Menu
▾
▴
Re: [Packetfence-users] Q.: is DHCP required in PacketFence?
|
From: Steve W. <swi...@mi...> - 2009-12-11 16:16:04
|
Wow, I thought I asked a bad question! ;-} Thanks for getting back to me. IPv6 stateless auto-configuration communicates with the VLAN gateway (router interface) to determine it's network prefix then combines that with the MAC address to build a routable address. There's also a privacy mode that builds the routable address with a random MAC equivalent. >From what you said it doesn't sound like PF and IPv6 are compatible. Bummer. I hope you are thinking about IPv6 as its prevalence is inevitable and closer than most think, I think ;-). Do some research on the growth of internet routed IPv6 networks. It doubled this year. Our captive portal is also a black hole DNS. It sounds like PF requires using it's DNS and DHCP, is that right? Separate DNS (BIND) and DHCP (ISC) will not work with PF? I'm guessing this is called dhcp-mode? Are there other modes besides dhcp-mode? I read inline-mode was dropped recently. On Dec 10, 2009, at 2:45 PM, Olivier Bilodeau wrote: > Hi Stephen, > > Stephen Wittstruck wrote: >> Hello, >> >> I only just found PacketFence this morning, initial impressions are >> great. > > Glad to know! > >> >> I'm wondering if DHCP is a requirement? I'm planning for IPv6 and >> leaning towards IPv6 stateless auto-configuration versus DHCPv6. >> > > IPv6 and PacketFence.. I don't know how far you can get with that... > > But lets address the specific question. > > I know nothing about IPv6 stateless auto-configuration but what I can > tell you is why DHCP is needed and you might be able to tell us if > auto-conf can do it. > > When we see an unregistered MAC on the network, we put it in a VLAN > where PacketFence is the DHCP server. This way, PacketFence answers that > he his the gateway / DNS for this (registration) subnet. Then, we > blackhole DNS to the PacketFence server this way all web requests are > sent to the PF box thus the captive portal goodness. > > Now, lets say we use IPv6 auto-conf in that VLAN. What would happen? > Would PacketFence still be able to be in the path of the users? > > I know you asked the question a while ago, so if you took another path > or product, can you share it with us so we can try to build the best NAC > out there! :) > > Cheers! > -- > Olivier Bilodeau > obi...@in... :: +1.514.447.4918 *115 :: www.inverse.ca > Inverse inc. :: Leaders behind SOGo (www.scalableogo.org) and > PacketFence (www.packetfence.org) > > ------------------------------------------------------------------------------ > Return on Information: > Google Enterprise Search pays you back > Get the facts. > http://p.sf.net/sfu/google-dev2dev > _______________________________________________ > Packetfence-users mailing list > Pac...@li... > https://lists.sourceforge.net/lists/listinfo/packetfence-users |