Re: How to configure NetworkManager to use DUID-LL type with dhclient?

From: Jorge L. Corrêa <jorge l correa embrapa br>
To: networkmanager-list gnome org
Subject: Re: How to configure NetworkManager to use DUID-LL type with dhclient?
Date: Thu, 12 May 2016 15:54:35 -0300 (BRT)

Hi Dan! Thank you so much! You were very clear.

I was reading a documentation based just on RFC 3315 (LL, EN and LLT). Besides that I was using a perl 
conversion script that doesn't consider RFC 6355 (DUID-UUID). The output of this script was telling I was 
using DUID-LLT (but it's not true, it's a type 4 DUID).

So, this scenario is now clear. NetworkManager generates a DUID-UUID that will be the same for the device.

Thanks!!!
:)

--
Jorge Luiz Corrêa
Embrapa Informática Agropecuária


echo 
"CkpvcmdlIEx1aXogQ29ycmVhCkFuYWxpc3RhIGRlIFJlZGVzIGUgU2VndXJhbmNhCkVtYnJhcGEgSW5mb3JtYXRpY2EgQWdyb3BlY3VhcmlhIC0gTlRJCkF2LiBBbmRyZSBUb3NlbGxvLCAyMDkgKEJhcmFvIEdlcmFsZG8pCkNFUCAxMzA4My04ODYgLSBDYW1waW5hcywgU1AKVGVsZWZvbmU6ICgxOSkgMzIxMS01ODgyCmpvcmdlLmwuY29ycmVhQGVtYnJhcGEuYnIKCg=="
 | base64 -d


----- Mensagem original -----
De: "Dan Williams" <dcbw redhat com>
Para: "Jorge L. Corrêa" <jorge l correa embrapa br>, networkmanager-list gnome org
Enviadas: Quinta-feira, 12 de maio de 2016 13:12:05
Assunto: Re: How to configure NetworkManager to use DUID-LL type with dhclient?

On Mon, 2016-05-09 at 14:23 -0300, Jorge L. Corrêa wrote:

Hi, I've been looking for information about how to configure network
manager to pass parameters to dhclient. The goal is use dhclient with
"-D LL" (use DUID-LL as default type of DUID generation). I can see
that NetworkManager is calling dhclient in a way that DUID-LLT is
being used. 

For IPv6 networks we need to ensure that a host has, at minimum, one
known IPv6 address. So, after the first DUID generation, we need to
register this value in a system and ensure that this value doesn't
change anymore. If we use DUID-LLT we cannot do that. So, we need
that NetworkManager calls dhclient using DUID-LL (dhclient -D LL
...).


If there is no preconfigured DUID, then NetworkManager will generate a
DUID-UUID from the machine-id file following RFC 6355.

https://tools.ietf.org/html/rfc6355

NM uses DUID-UUID because DUID-LL/LLT are not guaranteed to remain
constant across boots, since network device addresses can change and
many devices don't bother to store a MAC address in NVRAM but generate
a random one each boot (especially for embedded devices).

Once generated, this DUID-UUID gets stored into the leasefile for the
connection.  Since it's generated from the machine-id (which by
definition shouldn't change for the life of the machine/install) it
will be the same regardless of whether you swap out NICs or the
timestamp, which follows the DHCPv6 standards which say the DUID should
not change when network hardware changes (RFC 3315, section 9).

If you really want a DUID-LL, you can override it by specifying a DUID
in the connection specific leasefile (usually /var/lib/NetworkManager)
or in more standard leasefile locations for dhclient, like
/etc/dhclient6.leases or /var/lib/dhcp/dhclient6.leases.  NM will check
those locations first if no connection specific leasefile from
/var/lib/NetworkManager is found, and then copy that DUID to the
connection specific leasefile when it gets created.

Does that help?

Dan
____________________________________________________________________________
Aviso de confidencialidade

Esta mensagem da Empresa  Brasileira de Pesquisa  Agropecuaria  (Embrapa),
empresa publica federal  regida pelo disposto  na Lei Federal no. 5.851,  de
7 de dezembro de 1972,  e  enviada exclusivamente  a seu destinatario e pode
conter informacoes  confidenciais, protegidas  por sigilo profissional.  Sua
utilizacao desautorizada  e ilegal e  sujeita o infrator as penas da lei. Se
voce  a recebeu indevidamente, queira, por gentileza, reenvia-la ao emitente,
esclarecendo o equivoco.

Confidentiality note

This message from Empresa  Brasileira de Pesquisa  Agropecuaria  (Embrapa), a
government company  established under  Brazilian law  (5.851/72), is directed
exclusively to  its addressee  and may contain  confidential data,  protected
under  professional secrecy  rules. Its unauthorized  use is illegal and  may
subject the transgressor to the law's penalties. If you are not the addressee,
please send it back, elucidating the failure.

References:
- Re: How to configure NetworkManager to use DUID-LL type with dhclient?
  - From: Dan Williams

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]