Re: fixed ipv6 address with DHCPv6



See my reply to dcbw on the dnsmasq-discuss mailing list.

Gene


On 02/08/2013 12:20 PM, Pavel Simerda wrote:
----- Original Message -----
From: "Gene Czarcinski" <gene czarc net>
For some time I have been having a problem attempting to have a
dnsmasq
server provide a system with a fixed IPv6 address.  Setting an IPv4
address and identifying the system with its NIC's MAC address.  But,
with DHCPv6 there is no relationship defined in the standard for
DHCPv6 to use the MAC.
Correct. It's replaced with UUID.

I tried using the system's name but that has not proven reliable.
When
the system and the dnsmasq server get "out of sync", it takes manual
intervention to correct things.  When things do work, it works fine.
System's name is generally considered unreliable due to possible collisions.

I looked into using the Client-ID but that "number" is based on the
MAC plus time and will vary unpredictably.
This has been already fixed by dcbw after long talks with me and cyphermox.

Suddenly (like yesterday) I found what appears to be the solution and
it is likely to have been there for some time.  By default, dhclient
will use LLT (Link-Layer plus Time) to define its DUID (Client-ID).
We are switching to DUID-UUID from /etc/machine-id reportedly required by D-Bus (even though I can't image any reason as D-Bus is not commonly used over the network).

But, there is an command-line override which can change this to LL
(Link-Layer) which uses the MAC prepended with 0:3:0:1.
This was the solution I originally proposed but...

1) It has some drawbacks.

2) You don't need it for normal operation. DUID-LLT saved in a disk file is stable enough for day-to-day operation. This has been solved by cyphermox even before we switched to machine-id.

The important info is here:
http://tools.ietf.org/html/rfc3315#section-9.4
See:

* http://tools.ietf.org/html/rfc6355 for the DUID-UUID (in the form of /etc/machine-id).
* https://bugzilla.gnome.org/show_bug.cgi?id=691885

Also examine the dhclient man age and scroll down to "*-D*/ LL or
LLT/"
I admit that DUID-LL is still better than non-stored DUID-LLT but DUID-UUID proves to be a better match that the two of those. If you have specific needs, you can still override the DUID manually.

I then did a quick (two line) patch to NetworkManage
[src/dhcp-manager/nm-dhcp-dhclient.c] to hardcode the addition of
"-D",
"LL" to the command-line if it is "-6".  It works as advertised.
Thanks for your effort but unless there's a very good reason to use DUID-LL, we're not going to do that (but you can still override the actual DUID e.g. by a script).

While this works for me, I do not propose that this be the solution
in NetworkManager.  Instead, I propose that the default remain the same
and a new configuration file parameter be added: DUID= which will have
only two valid values: LL or LLT.
As UUID is now the default, this proposal is obsolete.

If DUID= is not specified then the default is LLT.

Once this is accepted and part of NetworkManager, I will update
network-manager-applet so the the DUID value can be specified when
defining an IPv6 interface.  Initially, editing the configuration
file should be adequate.
Do you have any questions or arguments for still supporting DUID-LL when we have DUID-UUID?

Cheers,

Pavel





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]