[Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address
Kevin 'ldir' Darbyshire-Bryant
ldir at darbyshire-bryant.me.uk
Thu Jul 23 13:43:03 BST 2020
> On 23 Jul 2020, at 09:35, Pali Rohár <pali.rohar at gmail.com> wrote:
>
> So finally something relevant to this patch...
>
> On Wednesday 22 July 2020 23:48:19 Petr Menšík wrote:
>> On 7/22/20 3:44 PM, Pali Rohár wrote:
>>> I do not see any benefit why to complicate things just because "IPv6
>>> addresses are many". I do not see nothing wrong on simple setup where
>>> device has one IPv6 address assigned by DHCPv6 server.
>> I think you are requesting breaking of DHCP definition RFCs. I see
>> nothing wrong with IPv6 assigned to MAC address. I think it is wrong, if
>> there are existing leases for the same address with different IAID.
>
> The whole point of this patch is to make MAC --> IPv6 address assigning
> working. It means that IPv6 address must be leased to MAC address if
> assigning is based on MAC address and not on DUID/IAID.
>
> If user set in configure file that for MAC address AB:CD:EF:AB:CD:EF
> must be assigned IPv6 address FD::1 then user would expect that host
> with address AB:CD:EF:AB:CD:EF would get IPv6 address FD::1.
<snippage>
If I may proffer this real life use case/scenario as found in my very own home:
I have a couple of Qnap NAS boxes. They speak legacy IP and IPv6. These boxes sometimes offer services such as bittorrent to the Internet. They live behind an Openwrt router/firewall, the very device that runs dnsmasq offering DHCPv4/v6 leases. For purposes of my own sanity I lock the IPv4 address to the qnap devices MAC addresses, thus I can enter unchanging and consistent entries in the firewall for relevant hosts/ports. I have an identical requirement for IPv6. I need to be sure that these Qnap devices will land at a known, consistent, effectively static IPv4/v6 address.
The IPv4 case is easily solved and supported. The IPv6 case (until recently..qnap changed something..and I don’t reboot as much) was more challenging in that dnsmasq ignores the MAC address. The DUID/IAID would change at different stages of the boot, leading to dnsmasq thinking the address requested was being requested for a new client as opposed to the same client simply rebooting.
There is a use case for locking/mapping IPv6 to MAC address whether it violates RFCs or not. For reasons of firewall pinholes I need certain machines to land at certain addresses. For ‘fun’ we can discuss if this is a problem with/for upnp/natpnp
Cheers,
Kevin D-B
gpg: 012C ACB2 28C6 C53E 9775 9123 B3A2 389B 9DE2 334A
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20200723/8b4b42df/attachment.sig>
More information about the Dnsmasq-discuss
mailing list