[Dnsmasq-discuss] Cannot force IPv6 address change for host
Matthias.Stoeckl at secunet.com
Tue Jan 17 12:02:33 GMT 2017
I'm trying to change the IPv6 address that is assigned to a certain host's mac address.
The server with dnsmasq is running on a native linux system (with kernel v4.6.5). The client is running as guest system within a VirtualBox session with Ubuntu 16.04.1. The DHCP client software within the guest system is the NetworkManager setup to request only IPv6 addresses in automatic mode (probably considering the RA bits managed and other configuration).
The dnsmasq configuration configured a static dhcpv6 range and a single dhcp-host entry within a dhcp-hostsdir directory:
# disable DNS
# start, end, subnet, broadcast, lease time
The file /tmp/hosts/hosts1 has the following contents:
Initially the host was assigned the ::5 address within the network. I then tried to change the address to ::7.
The following methods were tried in that order:
- modify the host assigned in the according file in the dhcp-hostsdir directory
- completely restart the dnsmasq
- restart the host which is the DHCP client
In each of these cases the host still has the same old address assigned after the DHCP step.
The host sends a DHCPv6 confirm message with the old IP.
Dnsmasq answers with a DHCPv6 reply message that allows the host to keep using the old IP address, even though the static IPv6 assignment of this host's mac address was modified.
The only way we figured out to force an IP change, was to delete the NetworkManager's .lease file. Then a new DHCPREQUEST is sent from the client and the correct address ::7 is assigned to the client in the DHCPREPLY.
We are trying to explicitly manage the assignment of IP addresses for all hosts. The assignment of an IPv6 address for a guest system can change whenever the guest system is newly started. In this case a DHCPCONFIRM request of the DHCP client needs to be rejected so the client is forced to send a DHCPREQUEST for a new address.
Did we miss any option that would allow us to do that? Is this a missing feature?
Thanks a lot,
More information about the Dnsmasq-discuss