[Dnsmasq-discuss] /64 per host

[Simon Kelley]

On 25/04/13 15:48, Anthony wrote:
> Hi.  I'm currently investigating setting up IPv6 on a small network (maybe
> 15 hosts, including portable devices).  I'd like to have my router give
> each host its own /64.  All the hosts support SLAAC (with privacy
> extensions) without any additional configuration, whereas they don't all
> support DHCPv6.  However, for firewall purposes it would be much easier if
> each host had its own /64.  I could do everything using static
> configuration, but then I'd have to change everything at every host
> whenever my prefix changes.
>
> My thought was that the router (a linux machine, which is also the
> firewall) would send a different router advertisement to each host.
>   Preferably this could be done without any need for the hosts to even
> solicit an address.
>
> Is anything like this possible?
>

I don't know if it's possible. It's certainly a long way for the design 
case for SLAAC. You'd have to make sure that the router advertisement 
daemon never, ever, multicast any advertisement. Also, I think your last 
statement is backwards: you absolutely need clients to send router 
solicit messages, that would allow the RA daemon to find the MAC address 
(acting as a UID) and from that the configured prefix for that 
particular client.

Summary. It might work, you'd need to experiment. There's no way to 
configure the distributed dnsmasq to do what you want; you're looking 
at patching the source but I don't think the changes are difficult or 
onerous.

Cheers,

Simon.