OPNsense rather than vanilla FreeBSD.
Missing var LanPrefix in phpDynDNS.inc. Workaround to use dynamic IPv6 Subhosts

As for my own networking, right now I have things set and they all work, but I periodically fiddle with it and unexpectedly break something. Most issues (self-inflicted breakages) are directly on my personal box rather than the router/firewall. I use OPNsense, so what I meant is that between its guided and organized configuration panels with copious explanation directly in OPNsense itself, as well as help from OPNsense staff or tutorials, is how the whole issue is "greased" as in the tracks or wheel are greased.

 

[Migsi]

I checked for the terms you suggested but still was not able to find any relevant information. All information talking about dynamic IPv6 subhosts I found is talking about how to setup firewall rules for networks which have a changing prefix. Nobody was talking about how to setup easy, tokenized host addresses :( Thank you for your help anyway!
I probably should give it a try and post about it on the official FreeBSD forums.

Hehe, I can relate to self-inflicted breakages very well... It's not been only once I had to sit and fix something until 4AM just because I wanted to try something ^^" Still always learned somthing from those situations, I do way more research beforehand now than I did a few years ago xD

 

[Patrick M. Hausen]

Why don't you just enable "Autoconfigure IPv6"? This does SLAAC. Your system will get an EUI64 based address that will have the same host part regardless of the prefix. It's based on the MAC address.

 

[Migsi]

I'm currently doing that already ;) I probably should have stated that in the initial post. Anyway I'd prefer to use the tokenized address generation in favor of EUI64 as the resulting addresses (well, in this case host parts) are waaay easier to memorize. Not that I'd really need to memorize them as I access all my services using domain names, but in the case my DNS fails, I need to access my hosts via IP.
The whole request is absolutely only about convenience, as EUI64 represents an already perfectly viable solution.