Subnetting is one of the tools you can use as part of segmenting a LAN in e.g a DMZ, a subnet for IoT devices etc. In this note I’ll explain how I did it in IPv6 using Prefix Delegation.
I took this opportunity to learn more about it. I set up the following test network using VirtualBox: (main router is a real host that runs Gentoo; the virtual hosts (Net0,1,2,…) live on my workstation and run ArchLinux or Debian)
My ISP has given me a /48 delegation as per RIPE recommendation. I want to subdivide this so that the first level subnets attached to my LAN (‘LAN’ on the picture) get a /56 delegation. This means that up to 2^8 or 256 subnets could be attached to my LAN. Subnets created under such a /56 subnet (e.g. LAN0) will get /60 delegated. In other words each first level subnet can support up to 2^4 or 16 second level subnets.
My initial intention was to do all of it using systemd-networkd only, but I very quickly found out that this was not possible with the present (July 2022) version of systemd (251.2). Networkd (as I’ll call systemd-networkd in the following) has both a DHCP server and a DHCP client for IPv4 but only a DHCP client for IPv6. So I used ISC’s dhcp package as DHCP server for IPv6.
In the following I’ll treat the routers one by one and highlight what is essential to get this router to work the way I want it.
Main router (Rm)
The main router is a physical host. Its network interfaces are all configured using networkd. It provides DHCP service to the LAN and forwards requests from the Internet to the appropriate servers on the LAN.
It receives a /48 prefix from the ISP and is configured to delegate /56 prefixes to requesting routers on the LAN if so asked. The DHCP6 server is configured to delegate prefixes in the range 1 to f (2001:2db:8073:0100::/56 to 2001:2db:8073:0f00::/56).
This router does not use networkd’s DHCPv4 server as that server cannot serve static IPv4 addresses. The hosts on the LAN are all (except the DHCP server itself) configured with DHCP, so the ability to assign static addresses is a must. Hence the DHCP server from ISC is used in IPv4 mode too.
Details and the configuration files are here: Main Router
Net0 (R0)
This router is attached to the LAN and thus gets a /56 allocation (2001:2db:8073:e00::/56) from the main router. It serves prefixes and IP addresses to LAN0. The prefixes are served by the DHCPv6 server and IPv4 addresses are served by networkd (as static addresses are not required in the test network.)
The configuration files are here: R0 config
Net2 (R2)
It gets a /60 prefix from R0 (2001:2db:8073:e80::/60).
The configuration files are here: R2 config
Net3
This host is ‘just’ a host on LAN3. Using SLAAC it gets an IPv6 address like 2001:2db:8073:e80:a00:27ff:fed5:e9ee/64 derived from the RA.
Its configuration files are here Net3 config
Visits: 82