Alter.Org.UA
 << Back Home UK uk   Donate Donate

Strict MAC-based DHCPv6 option + Prefix Distribution

by Alter (alterX@alter.org.ua (remove X))

However DHCPv6 option is named like in DHCPv4 (hardware ethernet), it operates in different way. Server extracts the DUID from client request - unique client identifier. Lower part of DUID may, but not must be constructed from MAC-address. Sometimes MAC of local interface is taken. Sometimes something other. There are several options:

  • prompt vendor to fix firmware :)
  • prompt client to change hardware or update/configure software (usually impossible)
  • learn server to take into account real MAC-address of the client.

Patch adds MAC-based IPv6 address assignment option to ISC DHCPD v4.2.4. By default DHCPv6 uses low part of Client DUID. If Client DUID is not recognized, we check MAC address. If it is not recognized too we use guest address pool. dhcpd.conf is not affected. Patch is also applicable to ISC DHCPD v4.2.5, but there is newer version for it (see below).

When we attempt to lease to client a prefix (Prefix distribution, PD) appeared that many home routers have buggy firmware. There is no warranty that assigned client address pool should be routed to the IPv6 address assigned via DHCPv6. Routers may use RtADV address or even only Link-local instead. So, we added explicit call to external script in order to setup route to client block of addresses via the IPv6 address it sends DHCP request from. See server\dhcpv6.c

#define ROUTE_BIN "/usr/local/bin/sudo /home/traf_check/rt6_upd.sh "

rt6_upd.sh (for FreeBSD)

#!/bin/sh
net=$1
mask=$2
gw=$3
gw2=`ndp -an | grep $3 | awk '{print $1;}'`
if [ "$gw2x" = "x" ] ; then
  exit 1
else
  /sbin/route -n add -inet6 $net -prefixlen $mask $gw2
  /sbin/route -n change -inet6 $net -prefixlen $mask $gw2
fi
exit 0

dhcpd6.conf

   host demo6-host {
      hardware ethernet 00:13:14:14:46:96;
      fixed-address6 2a01:d0:9:8::a1fa:f001;
      option dhcp6.fqdn "demo6-host.my-isp.com";
      fixed-prefix6 2a01:d0:3ff0:9700::/56;
   }

Patch download:
4.2.5dhcpdv6-4.2.5-P1_hwaddr_pd_dbg.rar/tgz (5.8 Kb/6 Kb)
4.2.4dhcpv6-4.2.4_hwaddr-dbg.rar/tgz (4.9 Kb/5 Kb) ISC-Bugs #32258

2015.01.15

See also:


FB or mail alterX@alter.org.ua (remove X)   Share
designed by Alter aka Alexander A. Telyatnikov powered by Apache+PHP under FBSD © 2002-2024