[Dnsmasq-discuss] DHCPv6 and prefix length on clients
Niels Penneman
niels at penneman.org
Sat Jul 19 15:53:12 BST 2014
Hi all,
As an experiment, I am trying to set up a server as a hypervisor (KVM)
with number of VMs that will each serve a specific purpose (e.g.
database server, DNS server, ...).
I have one public IPv4 address so I will use NAT to route traffic from
outside to the appropriate VM. This requires the VMs to have a fixed IP
address. I'd like to use DHCP though, since it centralizes the IPv4
configuration in the DHCP server.
I got the above scenario to work by creating a bridge on the
hypervisors. All virtual network interfaces of the VMs are connected to
the bridge. The DHCP and DNS server for the VMs, dnsmasq, runs in its
own VM. Currently both the hypervisor and the DHCP server VM have a
static IP configuration. I am using 'reservations' to assign fixed IP
addresses to the other VMs using the 'dhcp-hostsfile' directive in the
dnsmasq configuration. This works flawlessly.
I also have native IPv6, and I was given a prefix with several addresses
that I can use. While it may be a good idea to give some of the VMs a
public IPv6 address, this is certainly does not hold for all of them.
For now, I want to try out a configuration with only one public IPv6
addresses. I would like to use DHCPv6 to hand out IPv6 addresses to
IPv6-enabled virtual machines, and use NAT on the hypervisor. Hence I
also require the DHCPv6 server to assign fixed addresses to the other
virtual machines.
Since dnsmasq has support for IPv6, I enabled DHCPv6 in dnsmasq by
adding a 'dhcp-range' directive to the configuration file:
dhcp-range=fdaa:aaaa:aaaa::3,fdaa:aaaa:aaaa::ffff,64
I've also assigned an IPv6 address to the dnsmasq VM. The output from
'ip addr list' contains:
inet6 fdaa:aaaa:aaaa::2/64 scope global
valid_lft forever preferred_lft forever
After saving this configuration, restarting dnsmasq and rebooting the
other VM, 'ip addr list' reports that the VM's IPv4 address is still
there and correct according to the reservation. I also notice that the
IPv6 address was assigned:
inet6 fdaa:aaaa:aaaa::97c4/128 scope global dynamic
valid_lft 3579sec preferred_lft 3579sec
... but it has a prefix length of 128. Hence, the VMs cannot see each other.
My configuration explicitly specifies a prefix length of 64; what could
cause the prefix length to be set to 128 on the DHCPv6 client side?
All VMs are running CentOS 7, using NetworkManager and dhclient (except
for the DHCP server VM which has a static IP configured through
NetworkManager). I currently don't know enough about DHCPv6 to debug
this using tcpdump to see whether the problem is with the DHCP server
side or DHCP client side (any pointers to relevant information are also
appreciated). I have found some websites mentioning NetworkManager in
some cases forces a prefix length of 128, and some others claiming it
forces a prefix length of 64, but all seem unrelated to my case.
The ultimate goal is to have reservations for DHCPv6 as well, so that
the VMs have a fixed address I can rely on for NAT. I have tried to make
reservations using the 'dhcp-hostsfile' and I have the same problem. I
can get them to work (using host ID instead of MAC), but once again the
prefix length is set to 128 on the client.
Suggestions to improve the setup are also welcome. If I don't need
DHCPv6 to assign reliably fixed addresses to my VMs (required for the
NAT setup) then don't hesitate to tell me about these alternatives.
Regards,
Niels Penneman
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 538 bytes
Desc: OpenPGP digital signature
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20140719/a5a91c30/attachment.sig>
More information about the Dnsmasq-discuss
mailing list