[Dnsmasq-discuss] DHCPv6 with multiple IA

Bertrand Jacquin bertrand at jacquin.bzh
Tue Feb 6 22:29:02 UTC 2024 

Hi,

As per RFC8415 section 21.6, IA Address option 5 offered by the server
specifying (temporary or not) address, may appear more than once so the
client can be offered more than one address to use.

This is supported by AWS EC2 (aws ec2 assign-ipv6-addresses
--ipv6-address-count), allowing to segment IP address for different
usage (container, application specific ..) where DHCP reply look like
the following (full pcap attached):

    Identity Association for Non-temporary Address
        Option: Identity Association for Non-temporary Address (3)
        Length: 96
        IAID: 16092fc9
        T1: 70
        T2: 112
        IA Address
            Option: IA Address (5)
            Length: 24
            IPv6 address: 2a05:d018:c28:1a00::e564
            Preferred lifetime: 140
            Valid lifetime: 450
        IA Address
            Option: IA Address (5)
            Length: 24
            IPv6 address: 2a05:d018:c28:1a00::3504
            Preferred lifetime: 140
            Valid lifetime: 450
        IA Address
            Option: IA Address (5)
            Length: 24
            IPv6 address: 2a05:d018:c28:1a00::3501
            Preferred lifetime: 140
            Valid lifetime: 450

Looking at replicating such setup with dnsmasq, --dhcp-host
documentation specifies "A single --dhcp-host may contain an IPv4
address or one or more IPv6 addresses, or both" by providing a prefix
length. However it appears dnsmasq only ever assign a single address to
the client based on DUID.

Is my understand correct ? How could dnsmasq be configured to return
multiple IA option 5 for a given client ?

Thanks,

-- 
Bertrand
-------------- next part --------------
A non-text attachment was scrubbed...
Name: dhcp.pcap
Type: application/vnd.tcpdump.pcap
Size: 865 bytes
Desc: not available
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20240206/b1b74897/attachment.pcap>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20240206/b1b74897/attachment.sig>

More information about the Dnsmasq-discuss mailing list