[Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

Pali Rohár pali.rohar at gmail.com
Tue May 26 09:52:05 BST 2020


On Thursday 21 May 2020 16:22:03 Geert Stappers wrote:
> On Sun, May 03, 2020 at 01:23:15PM +0200, Pali Rohár wrote:
> > Currently IPv6 addresses are assigned to tuple (IAID, DUID). When system
> > changes IAID/DUID then old assigned IPv6 address cannot be reused, even
> > when in config file was DHCPv6 assignment based on MAC address (and not on
> > DUID).
> > 
> > IAID/DUID is changed when rebooting from one operating system to another;
> > or after reinstalling system. In reality it is normal that DUID of some
> > machine is changed, so people rather assign also IPv6 addresses based on
> > MAC address.
> > 
> > So assigning IPv6 based on MAC address in dnsmasq is currently semi-broken.
> 
> How to reproduce that  semi-brokenness?

Take computer with Windows/Linux dual boot systems.

Configure MAC-based static IPv6 entry for that computer in dnsmasq and
set big enough lease time (e.g. day or more).

Boot computer into Windows and wait until dnsmasq assign it IPv6
address. It should match MAC-based entry in dnsmasq. Then reboot
computer into Linux system and again wait until it got assigned IPv6
address.

Normally it should get again same IPv6 address as it was assigned on
Windows, due to MAC-based static IPv6 entry in dnsmasq.

But in reality that static entry is ignored by dnsmasq and rather some
"random" address is assigned.

So assigning IPv6 addresses based on static MAC address in dnsmasq is
broken.

You can reproduce it not only with Windows/Linux, but with any two
DHCPv6 clients which use different IAID/DUID. E.g. PXE DHCPv6 client
(for network booting) and Linux DHCPv6 client.

dnsmasq without this patch refuse to assign MAC-based IPv6 static
address to computer with that MAC address, if that IPv6 address is still
leased to DHCPv6 client with different IAID.

In my above example/reproducer, IPv6 address was leased to Windows
DHCPv6 client and therefore dnsmasq refused to assign it to Linux DHCPv6
client, which in most cases have different IAID. Even both clients
(Windows and Linux) are on the same computer with same MAC address,
which matches MAC address in dnsmasq configuration file.

That is why I called IPv6 address assignment according to MAC address as
"semi-brokenness".

>  
> > This patch tries to fix it and honors IPv6 config rules with MAC address,
> > to always assign particular IPv6 address to specific MAC address (when
> > configured). And ignores the fact if IAID/DUID was changed.
> > 
> > Normally IPv6 address should be assigned by IAID/DUID (which also state
> > DHCPv6 RFCs), but dnsmasq has already some support for assigning IPv6
> > address based on MAC address, when users configured in config file.
> > 
> > So this patch just tries to fix above problem for user configuration with
> > MAC addresses. It does not change assignment based on DUID.
> > ---
> > 
> > This is my original patch rebased on top of current git master branch.
> 
> Acknowledge
> 
> 
> > Previous email with this patch probably dropped into spambox
> > and was not processed.
> 
>  (unspoken words +
>   http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2020q2/014018.html )
> 
> 
> > So please let me know if now this email was correctly received.
>  
> Recieved the patch and was able to  `git am` it.
> It did compile and passed the unittests.
> 
> No further check was done.  Mostly because not facing the problem that
> patch submitter has.  Probably some day I will, hence the above 'How to
> reproduce that  semi-brokenness?'
> 
> 
> >  src/rfc3315.c | 55 +++++++++++++++++++++++++++++++++++++++++++--------
> >  1 file changed, 47 insertions(+), 8 deletions(-)
> > 
> > diff --git a/src/rfc3315.c b/src/rfc3315.c
> > index b3f0a0a..e588b13 100644
> > --- a/src/rfc3315.c
> > +++ b/src/rfc3315.c
>      ... 142 lines of actual patch ...
> 
> 
> Groeten
> Geert Stappers
> -- 
> Silence is hard to parse
> 
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

-- 
Pali Rohár
pali.rohar at gmail.com



More information about the Dnsmasq-discuss mailing list