Re: DHCPv6 support in Network Manager isn't RFC compliant
- From: Dan Williams <dcbw redhat com>
- To: Stéphane Graber <stgraber ubuntu com>
- Cc: networkmanager-list gnome org
- Subject: Re: DHCPv6 support in Network Manager isn't RFC compliant
- Date: Sat, 30 Jul 2011 17:50:36 -0500
On Fri, 2011-07-29 at 18:24 -0400, Stéphane Graber wrote:
> On 07/29/2011 05:54 PM, Dan Williams wrote:
> > On Thu, 2011-07-28 at 10:23 -0400, Stéphane Graber wrote:
> >> Hello,
> >>
> >> As I'm not subscribed to this mailing-list, I'd appreciate it if
> >> you could Cc me on your replies. Thanks
> >>
> >>
> >> I've recently been spending quite a bit of time testing Network
> >> Manager's IPv6 support on Ubuntu as part of our ongoing effort of
> >> getting full IPv6 support for Oneiric.
> >>
> >> It's really looking good and Network Manager does a great job of
> >> handling all the possible use cases I have, except one small
> >> detail.
> >>
> >> I noticed yesterday that Network Manager uses a different DHCP
> >> lease file for each connection. I can understand why it's been done
> >> this way for DHCPv4 (makes it more readable and easier to cleanup)
> >> but that's unfortunately breaking DHCPv6 support.
> >
> > Thanks for investigating this.
> >
> >>
> >> You're probably aware that with DHCPv6, "host" definitions on the
> >> server side are no longer tied to a MAC address but instead to a
> >> DUID. This DUID is defined in RFC 3315, section 9.
> >> http://www.ietf.org/rfc/rfc3315.txt
> >>
> >> Quoting part of this specific section: The DUID is carried in an
> >> option because it may be variable length and because it is not
> >> required in all DHCP messages. The DUID is designed to be unique
> >> across all DHCP clients and servers, and stable for any specific
> >> client or server - that is, the DUID used by a client or server
> >> SHOULD NOT change over time if at all possible; for example, a
> >> device's DUID should not change as a result of a change in the
> >> device's network hardware.
> >>
> >> The way the ISC dhclient works, it's looking for a default-duid
> >> field in its lease file. For example, on my machine I currently
> >> have: default-duid
> >> "\000\001\000\001\025\303}\370\000#\024\243\331\244";
> >>
> >> This is fine as long as dhclient always uses the same lease file
> >> but it's sadly not the current behavior when used with Network
> >> Manager.
> >>
> >> The current behavior's IPv4 equivalent would be a changing MAC
> >> address for every single network defined in Network Manager, which
> >> is really problematic for system administrators who need to do
> >> per-host configuration with DHCPv6.
> >>
> >>
> >> I'd highly recommend Network Manager either uses
> >> /var/lib/dhcp/dhclient6.leases as its lease file or if you
> >> absolutely want to keep a separate lease file per connection, then
> >> use the following algorithm:
> >>
> >> 1) Check if /var/lib/dhcp/dhclient6.leases exists 1a) If it does,
> >> grab the DUID from it. 1b) If it doesn't, generate a new DUID and
> >> write it to /var/lib/dhcp/dhclient6.leases 2) Write that DUID to
> >> your per-connection lease file prior to starting dhclient
> >
> > This is probably the best course of action; if there's already a
> > leasefile but that leasefile doesn't have a default DUID, then we
> > add the default DUID to the top of the leasefile. If there isnt' a
> > leasefile, then we create a new leasefile with one line (for the
> > default-duid) and pass that file to dhclient like we normally do.
> >
> > If /var/lib/dhcp/dhclient6.leases doesn't exist (it doesn't on any of
> > my systems) then we should probably scan existing leasefiles and grab
> > the first default duid that we find. That could be a performance
> > issue though, so if possible the code should only do this *once* (in
> > nm-dhcp-dhclient.c) and store the value in a global 'static char *'
> > variable so that it can be re-used from other instances of
> > NMDHCPDhclient without having to be re-read.
>
> My suggestion in this case would be to instead create
> /var/lib/dhcp/dhclient6.leases containing only the duid.
>
> This way you shouldn't have to scan through all your .leases file and
> someone manually starting dhclient6 will still get the same duid.
Good point.
Dan
> >
> > Anyone want to take a stab at the patch? Should be pretty simple.
> > Testcases earn you a bonus :)
> >
> > Dan
>
>
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
