[Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

Geert Stappers stappers at stappers.nl
Thu Jul 23 16:47:11 BST 2020 

On Thu, Jul 23, 2020 at 03:11:59PM +0200, Pali Rohár wrote:
> On Thursday 23 July 2020 12:43:03 Kevin 'ldir' Darbyshire-Bryant wrote:
> > On 23 Jul 2020, at 09:35, Pali Rohár <pali.rohar at gmail.com> wrote:
> > > On Wednesday 22 July 2020 23:48:19 Petr Menšík wrote:
> > >> On 7/22/20 3:44 PM, Pali Rohár wrote:
> > >>> I do not see any benefit why to complicate things just because "IPv6
> > >>> addresses are many". I do not see nothing wrong on simple setup where
> > >>> device has one IPv6 address assigned by DHCPv6 server.
> > >> I think you are requesting breaking of DHCP definition RFCs. I see
> > >> nothing wrong with IPv6 assigned to MAC address. I think it is wrong, if
> > >> there are existing leases for the same address with different IAID.
> > > 
> > > The whole point of this patch is to make MAC --> IPv6 address assigning
> > > working. It means that IPv6 address must be leased to MAC address if
> > > assigning is based on MAC address and not on DUID/IAID.
> > > 
> > > If user set in configure file that for MAC address AB:CD:EF:AB:CD:EF
> > > must be assigned IPv6 address FD::1 then user would expect that host
> > > with address AB:CD:EF:AB:CD:EF would get IPv6 address FD::1.
> > <snippage>
> > 
> > If I may proffer this real life use case/scenario as found in my
> > very own home:
> > 
> > I have a couple of Qnap NAS boxes.  They speak legacy IP and IPv6.
> > These boxes sometimes offer services such as bittorrent to the
> > Internet. They live behind an Openwrt router/firewall, the very device
> > that runs dnsmasq offering DHCPv4/v6 leases.  For purposes of my own
> > sanity I lock the IPv4 address to the qnap devices MAC addresses,
> > thus I can enter unchanging and consistent entries in the firewall
> > for relevant hosts/ports.  I have an identical requirement for IPv6.
> > I need to be sure that these Qnap devices will land at a known,
> > consistent, effectively static IPv4/v6 address.
> > 
> > The IPv4 case is easily solved and supported.  The IPv6 case
> > (until recently..qnap changed something..and I don’t reboot as
> > much) was more challenging in that dnsmasq ignores the MAC address.
> > The DUID/IAID would change at different stages of the boot, leading
> > to dnsmasq thinking the address requested was being requested for
> > a new client as opposed to the same client simply rebooting.
> > 
> > There is a use case for locking/mapping IPv6 to MAC address whether
> > it violates RFCs or not.  For reasons of firewall pinholes I need
> > certain machines to land at certain addresses.  For ‘fun’ we
> > can discuss if this is a problem with/for upnp/natpnp
> 
> Hello Kevin! So you basically have similar/same feature request.
> 
> Could you test this dnsmasq patch if it helps with your setup?

That is does mean doing things you might never have done before.
Feel welcome to come with questions about it.


Regards
Geert Stappers
Who loves to see:  Yes, patch "foo" works for me.
-- 
Silence is hard to parse

More information about the Dnsmasq-discuss mailing list