I'm trying to run a personal web service from my lan, on IPv6. I want it to be visible on the public internet, and behind a AAAA record. I need to balance ease of setup, and graceful reconfiguration when the IP prefix from my ISP change.

Ideally, I'd like to instruct the router to assign my host the dynamic prefix(NOTE: I’m using OpenWRT, and I haven’t found a way to add a dynamic DHCP lease reservation for something like this (i.e. take global prefix, and slap "d00d" at the end). So static configuration on the host is perhaps necessary. )

Then in my applications, I could bind to that address only.

I'm trying to run a personal web service from my lan, on IPv6. I want it to be visible on the public internet, and behind an AAAA record. I need to balance ease of setup, and graceful reconfiguration when the IPv6 prefix from my ISP changes.

Then in my applications, I could bind to that address only (or to "::" on the device holding that ip).

My hosts are behind an OpenWRT router, IPv4 + IPv6. OpenWRT gets a /56 prefix delegated by my ISP. I’m using a SLAAC + DHCPv6 combo setup (aka stateless+stateful). The router runs iptables with a layer of config porcelain on top, and for ipv6 only allows wan-to-lan traffic of already-established connections.

On my stateless+stateful IPv6 setup, my hosts on the lan do autoconfiguration, and also do DHCPv6 to get addresses on a ULA prefix (fd00:cafe::), so they get the following set of addresses:

fd00:cafe::4/128                    # ULA local (by dhclient -6)
2001:2:3:4:a8a8:efcf:d96d:1315/64   # slaac+privacy global
2001:2:3:4:22f:bcff:fe12:1234/64    # slaac+EUI64 (macaddr)
fd00:cafe::a8a8:efcf:d96d:1315/64   # slaac+privacy local
fd00:cafe::22f:bcff:fe12:1234/64    # slaac+EUI64 (macaddr)
fe80::21f:bcff:fe08:c07a/64         # link local

The 2001:2:3:4: addresses are routable on the public internet. The fd00:cafe:: are routable only locally on my subnet (ULA). The fe80: of course isn't routable.

• The prefix delegated by my ISP doesn't seem to change, ever, until I reboot the router. So the globally routable prefix is usable with a little bit of dyndns goop.
• The slaac+EUI addresses say a bit about my mac address, and I don't like that.
• The slaac+privacy addresses are privacy-preserving, but rotate every few half-hours, and that is less desirable. Addresses stick around if they are still in use, but they would be released everytime I started the service (and dns would need to be updated).
• Another option is to just statically pick a suffix I like for my service (e.g. ::d00d), with the same globally routable prefix and statically assign that to my nic, like so:

(NOTE: I’m using OpenWRT, and I haven’t found a way to add a dynamic DHCP lease reservation for something like this (i.e. take global prefix, and slap "d00d" at the end). So static configuration on the host is perhaps necessary. )

I changed /etc/config/dhcp on my router to specify a hostid suffix for a dhcp reservation, and restarted odhcpd. I was hoping I would receive an extra IPv6 with the wan prefix and my chosen suffix, but no luck. The dhcp6 client on my host still doesn't receive that extra IP. Probably related to this odhcpd issue 61.

My hosts are behind an OpenWRT router, IPv4 + IPv6. OpenWRT gets a /56 prefix delegated by my ISP (Telus in Canada). However, this prefix is not static. It changes once in a while, in the order of days. I can expedite change sometimes by doing resets.

On my stateless+stateful IPv6 setup, my hosts on the lan do autoconfiguration, and also do DHCPv6 to get leased addresses. On my ubuntu box:

192.168.1.4
fd00:cafe::4/128                    # ULA local (by dhclient -6)
2001:2:3:4:a8a8:efcf:d96d:1315/64   # slaac+privacy global
2001:2:3:4:22f:bcff:fe12:1234/64    # slaac+EUI64 (macaddr)
fd00:cafe::a8a8:efcf:d96d:1315/64   # slaac+privacy local
fd00:cafe::22f:bcff:fe12:1234/64    # slaac+EUI64 (macaddr)
fe80::21f:bcff:fe08:c07a/64         # link local

The 2001:2:3:4: addresses are routable on the public internet. The fd00:cafe:: are routable only locally on my subnet. fd00:cafe:: is a prefix I've configured in OpenWRT (ULA) for just my internal network. The fe80: of course isn't routable. OpenWRT does not lease out a 2001:2:3:4::4 in this configuration, by design (I would very much like that however).

• The slaac+EUI addresses say a bit about my mac address, and I don't like that.
• The slaac+privacy addresses are a tad more privacy-preserving, but rotate every few hours, and that is less desirable. Addresses stick around if they are still in use, but they would be released every time I started the service (and dns would need to be updated -- which takes minimum 5min).
• Another option is to just statically pick a suffix I like for my service (e.g. ::d00d), with the same globally routable prefix and statically assign that to my nic, like so:

Ideally, I'd like to instruct the router to assign my host the dynamic prefix(NOTE: I’m using OpenWRT, and I haven’t found a way to add a dynamic DHCP lease reservation for something like this (i.e. take global prefix, and slap "d00d" at the end). So static configuration on the host is perhaps necessary. )

I tried using the hostid dhcp setting in my OpenWRT leases /etc/config/dhcp. It supposedly allows specifing the last 32bits of a dhcpv6 reservation. I was hoping I to receive an extra IPv6 with the wan prefix and my chosen suffix, but no luck. The dhcp6 client on my host still doesn't receive that extra IP. Probably related to this odhcpd issue 61.

Also, any opinions on binding on a device vs a single address? The indirection might allow addresses from ISP to change without needing a server restart.

Update

I changed /etc/config/dhcp on my router to specify a hostid suffix for a dhcp reservation, and restarted odhcpd. I was hoping I would receive an extra IPv6 with the wan prefix and my chosen suffix, but no luck. The dhcp6 client on my host still doesn't receive that extra IP. Probably related to this odhcpd issue 61.