D-Link NetDefendOS User Manual page 415

applies to /64 networks.
The default value for this setting is No so the bit is not automatically set to zero by
NetDefendOS.
Tip: Speeding up address allocation
If only one DHCPv6 server is configured then the process of IPv6 address allocation can
be significantly speeded up by enabling rapid commit and setting the preference value
of that server to be 255.
With a preference value of 255, message exchange is triggered as soon as soon as the
client receives the solicit message. Rapid commit allows the client to get committed
addresses in the reply message during the solicit-reply message exchange with the
DHCPv6 server. Together, these can significantly increase the speed of address
allocation.
Available Memory Can Limit Lease Allocation
When a DHCPv6 lease is handed out, NetDefendOS stores details of the lease in the firewall's
local memory. There is no memory pre-allocated for this list of leases and the amount of memory
used can expand from nothing up until the point that all free available memory is exhausted.
When no more memory is available, NetDefendOS will cease to assign new leases and will
behave as though there are no free IPs left in the pool. NetDefendOS will signal a general
out-of-memory condition and this will appear on the management console. This condition
would require a very large number of leases to be allocated.
DHCPv6 Server Setup
The steps for setting up a DHCPv6 server in NetDefendOS are as follows:
• Make sure that IPv6 is enabled globally and for the listening interface of the DHCPv6 server
with an IPv6 address assigned to that interface. Doing this is described in Section 3.2, "IPv6
Support".
• Create a new DHCPv6 Server object. This will listen on the specified interface and get the IPv6
addresses handed out from a specified IPv6 Address Pool object.
• The advanced IP setting Multicast HopLimit Min must be set to a value of 1 (the default is 3).
• If the firewall which acts as the DHCPv6 server is also going to send out router
advertisements for the server, the following must be configured:
i. Add a Router Advertisement object with the same interface specified as the DCHPv6
server.
ii. Disable the Use Global Settings option for this Router Advertisement object and enable
the Managed Flag setting to signal there is a DHCPv6 server on the network. If the
DHCPv6 server is providing information about DNS addresses, also enable the Other
Config Flag setting.
iii. Add a Prefix object to the Router Advertisement object. This is optional but is normally
done. Normally, the prefix specified is the same as the network attached to the DHCPv6
server listening interface.
415
Chapter 5: DHCP Services