I'm finally embarking on the voyage that is IPv6. I am not sure however, on the best way of assigning a unique local address (ULA) to each host in my LAN.
For IPv4 I prefer to have a DHCP server with all the mappings between MAC addresses and fixed IPs, as most OSes default to DHCP so it means there is less configuration this way. I also have a small dynamic pool for guests.
So I am wondering whether I should be running a DHCPv6 server to mimic this behaviour, or whether I can somehow make use of stateless IPv6 configuration instead.
Since my router advertises my global prefix and clients pick it up automatically, is it possible to have a second router (my network switch) also advertise a ULA prefix, so that clients can set themselves up with two IPs automatically? This would let them have a global and a ULA address and I wouldn't need to run a dedicated DHCPv6 server somewhere, or bother with NAT.
I'd also like to run the ULA prefix advertisement on a different device if possible (rather than the existing DSL modem) so that if the modem ever gets taken offline it won't disrupt local network traffic. Or ideally, I'd get both the modem and the switch to advertise the same ULA prefix so either one can go away or be replaced without disrupting the network.
Is this the way ULA addresses are supposed to be allocated? Or are you supposed to choose between DHCPv6 and static allocation, or some other method I haven't learned about yet?
Some background, if you need it:
I have received a global prefix from my ISP (via 6rd) and I've set that up on my router so each PC on the LAN now has a global IPv6 address. This works fine, but if I want to SSH to another machine I have to look up its IPv6 address somehow as the prefix I receive from my ISP changes regularly.
To avoid this, I want to assign each host a ULA address, so that I can put these in local DNS and just use hostnames from that point on. I am not planning to use any form of NAT as each machine already has a global IP, this is just for direct access between machines in the LAN.
(As an aside, link-local addresses are impractical for this as the network interface must be specified every time you use the address. Even if I were to put a link-local address in DNS, I'd still have to figure out what the name of the network interface is called on each machine and specify it every time I tried to make an outgoing connection, even via hostname, which ULA should avoid.)
I am also aware that with stateless IPv6 config it would mean the final IP includes the machine's MAC address, so I'd have to update DNS if the NIC ever changes, but if I was using DHCP instead I'd still have to update the DHCP config with the new MAC anyway, so I don't think this is any more or less effort.
Best Answer
After experimenting with this, I have made a few discoveries that end up dictating which path to choose.
Multiple subnet advertisements means multiple IPs in the same subnet
If you have multiple routers advertising the same prefix, you don't end up with redundancy, you end up with multiple IP addresses in the same prefix/subnet. This is like assigning yourself both 192.168.0.1 and 192.168.0.2 on the same NIC. It works, but it causes problems.
For example I was running a DNS server on one of these machines, and when clients were querying it through the primary IP, it was responding on the second one. Clients were ignoring this response assuming someone was trying to spoof them, instead waiting for a reply on the same IP they sent the query to, so DNS completely broke.
Static IPs and router advertisements don't mix (for the same prefix)
You might think, as I did, that assigning a static IP in the same subnet would prevent an automatic IP assignment from the same prefix. After all, in IPv4 if you have a static IP address, DHCP doesn't give you another one.
This is wrong. You get the static IP address alright, but you also get a second one in the same subnet/prefix thanks to the advertisement from the router.
The end result is two IPs in the same subnet, leading to the same problem as above.
Advertise a different prefix
In the end the only solution that works is this one. It requires letting go of a few IPv4 ideas though.
My goal was to mimic my IPv4 setup with IPv6. That is, assign a few machines fixed addresses, and have the rest dynamic, while having everything as robust as possible. And hopefully not having to run a DHCP server anymore.
By having a router advertise a ULA prefix, all hosts will self-assign their addresses, just like with DHCP. But you can't have multiple routers advertising that prefix. Maybe in some fancier setup you could have a backup router take over if it notices that the primary one has stopped advertising, but this isn't possible at present.
However, you don't have to be tied to placing fixed and dynamic IPs in the same subnet with IPv6. ULA addresses have the facility to specify a subnet (up to 65536 of them), so I ended up using that so that the /48 ULA prefix had two /64 subnets in it. The router advertises one for stateless config (equivalent to DHCP) while the other is not advertised anywhere and used for static IPs configured on each host. You can even use a third ULA subnet for a backup router in case the primary one stops advertising its ULA, just to be sure that your hosts always have a site-wide routable address, even when no global IPs are available.
Thanks to the magic of IPv6 there is no need to set up any routing rules when this all happens within the same LAN segment. Everyone gets a dynamic address, and the machines with fixed addresses get a static IP as well, but as they are in different /64 subnets, there is little confusion.
The only issue is that those hosts with fixed IPs should always used the fixed IPs to talk to each other. If a connection is made to the dynamic IP from a host who has lost its dynamic IP, it will make the connection out from the remaining static IP instead - which means the multi-homed server will reply back using its own static IP and you'll again have the mismatch.
But as long as hosts with static IPs always use the static subnet to talk to each other then there is never a problem. Multi-homed hosts can of course talk to those in the dynamic subnet without any problem as well.