[Dnsmasq-discuss] Announce: dnsmasq-2.66

Simon Kelley simon at thekelleys.org.uk
Fri Apr 19 09:40:03 BST 2013 

On 18/04/13 16:04, Jim Bos wrote:
> On 04/18/2013 10:41 AM, Simon Kelley wrote:
>> On 17/04/13 16:56, Jim Bos wrote:
>>> On 04/17/2013 03:08 PM, Simon Kelley wrote:
>>>>               Add "constructed DHCP ranges" for DHCPv6. This is intended
>>>>               for IPv6 routers which get prefixes dynamically via prefix
>>>>               delegation. With suitable configuration, stateful DHCPv6
>>>>               and RA can happen automatically as prefixes are delegated
>>>>               and then deprecated, without having  to re-write the
>>>>               dnsmasq configuration file or restart the daemon. Thanks to
>>>>               Steven Barth for extensive testing and development work on
>>>>               this idea.
>>>
>>> Simon,
>>>
>>> Excited about this new feature as I now have a hardcoded prefix (which
>>> fortunately my ISP doesn't change very often).
>>>
>>> However, either I'm doing something wrong or there is something not
>>> working:
>>>
>>> I changed
>>> dhcp-range=2001:XXX:YYYY:ZZ::, ra-stateless, ra-names
>>> enable-ra
>>>
>>> to
>>>
>>> dhcp-range=::,constructor:eth0, ra-stateless, ra-names
>>> enable-ra
>>>
>>> And in the log I see this:
>>>
>>> Apr 17 17:11:24 dnsmasq[8972]: compile time options: IPv6 GNU-getopt
>>> no-DBus i18n IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset auth
>>>
>>> Apr 17 17:11:24 dnsmasq-dhcp[8972]: DHCPv6 stateless on ::, template for
>>> eth0
>>> Apr 17 17:11:24 dnsmasq-dhcp[8972]: DHCPv4-derived IPv6 names on ::,
>>> template for eth0
>>> Apr 17 17:11:24 dnsmasq-dhcp[8972]: router advertisement on ::, template
>>> for eth0
>>> Apr 17 17:11:24 dnsmasq-dhcp[8972]: IPv6 router advertisement enabled
>>>
>>> However, NO  RA's are being sent on eth0  :-(
>>>
>>>
>>> For reference, changing back the line I get
>>>
>>> Apr 17 17:34:25 dnsmasq[9198]: compile time options: IPv6 GNU-getopt
>>> no-DBus i18n IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset auth
>>>
>>> Apr 17 17:34:25 dnsmasq-dhcp[9198]: DHCPv6 stateless on
>>> 2001:XXXX:YYYY:ZZ::
>>> Apr 17 17:34:25 dnsmasq-dhcp[9198]: DHCPv4-derived IPv6 names on
>>> 2001:XXXX:YYYY:ZZ::
>>> Apr 17 17:34:25 dnsmasq-dhcp[9198]: router advertisement on
>>> 2001:XXXX:YYYY:ZZ::
>>> Apr 17 17:34:25 dnsmasq-dhcp[9198]: IPv6 router advertisement enabled
>>>
>>> Apr 17 17:34:39 dnsmasq-dhcp[9198]: RTR-ADVERT(eth0) 2001:XXXX:YYYY:ZZ::
>>> Apr 17 17:34:45 dnsmasq-dhcp[9198]: RTR-ADVERT(eth0) 2001:XXXX:YYYY:ZZ::
>>>
>>>
>>> Jim
>>>
>>>
>>
>> You need the host-identifier part of the address in the dhcp-range to
>> match the host identifier part of the address on the local interface. So
>> if your prefix is 2001:XXX:YYYY:ZZ:: and the address of eth0 is
>> consequently set to, say
>>
>> 2001:XXX:YYYY:ZZ::1
>>
>> then you need a dhcp-range statement of
>>
>> dhcp-range=::1 ,constructor:eth0, ra-stateless, ra-names
>>
>>
>> The reason for this is that once advertisements are being sent for
>> 2001:XXX:YYYY:ZZ:: then eth0 can easily end up with SLAAC address on
>> that prefix as well as its hard-coded one. If any address in the prefix
>> was ok to trigger RAs, then you could never get rid of a prefix simply
>> deleting the original address from the interface.
>>
>>
>> Cheers,
>>
>> Simon.
>>
>
> Ah, ok.  That does indeed work.
> However, having a known address isn't as trivial as you might expect, I
> get the network via prefix delegation on eth1 and that automatically set
> on eth0.
> Using wide-dhcp6c with config simular to this:
>
> ==
> interface eth1 {
>          send ia-pd 0;
>          send rapid-commit;
>          script "/usr/bin/dhcp6c-state";
>          request domain-name-servers;
> };
>
> id-assoc pd 0 {
>          prefix-interface eth0 {
>                  sla-id 1;
>                  sla-len 2;
>          };
> };
> ==
>
> I.e. I actually don't manually set an IPv6 IP on eth0. But specifying in
> the dhcp-range command the SLAAC interface-id part from the eth0
> interface does seem to work, and that's a fixed (mac based) identifier.

OK. That's a new one to me. Can you delete the address and have the 
prefix go away, or does it get installed because dnsmasq is advertising 
the prefix.

>
>
> BTW:
> Having above prefix delegation integrated in dnsmasq would really be a
> cool feature !   More and more people get native IPv6, and PD seems the
> way this is usually done, but integrating some sort of dhcp-client on an
> upstream interface with dnsmasq serving the downstream interface is
> confusing many people.

A whole DHCPv6 client is a lot of extra code. I'm actively working with 
integrators to make this stuff work. The constructor: syntax came out of 
collaboration with openWRT, for instance.



Cheers,

Simon.

>
> Jim
>
>
>

More information about the Dnsmasq-discuss mailing list