[Dnsmasq-discuss] Announce: dnsmasq-2.66

Jim Bos jim876 at xs4all.nl
Thu Apr 18 16:04:13 BST 2013


On 04/18/2013 10:41 AM, Simon Kelley wrote:
> On 17/04/13 16:56, Jim Bos wrote:
>> On 04/17/2013 03:08 PM, Simon Kelley wrote:
>>>              Add "constructed DHCP ranges" for DHCPv6. This is intended
>>>              for IPv6 routers which get prefixes dynamically via prefix
>>>              delegation. With suitable configuration, stateful DHCPv6
>>>              and RA can happen automatically as prefixes are delegated
>>>              and then deprecated, without having  to re-write the
>>>              dnsmasq configuration file or restart the daemon. Thanks to
>>>              Steven Barth for extensive testing and development work on
>>>              this idea.
>>
>> Simon,
>>
>> Excited about this new feature as I now have a hardcoded prefix (which
>> fortunately my ISP doesn't change very often).
>>
>> However, either I'm doing something wrong or there is something not
>> working:
>>
>> I changed
>> dhcp-range=2001:XXX:YYYY:ZZ::, ra-stateless, ra-names
>> enable-ra
>>
>> to
>>
>> dhcp-range=::,constructor:eth0, ra-stateless, ra-names
>> enable-ra
>>
>> And in the log I see this:
>>
>> Apr 17 17:11:24 dnsmasq[8972]: compile time options: IPv6 GNU-getopt
>> no-DBus i18n IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset auth
>>
>> Apr 17 17:11:24 dnsmasq-dhcp[8972]: DHCPv6 stateless on ::, template for
>> eth0
>> Apr 17 17:11:24 dnsmasq-dhcp[8972]: DHCPv4-derived IPv6 names on ::,
>> template for eth0
>> Apr 17 17:11:24 dnsmasq-dhcp[8972]: router advertisement on ::, template
>> for eth0
>> Apr 17 17:11:24 dnsmasq-dhcp[8972]: IPv6 router advertisement enabled
>>
>> However, NO  RA's are being sent on eth0  :-(
>>
>>
>> For reference, changing back the line I get
>>
>> Apr 17 17:34:25 dnsmasq[9198]: compile time options: IPv6 GNU-getopt
>> no-DBus i18n IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset auth
>>
>> Apr 17 17:34:25 dnsmasq-dhcp[9198]: DHCPv6 stateless on
>> 2001:XXXX:YYYY:ZZ::
>> Apr 17 17:34:25 dnsmasq-dhcp[9198]: DHCPv4-derived IPv6 names on
>> 2001:XXXX:YYYY:ZZ::
>> Apr 17 17:34:25 dnsmasq-dhcp[9198]: router advertisement on
>> 2001:XXXX:YYYY:ZZ::
>> Apr 17 17:34:25 dnsmasq-dhcp[9198]: IPv6 router advertisement enabled
>>
>> Apr 17 17:34:39 dnsmasq-dhcp[9198]: RTR-ADVERT(eth0) 2001:XXXX:YYYY:ZZ::
>> Apr 17 17:34:45 dnsmasq-dhcp[9198]: RTR-ADVERT(eth0) 2001:XXXX:YYYY:ZZ::
>>
>>
>> Jim
>>
>>
> 
> You need the host-identifier part of the address in the dhcp-range to
> match the host identifier part of the address on the local interface. So
> if your prefix is 2001:XXX:YYYY:ZZ:: and the address of eth0 is
> consequently set to, say
> 
> 2001:XXX:YYYY:ZZ::1
> 
> then you need a dhcp-range statement of
> 
> dhcp-range=::1 ,constructor:eth0, ra-stateless, ra-names
> 
> 
> The reason for this is that once advertisements are being sent for
> 2001:XXX:YYYY:ZZ:: then eth0 can easily end up with SLAAC address on
> that prefix as well as its hard-coded one. If any address in the prefix
> was ok to trigger RAs, then you could never get rid of a prefix simply
> deleting the original address from the interface.
> 
> 
> Cheers,
> 
> Simon.
> 

Ah, ok.  That does indeed work.
However, having a known address isn't as trivial as you might expect, I
get the network via prefix delegation on eth1 and that automatically set
on eth0.
Using wide-dhcp6c with config simular to this:

==
interface eth1 {
        send ia-pd 0;
        send rapid-commit;
        script "/usr/bin/dhcp6c-state";
        request domain-name-servers;
};

id-assoc pd 0 {
        prefix-interface eth0 {
                sla-id 1;
                sla-len 2;
        };
};
==

I.e. I actually don't manually set an IPv6 IP on eth0. But specifying in
the dhcp-range command the SLAAC interface-id part from the eth0
interface does seem to work, and that's a fixed (mac based) identifier.


BTW:
Having above prefix delegation integrated in dnsmasq would really be a
cool feature !   More and more people get native IPv6, and PD seems the
way this is usually done, but integrating some sort of dhcp-client on an
upstream interface with dnsmasq serving the downstream interface is
confusing many people.

Jim





More information about the Dnsmasq-discuss mailing list