[Dnsmasq-discuss] Why dhcp6 still returns DHCPADVERSISE after allocate lease failed?
Buck Horn
buckhorn at weibsvolk.org
Thu Dec 19 10:51:23 UTC 2024
On 19.12.24 09:28, 胡义臻 wrote:
>
> Dear all, I start dnsmasq(version 2.86) with --dhcp-lease-max=1, only
> one DHCP lease can be allocated. I find that the behavior of IPv4 and
> IPv6 is inconsistent. IPv4 returns a DHCPNAK packet with log "no
> leases left". Although IPv6 does not allocate a lease in function
> lease_allocate, it still returns a DHCPADVERSISE packet and allocates
> an IPv6 address.
> (...)
>
> [root at localhost.localdomain /]$ip netns exec ns0 tcpdump -i veth0 -vvv
> port 546 or port 547
>
> dropped privs to tcpdump
>
> tcpdump: listening on veth0, link-type EN10MB (Ethernet), snapshot
> length 262144 bytes
>
> 15:55:18.192825 IP6 (flowlabel 0xffe1d, hlim 1, next-header UDP (17)
> payload length: 92) fe80::f03a:70ff:feb0:6dfe.dhcpv6-client >
> ff02::1:2.dhcpv6-server: [bad udp cksum 0xcbdd -> 0x890a!] dhcp6
> solicit (xid=3e98e (client-ID type 4) (option-request DNS-server
> DNS-search-list) (elapsed-time 0) (IA_NA IAID:1890610686 T1:3600
> T2:5400 (IA_ADDR 46:41::165a:c84d pltime:7200 vltime:10800)))
>
With IPv6, clients usually self-assign an address via SLAAC rather than
acquiring one via DHPCv6.
When a client uses SLAAC, it still would have to learn other network
details, like gateway or DNS servers to use.
Such a client would usually learn those via NDP router advertisements as
regularly advertised by your router.
Alternatively, it may also ask your DHCPv6 server to supply those details.
This is referred to as Stateless DHPCv6.
In your case, your logs show that a client is trying to solicit DNS
details via DHCPv6:
> dhcp6 solicit (xid=3e98e (client-ID type 4) (option-request
DNS-server DNS-search-list)
This would suggest that you see SLAAC and Stateless DHCPv6 in action -
normal behaviour.
If you want to force your clients to acquire a DHCPv6 lease and never
use SLAAC, you'd have to configure your router accordingly.
However, you should note that there are OSs that do not support DHCPv6
at all, Android being the most prominent example.
By disallowing SLAAC, you'd prevent those clients from acquiring an IPv6
address, which in theory could even completely cut them from network
access in absence of IPv4.
Kind regards,
Buck
More information about the Dnsmasq-discuss
mailing list