February 11, 2020

CoreRAD: a new IPv6 router advertisement daemon

I’m a major advocate for IPv6 and have operated an IPv4/6 dual stack network at home for several years. There are a lot of really interesting ways that IPv6 differs from IPv4 but one of my favorites is the addition of Stateless Address Autoconfiguration (SLAAC) via Neighbor Discovery Protocol (NDP) Router Advertisements (RAs).

I’ve written and spoken about IPv6 and NDP a few times in the past, but if you want a quick intro or refresher, check out my blog.

NDP RAs allow clients to discover an IPv6 default route and gain connectivity to the IPv6 internet. On top of that, SLAAC allows advertising a prefix which clients use to generate their own addresses, so most home users will never need to deploy a DHCPv6 server.

Introducing CoreRAD

CoreRAD is an extensible and observable IPv6 NDP RA daemon inspired by the plugin architectures (and names!) of CoreDNS and CoreDHCP. It makes use of my Go github.com/mdlayher/ndp package which is stable and mature.

The primary goal of the project is to enable extension and integration with other systems. For many users, a static configuration defined on a single router is sufficient. For more advanced users, it could be beneficial to dynamically fetch configuration from an HTTP or gRPC API to dictate the IPv6 prefixes and DNS options which should be served to a specific client. This functionality isn’t available yet, but I can imagine scenarios where it’d be really useful!

In addition, Prometheus metrics are available to provide insight into the NDP traffic sent and received by the service:

$ curl http://router.lan.example.com:9430/metrics # HELP corerad_advertiser_router_advertisements_total The total number of NDP router advertisements sent by the advertiser on an interface. # TYPE corerad_advertiser_router_advertisements_total counter corerad_advertiser_router_advertisements_total{interface="lan0",type="multicast"} 230 corerad_advertiser_router_advertisements_total{interface="lan0",type="unicast"} 56 corerad_advertiser_router_advertisements_total{interface="guest0",type="multicast"} 235 corerad_advertiser_router_advertisements_total{interface="iot0",type="multicast"} 243 corerad_advertiser_router_advertisements_total{interface="iot0",type="unicast"} 3 corerad_advertiser_router_advertisements_total{interface="lab0",type="multicast"} 227

Comparison with radvd

The most commonly deployed NDP RA software on Linux is radvd. As an example, suppose you’d like to accomplish the following:

send router advertisements from interface eth0 which indicate this machine can be a used as an IPv6 default router

which indicate this machine can be a used as an IPv6 default router serve prefix information and allow SLAAC for each non-link-local IPv6 /64 prefix on interface eth0

The following radvd configuration implements our example:

interface eth0 { AdvSendAdvert on; prefix ::/64 { # "AdvOnLink" and "AdvAutonomous" on by default. }; };

The equivalent CoreRAD TOML configuration is similarly minimal:

[[interfaces]] name = "eth0" advertise = true [[interfaces.prefix]] prefix = "::/64" # "on_link" and "autonomous" true by default. # Optional: enable Prometheus metrics. [debug] address = "localhost:9430" prometheus = true

This configuration is perfectly suitable for most home users.

radvd is an excellent and mature piece of software. I created the CoreRAD project out of curiosity, and because I sought greater extensibility and observability than radvd can provide.

Getting started with CoreRAD

At this time, CoreRAD is in beta status. This implies a few limitations:

Linux is the best-supported platform, but it should work on *BSD as well with slightly reduced functionality.

Support for dynamic configuration via HTTP/gRPC is not yet implemented. If you have ideas, please get in touch!

CoreRAD must be built using Go 1.13+. No binaries are available at this time. CoreRAD is packaged in NixOS unstable because I run NixOS on my router. That’s a story for another blog post!

It is stable enough for daily use, but you may run into bugs. Please file issues!

CoreRAD has been deployed on numerous home networks (thanks alpha testers!) and is a suitable radvd alternative for many use cases. I’m using it to enable IPv6 connectivity with SLAAC and DNS options on all my home VLANs. You can view my configuration file as a GitHub gist.

If you’d like to try it out, please see the Getting started with CoreRAD document in the repository. Early adopters are also welcome to join us on Gophers Slack in the #corerad channel!

If you have any questions, feel free to contact me! I’m mdlayher on Gophers Slack, GitHub, and Twitter.