[Dnsmasq-discuss] IPv6 constructor option - confused!

Simon Kelley simon at thekelleys.org.uk
Thu May 2 17:00:00 BST 2013 

On 02/05/13 13:02, Kevin Darbyshire-Bryant wrote:
> On 02/05/2013 09:36, Simon Kelley wrote:
>> On 01/05/13 16:26, Kevin Darbyshire-Bryant wrote:
>>> Hi Simon,
>>>
>>> I find myself confused by the use of the constructor option for building
>>> DHCPv6 address ranges.
>>>
>>> edited dnsmasq.conf file:
>>>
>>> enable-ra
>>> dhcp-range=tag:br0,::1, ::FFFF, constructor:br0, ra-names, 12h
>>>
>>> Now on my Tomato based router this picks up then (tunnelled) ipv6 LAN
>>> address on the BR0 interface, which happens to be ISP_PREFIX::1  It
>>> builds a range ISP_PREFIX::1 ->   ISP_PREFIX::FFFF and all is well.
>>>
>>> However, others do not have a nice neat '::1' they have (presumably
>>> because it's been delegated to them by their ISP) something like
>>> ISP_PREFIX::DEAD:BEEF:F00D.   Now there are two problems as I see it
>>> with this:
>>>
>>> 1) I now need to specify my starting IP address range as DEAD:BEEF:F00D
>>> otherwise dnsmasq doesn't find the prefix and doesn't serve an IPv6
>>> addresses at all.  In which case why am I even bothering to tell it the
>>> interface in the constructor?
>>>
>>> 2) The range parameter (:FFFF) implies I can define a range from
>>> DEAD:BEEF:F00D to DEAD:BEEF:FFFF only with nothing lower than F00D.
>>>
>>> I'm sure I'm being stupid here, please educate me.... again :-)
>>>
>>
>> I think the root confusion is between a DHCP address lease, and a
>> prefix delegation. DHCP leases as we all know them are for an IP
>> address, so could indeed be ISP_PREFIX::DEAD:BEEF:F00D. But
>> constructed ranges are intended for use with prefix delegation. Here,
>> the ISP leases you not an address but a whole prefix: ISP_PREFIX::/64
>>
>> The prefix size doesn't have to be a /64, but it usually is, and
>> that's the only size dnsmasq supports so let's simplify and assume it is.
>>
>> A prefix delegation of ISP_PREFIX::/64 gives you the use of the whole
>> range, ISP_PREFIX::0 to ISP_PREFIX::ffff:ffff:ffff:ffff. You want to
>> use this range on a network, so you need to configure the interface in
>> the router with an address on the range, but all the addresses are
>> available: it's a local choice which one(s) to use, nothing to do with
>> the ISP which delegated the prefix.
>>
>
> Okay, I get all the above however my router is behaving not quite as I
> expect.  Some examples:
>
> Non-working:
>
> root at Router:/tmp/home/root# ifconfig br0
> br0        Link encap:Ethernet  HWaddr 20:4E:7F:B7:4A:C0
>             inet addr:192.168.235.1  Bcast:192.168.235.255
> Mask:255.255.255.0
>             inet6 addr: fe80::224e:7fff:feb7:4ac0/64 Scope:Link
>             inet6 addr: 2001:470:1f09:100::100/64 Scope:Global
>             UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>             RX packets:1998 errors:0 dropped:0 overruns:0 frame:0
>             TX packets:1565 errors:0 dropped:0 overruns:0 carrier:0
>             collisions:0 txqueuelen:0
>             RX bytes:461488 (450.6 KiB)  TX bytes:998389 (974.9 KiB)
>
> dnsmasq.conf (extract)
>
> enable-ra
> dhcp-range=tag:br0,::1, ::FFFF:FFFF:FFFF:FFFF, constructor:br0,
> ra-names, 12h
> dhcp-option=option6:24,"internal"
> dhcp-option=252,"\n"
> #log-dhcp
>
>
> syslog:
>
> May  2 12:40:14 Router daemon.info dnsmasq[12845]: started, version
> 2.67test2tomato cachesize 1500
> May  2 12:40:14 Router daemon.info dnsmasq[12845]: compile time options:
> IPv6 GNU-getopt no-RTC no-DBus no-i18n no-IDN DHCP DHCPv6 no-Lua TFTP
> no-conntrack ipset Tomato-helper auth
> May  2 12:40:14 Router daemon.warn dnsmasq[12845]: warning: interface
> ppp9 does not currently exist
> May  2 12:40:14 Router daemon.warn dnsmasq[12845]: warning: interface
> ppp8 does not currently exist
> May  2 12:40:14 Router daemon.warn dnsmasq[12845]: warning: interface
> ppp7 does not currently exist
> May  2 12:40:14 Router daemon.warn dnsmasq[12845]: warning: interface
> ppp6 does not currently exist
> May  2 12:40:14 Router daemon.warn dnsmasq[12845]: warning: interface
> ppp5 does not currently exist
> May  2 12:40:14 Router daemon.warn dnsmasq[12845]: warning: interface
