[j-nsp] DHCPv6-PD server Access-Internal routes on Branch SRX

Hugo Slabbert hugo at slabnet.com
Fri Jul 3 12:06:29 EDT 2015


I'm not getting any responses on the Juniper forums, but am hoping this 
list may have some answers.

I'm labbing up a branch SRX as a DHCPv6 PD server as managed CPE for 
customer sites.  A /48 is routed to the SRX, and the SRX in turn would dish 
that out to a customer device via PD.  Our ideal deployment would be to 
just do PD with link-local only on the touchdown (i.e. no SLAAC, NDRA, or 
ia-na).

DHCPv6 PD works fine and the customer equipment gets the prefix & can set 
up a ::/0 route via RAs from the SRX.  The problem is that if the SRX's 
touchdown interface to the customer device has LL only, it doesn't install 
an Access-Internal route for the delegated prefix, and so the customer's PD 
prefix is unreachable.

If I add a GUA or ULA on the SRX's touchdown interface to the customer 
equipment and add that /64 under "interface <touchdown> prefix" stanza 
under router-advertisement, the access-internal route gets installed 
properly on the SRX when the customer dhcpv6 client gets its PD lease.

Is this expected behaviour?  Is running ia-pd with link-local not an 
accepted deployment model?  I flipped around the roles in the lab with a 
Cisco 867 acting as the PD server and the SRX100 as a client, and IOS is 
happy to install a route for the PD prefix with link-local only on the 
touchdown.

Test gear was an SRX110H2-VA. The behaviour was the same on all of the 
following:

- 12.1X44-D45.2
- 12.1X46-D35.1
- 12.1X47-D20.7
- 12.3X48-D10.3

-- 
Hugo

hugo at slabnet.com: email, xmpp/jabber
PGP fingerprint (B178313E):
CF18 15FA 9FE4 0CD1 2319
1D77 9AB1 0FFD B178 313E

(also on textsecure & redphone)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <https://puck.nether.net/pipermail/juniper-nsp/attachments/20150703/f9334113/attachment.sig>


More information about the juniper-nsp mailing list