[Dnsmasq-discuss] Announce: dnsmasq-2.66
Simon Kelley
simon at thekelleys.org.uk
Fri Apr 19 09:40:03 BST 2013
On 18/04/13 16:04, Jim Bos wrote:
> On 04/18/2013 10:41 AM, Simon Kelley wrote:
>> On 17/04/13 16:56, Jim Bos wrote:
>>> On 04/17/2013 03:08 PM, Simon Kelley wrote:
>>>> Add "constructed DHCP ranges" for DHCPv6. This is intended
>>>> for IPv6 routers which get prefixes dynamically via prefix
>>>> delegation. With suitable configuration, stateful DHCPv6
>>>> and RA can happen automatically as prefixes are delegated
>>>> and then deprecated, without having to re-write the
>>>> dnsmasq configuration file or restart the daemon. Thanks to
>>>> Steven Barth for extensive testing and development work on
>>>> this idea.
>>>
>>> Simon,
>>>
>>> Excited about this new feature as I now have a hardcoded prefix (which
>>> fortunately my ISP doesn't change very often).
>>>
>>> However, either I'm doing something wrong or there is something not
>>> working:
>>>
>>> I changed
>>> dhcp-range=2001:XXX:YYYY:ZZ::, ra-stateless, ra-names
>>> enable-ra
>>>
>>> to
>>>
>>> dhcp-range=::,constructor:eth0, ra-stateless, ra-names
>>> enable-ra
>>>
>>> And in the log I see this:
>>>
>>> Apr 17 17:11:24 dnsmasq[8972]: compile time options: IPv6 GNU-getopt
>>> no-DBus i18n IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset auth
>>>
>>> Apr 17 17:11:24 dnsmasq-dhcp[8972]: DHCPv6 stateless on ::, template for
>>> eth0
>>> Apr 17 17:11:24 dnsmasq-dhcp[8972]: DHCPv4-derived IPv6 names on ::,
>>> template for eth0
>>> Apr 17 17:11:24 dnsmasq-dhcp[8972]: router advertisement on ::, template
>>> for eth0
>>> Apr 17 17:11:24 dnsmasq-dhcp[8972]: IPv6 router advertisement enabled
>>>
>>> However, NO RA's are being sent on eth0 :-(
>>>
>>>
>>> For reference, changing back the line I get
>>>
>>> Apr 17 17:34:25 dnsmasq[9198]: compile time options: IPv6 GNU-getopt
>>> no-DBus i18n IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset auth
>>>
>>> Apr 17 17:34:25 dnsmasq-dhcp[9198]: DHCPv6 stateless on
>>> 2001:XXXX:YYYY:ZZ::
>>> Apr 17 17:34:25 dnsmasq-dhcp[9198]: DHCPv4-derived IPv6 names on
>>> 2001:XXXX:YYYY:ZZ::
>>> Apr 17 17:34:25 dnsmasq-dhcp[9198]: router advertisement on
>>> 2001:XXXX:YYYY:ZZ::
>>> Apr 17 17:34:25 dnsmasq-dhcp[9198]: IPv6 router advertisement enabled
>>>
>>> Apr 17 17:34:39 dnsmasq-dhcp[9198]: RTR-ADVERT(eth0) 2001:XXXX:YYYY:ZZ::
>>> Apr 17 17:34:45 dnsmasq-dhcp[9198]: RTR-ADVERT(eth0) 2001:XXXX:YYYY:ZZ::
>>>
>>>
>>> Jim
>>>
>>>
>>
>> You need the host-identifier part of the address in the dhcp-range to
>> match the host identifier part of the address on the local interface. So
>> if your prefix is 2001:XXX:YYYY:ZZ:: and the address of eth0 is
>> consequently set to, say
>>
>> 2001:XXX:YYYY:ZZ::1
>>
>> then you need a dhcp-range statement of
>>
>> dhcp-range=::1 ,constructor:eth0, ra-stateless, ra-names
>>
>>
>> The reason for this is that once advertisements are being sent for
>> 2001:XXX:YYYY:ZZ:: then eth0 can easily end up with SLAAC address on
>> that prefix as well as its hard-coded one. If any address in the prefix
>> was ok to trigger RAs, then you could never get rid of a prefix simply
>> deleting the original address from the interface.
>>
>>
>> Cheers,
>>
>> Simon.
>>
>
> Ah, ok. That does indeed work.
> However, having a known address isn't as trivial as you might expect, I
> get the network via prefix delegation on eth1 and that automatically set
> on eth0.
> Using wide-dhcp6c with config simular to this:
>
> ==
> interface eth1 {
> send ia-pd 0;
> send rapid-commit;
> script "/usr/bin/dhcp6c-state";
> request domain-name-servers;
> };
>
> id-assoc pd 0 {
> prefix-interface eth0 {
> sla-id 1;
> sla-len 2;
> };
> };
> ==
>
> I.e. I actually don't manually set an IPv6 IP on eth0. But specifying in
> the dhcp-range command the SLAAC interface-id part from the eth0
> interface does seem to work, and that's a fixed (mac based) identifier.
OK. That's a new one to me. Can you delete the address and have the
prefix go away, or does it get installed because dnsmasq is advertising
the prefix.
>
>
> BTW:
> Having above prefix delegation integrated in dnsmasq would really be a
> cool feature ! More and more people get native IPv6, and PD seems the
> way this is usually done, but integrating some sort of dhcp-client on an
> upstream interface with dnsmasq serving the downstream interface is
> confusing many people.
A whole DHCPv6 client is a lot of extra code. I'm actively working with
integrators to make this stuff work. The constructor: syntax came out of
collaboration with openWRT, for instance.
Cheers,
Simon.
>
> Jim
>
>
>
More information about the Dnsmasq-discuss
mailing list