[Dnsmasq-discuss] [PATCH] DHCPv6 - network booting 'address in use'

Petr Menšík pemensik at redhat.com
Fri Sep 17 19:16:42 UTC 2021


Hi Harald, Simon,

I made an alternative change, which I think has similar output. I think
the use of DHCP6UNSPEC is suspicious itself and does not have any good
error code assigned by RFC 8415, because it should not result in an
error. I have tried to add also MUST require from the RFC, refusing
off-link requests with NotOnLink error. Not yet tested it myself, I have
no IPv6 booting environment available (yet). That is in patch1.

Patch2 is just bunch of const changes, reduction of repeated status code
filling into dedicated function. Should not change behaviour, just
reduces few lines and some cosmetic changes.

On 9/17/21 13:33, Harald Jensas wrote:
> On 9/16/21 21:32, Petr Menšík wrote:
>> Hi!
>>
>> There is also bug on Red Hat bugzilla [1] for this issue, which contains
>> a bit more comments about it.
>>
>> I would make short summary here. The problem is client on the same
>> machine with the same DUID and mac address requests IPv6. Before it
>> processes Advertisement, it requests IPv6 again, this time with
>> different IAID.
>>
>> So there are two different request, the only difference are IAID and
>> requested options set. Now if the second request gets processed first,
>> it assigns lease first. Consider --dhcp-sequential-ip is in use.
>> Then first request processes advertisement and attempts to request the
>> same IP.
>> Now it would fail.
>>
>> How should it react according to RFC 8415 [2]? In current situation,
>> dnsmasq responds with No address available error. Could it instead
>> respond with different address? How should the server and the client
>> behave, when advertised address is no longer available? Is it broken on
>> both sides?
>
> I think Petr may be on to something with "Could it instead respond
> with a different address?". It seems this is ok based on rfc8415
> 18.3.2 [1] which states the following:
> """
>    The server MAY assign different addresses and/or delegated prefixes
>    to an IA than those included within the IA of the client's Request
>    message.
> """
>
> With the below patch I got dnsmasq to reply with a new address to the
> request with the already leased address. This makes dnsmasq behave
> similar to kea-dhcp6, see Bugzilla comments #36 and #41 [2][3] which
> also contain a pcap files.
>
> I tested this with both static and dynamic configuration,
> "sequential-ip" enabled, and it seems to work.
>
> If I change the 'dhcp-host' entry in the static config to contain just
> *one* address, it fails as expected with:
>   option: 13 status  2 address unavailable
>   option: 13 status  2 no addresses available
>
>
> I tested with the following configurations ...
>
> Static config:
> --------------
> log-dhcp
> port=0
> dhcp-range=set:range0,2001::,static,64,10m
> dhcp-host=00:84:ed:01:00:10,tag:dhcpv6,client.localdomain,[2001::20],[2001::21],[2001::22],[2001::23]
>
> dhcp-sequential-ip
> # dhcpv6s for Client System Architecture Type (61)
> dhcp-match=set:efi6,option6:61,0007
> dhcp-match=set:efi6,option6:61,0009
> dhcp-match=set:efi6,option6:61,0011
> dhcp-option=tag:efi6,option6:bootfile-url,tftp://[2001::2]/shimx64.efi
>
> Dynamic config with sequential-ip:
> ---------------------------------
> log-dhcp
> port=0
>
> dhcp-range=set:range0,2001::10,2001::100,64,10m
> dhcp-sequential-ip
> # dhcpv6s for Client System Architecture Type (61)
> dhcp-match=set:efi6,option6:61,0007
> dhcp-match=set:efi6,option6:61,0009
> dhcp-match=set:efi6,option6:61,0011
> dhcp-option=tag:efi6,option6:bootfile-url,tftp://[2001::2]/shimx64.efi
>
>
>
> Regards,
> Harald
>
> [1] https://datatracker.ietf.org/doc/html/rfc8415#section-18.3.2
> [2] https://bugzilla.redhat.com/show_bug.cgi?id=1998448#c36
> [3] https://bugzilla.redhat.com/show_bug.cgi?id=1998448#c41
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

-- 
Petr Menšík
Software Engineer
Red Hat, http://www.redhat.com/
email: pemensik at redhat.com
PGP: DFCF908DB7C87E8E529925BC4931CA5B6C9FC5CB
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20210917/57310b66/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0002-Move-dhcp6-status-code-to-subroutine-add-consts.patch
Type: text/x-patch
Size: 12943 bytes
Desc: not available
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20210917/57310b66/attachment-0002.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Offer-alternative-DHCPv6-address-if-requested-is-tak.patch
Type: text/x-patch
Size: 3846 bytes
Desc: not available
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20210917/57310b66/attachment-0003.bin>


More information about the Dnsmasq-discuss mailing list