IPv6 deployment "howto"

Mark J Elkins mje at posix.co.za
Mon Oct 8 12:14:06 CEST 2007


Alan DeKok wrote:
> Mark J Elkins wrote:
>   
>> I'm looking for some assistance on deploying IPv6.
>> I'm currently using FreeRADIUS Version 1.1.6. I have for testing a Cisco
>> 3640 running C3640-IK9S-M.
>> The cisco has properly routable IPv6 addresses on its Ethernet and
>> Loopback.
>>     
>
>   Version 1.1.6 doesn't support IPv6.
>   
>From the Wiki...
http://wiki.freeradius.org/index.php/FAQ#Does_FreeRADIUS_Support_IPv6.3F

"FreeRADIUS 1.1.x does not particularly care if the host it runs on is
dual-stack. It will work just fine, but only use the IPv4 stack of the
machine. It will also transport IPv6 RADIUS attributes just fine but
will NOT send packets over IPv6."

My reading of this is that I can use FreeRADIUS 1.1.6 to store and
transport IPv6 Radius attributes.... so I can use 1.1.6 ???
>   
>> I think that I'd like to have a pool of IPv6 addresses on the cisco and
>> to be able to provide clients with a /64 block (might look at a /60 or
>> /56 one day). To do this in IPv4 - I send 255.255.255.254 to the
>> NAS/Cisco. So whats the IPv6 equivalent?
>>     
>
>   I don't think there is one.  See the Cisco documentation for more.
>   
I guess you have no pointers as to exactly where..? I've already been
reading Cisco stuff for hours...
>   Address allocation in IPv6 is very different from IPv4.
>
>   
>> I expect to stay with FreeRADIUS Version 1.1.6 for now and understand
>> that packets between the NAS and Radius will be via IPv4. Thats fine -
>> though one day I think I expect to see FreeRadius listening on both IPv4
>> and IPv6 at the same time.
>>     
>
>   Version 2.0 will support IPv6.
>
>   
>> What magic lines would I need to add to my Cisco and what magic to add
>> to FreeRadius?
>> Anyone have Dialup clients being issued IPv6 addresses yet?
>>
>> 1 - I expect to add some sort of IPv6 field to MySQL (ie - for a static
>> IPv6 address or to signify the NAS to use a Dynamic address)
>> 2 - I expect the "authorize_check_query" and other SQL queries to change
>> a bit... ie return IPv6 data - without breaking IPv4 only NAS's
>> 3 - I expect to add an IPv6 pool and other lines of magic to my Cisco.
>>     
>
>   There's Framed-IPv6-prefix, where you can assign Ip's to a client.
>   

I think this is for static allocations only.

>From my limited experience, rfc3162 seems to suggest using
"Login-IPv6-Host" as a trigger?
Login-IPv6-Host=0 - use an address from the local pool,
Login-IPv6-Host="all 'F'" - use the address that the user wants
Anything else - the address to assign.

No idea if this is implemented though...

>   Alan DeKok.
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>   


-- 
  .  .     ___. .__      Posix Systems - Sth Africa
 /| /|       / /__       mje at posix.co.za  -  Mark J Elkins, SCO ACE, Cisco CCIE
/ |/ |ARK \_/ /__ LKINS  Tel: +27 12 807 0590  Cell: +27 82 601 0496




More information about the Freeradius-Users mailing list