> ppp4 does not currently exist
> May  2 12:40:14 Router daemon.info dnsmasq[12845]: asynchronous logging
> enabled, queue limit is 5 messages
> May  2 12:40:14 Router daemon.info dnsmasq-dhcp[12845]: DHCP, IP range
> 192.168.235.21 -- 192.168.235.254, lease time 12h
> May  2 12:40:14 Router daemon.info dnsmasq-dhcp[12845]: DHCPv6, IP range
> ::1 -- ::ffff:ffff:ffff:ffff, lease time 12h, template for br0
> May  2 12:40:14 Router daemon.info dnsmasq-dhcp[12845]: DHCPv4-derived
> IPv6 names on ::1, template for br0
> May  2 12:40:14 Router daemon.info dnsmasq-dhcp[12845]: router
> advertisement on ::1, template for br0
> May  2 12:40:14 Router daemon.info dnsmasq-dhcp[12845]: IPv6 router
> advertisement enabled
> May  2 12:40:14 Router daemon.info dnsmasq[12845]: using local addresses
> only for domain internal
> May  2 12:40:14 Router daemon.info dnsmasq[12845]: reading
> /etc/resolv.dnsmasq
>
> Note it hasn't worked out the prefix.  However if I change dnsmasq.conf
>
> enable-ra
> dhcp-range=tag:br0,::100, ::FFFF:FFFF:FFFF:FFFF, constructor:br0,
> ra-names, 12h   (ie start at the router's lan IPv6 address)
> dhcp-option=option6:24,"internal"
> dhcp-option=252,"\n"
> #log-dhcp
>
>
> Then syslog shows:
>
> May  2 12:53:47 Router daemon.info dnsmasq[13434]: started, version
> 2.67test2tomato cachesize 1500
> May  2 12:53:47 Router daemon.info dnsmasq[13434]: compile time options:
> IPv6 GNU-getopt no-RTC no-DBus no-i18n no-IDN DHCP DHCPv6 no-Lua TFTP
> no-conntrack ipset Tomato-helper auth
> May  2 12:53:47 Router daemon.warn dnsmasq[13434]: warning: interface
> ppp9 does not currently exist
> May  2 12:53:47 Router daemon.warn dnsmasq[13434]: warning: interface
> ppp8 does not currently exist
> May  2 12:53:47 Router daemon.warn dnsmasq[13434]: warning: interface
> ppp7 does not currently exist
> May  2 12:53:47 Router daemon.warn dnsmasq[13434]: warning: interface
> ppp6 does not currently exist
> May  2 12:53:47 Router daemon.warn dnsmasq[13434]: warning: interface
> ppp5 does not currently exist
> May  2 12:53:47 Router daemon.warn dnsmasq[13434]: warning: interface
> ppp4 does not currently exist
> May  2 12:53:47 Router daemon.info dnsmasq[13434]: asynchronous logging
> enabled, queue limit is 5 messages
> May  2 12:53:47 Router daemon.info dnsmasq-dhcp[13434]: DHCP, IP range
> 192.168.235.21 -- 192.168.235.254, lease time 12h
> May  2 12:53:47 Router daemon.info dnsmasq-dhcp[13434]: DHCPv6, IP range
> ::100 -- ::ffff:ffff:ffff:ffff, lease time 12h, template for br0
> May  2 12:53:47 Router daemon.info dnsmasq-dhcp[13434]: DHCPv4-derived
> IPv6 names on ::100, template for br0
> May  2 12:53:47 Router daemon.info dnsmasq-dhcp[13434]: router
> advertisement on ::100, template for br0
> May  2 12:53:47 Router daemon.info dnsmasq-dhcp[13434]: DHCPv6, IP range
> 2001:470:1f09:100::100 -- 2001:470:1f09:1ac:ffff:ffff:ffff:ffff, lease
> time 12h, constructed for br0
> May  2 12:53:47 Router daemon.info dnsmasq-dhcp[13434]: DHCPv4-derived
> IPv6 names on 2001:470:1f09:100::, constructed for br0
> May  2 12:53:47 Router daemon.info dnsmasq-dhcp[13434]: router
> advertisement on 2001:470:1f09:100::, constructed for br0
> May  2 12:53:47 Router daemon.info dnsmasq-dhcp[13434]: RTR-ADVERT(br0)
> 2001:470:1f09:100::
> May  2 12:53:47 Router daemon.info dnsmasq-dhcp[13434]: IPv6 router
> advertisement enabled
>
> Specifying the router's LAN IPv6 address as the start of the range was
> not how I anticipated this option to work.  And I don't think you do
> either based upon your above description.

It is how I expected it to work, exactly.

DHCP-PD client gets prefix, and assigns <prefix>::1 to LAN interface.

dnsmasq gives addresses between

<prefix>::2 and <prefix>::<whateveryouwant>

to clients on the LAN.

>
> So is this an oversight or some tomato based wierdness...either way, how
> can I help to sort it out?

Suggest an alternative, given that constructing a DHCP range based on 
any address in a prefix is not desirable.


Cheers,

Simon.

>
> Kevin
>
>
>
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

More information about the Dnsmasq-discuss mailing list