DHCPv6 support in Network Manager isn't RFC compliant

From: Stéphane Graber <stgraber ubuntu com>
To: networkmanager-list gnome org
Subject: DHCPv6 support in Network Manager isn't RFC compliant
Date: Thu, 28 Jul 2011 10:23:59 -0400

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hello,

As I'm not subscribed to this mailing-list, I'd appreciate it if you
could Cc me on your replies. Thanks


I've recently been spending quite a bit of time testing Network
Manager's IPv6 support on Ubuntu as part of our ongoing effort of
getting full IPv6 support for Oneiric.

It's really looking good and Network Manager does a great job of
handling all the possible use cases I have, except one small detail.

I noticed yesterday that Network Manager uses a different DHCP lease
file for each connection. I can understand why it's been done this way
for DHCPv4 (makes it more readable and easier to cleanup) but that's
unfortunately breaking DHCPv6 support.


You're probably aware that with DHCPv6, "host" definitions on the server
side are no longer tied to a MAC address but instead to a DUID.
This DUID is defined in RFC 3315, section 9.
http://www.ietf.org/rfc/rfc3315.txt

Quoting part of this specific section:
   The DUID is carried in an option because it may be variable length
   and because it is not required in all DHCP messages.  The DUID is
   designed to be unique across all DHCP clients and servers, and stable
   for any specific client or server - that is, the DUID used by a
   client or server SHOULD NOT change over time if at all possible; for
   example, a device's DUID should not change as a result of a change in
   the device's network hardware.

The way the ISC dhclient works, it's looking for a default-duid field in
its lease file. For example, on my machine I currently have:
  default-duid "\000\001\000\001\025\303}\370\000#\024\243\331\244";

This is fine as long as dhclient always uses the same lease file but
it's sadly not the current behavior when used with Network Manager.

The current behavior's IPv4 equivalent would be a changing MAC address
for every single network defined in Network Manager, which is really
problematic for system administrators who need to do per-host
configuration with DHCPv6.


I'd highly recommend Network Manager either uses
/var/lib/dhcp/dhclient6.leases as its lease file or if you absolutely
want to keep a separate lease file per connection, then use the
following algorithm:

 1) Check if /var/lib/dhcp/dhclient6.leases exists
  1a) If it does, grab the DUID from it.
  1b) If it doesn't, generate a new DUID and write it to
/var/lib/dhcp/dhclient6.leases
 2) Write that DUID to your per-connection lease file prior to starting
dhclient

Let me know if you have any question!

Thanks

- -- 
Stéphane Graber
Ubuntu developer
http://www.ubuntu.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBCgAGBQJOMXD6AAoJEMY4l01keS1nqj0P/jOdcsu0dPSMJJaj2bM8+pkK
S9aArH7qcY0KRnPiyHef2Y71F7wVtsDIpngnGn9/hRaAAS2BpOSXGhEDBsgWb1Sv
1mRAKw5RpBDfbXY6nNY431gj/pXsL0q0AnBSYmMZzKzSbQjpqPpIJAPZ48ba5g55
VPlWYR7Wlo/P7zSaFeQauXyD3zVkmU8cDtA+8wiN5iDK0ps86wmW1Z+IqYHGDg6u
Q0vJPQf1VTEGl12weCZZvpZzjwSeJWU5bQ9YGBeDVRKGkbWwbn3bFb7wZZMxBYGE
lQLguuYuh5y1Rysn6YfUizpcIpPFqbkSFGw/bsW8dKMtrXlmjnKwMEq9rPpRCru/
lDlsCT6Da7jsL/iamK2Yp15LQfJtMMz6Ke5YV803r1RguD9PauodRViSVjJ8044+
0+/wGzFEF/Yts2RB4rB7NtRPv+VBxBkOOao4ljcqX3aRIm3yLBt7Vpv+kPgcE8l8
fqWmdxRT57EZyiGd+wYS+tswdda3ClqM9wYgNPfmYtSQGe3biiv5Tq75RBFLZgGi
878SbxUXlIOkW8ZG38bHIc2ujmbZIiSs6ATNLRcV6qFfhyupXevwtC+OJgSA1I+D
0NaFR3Os15AgkevDId/dIlgj40J1fmOJQhu9c5XOX/Cob3yHInPfzFR0QZKLDGqQ
u4aCDzwK0+45zBuIFskW
=YA4/
-----END PGP SIGNATURE-----

Follow-Ups:
- Re: DHCPv6 support in Network Manager isn't RFC compliant
  - From: Paul Wouters
- Re: DHCPv6 support in Network Manager isn't RFC compliant
  - From: Dan Williams

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]