http://bering-uclibc.zetam.org/index.php?title=Bering-uClibc_5.x_-_User_Guide_-_IPv6_Networking_-_Configure_DHCPv6&feed=atom&action=historyBering-uClibc 5.x - User Guide - IPv6 Networking - Configure DHCPv6 - Revision history2024-03-28T19:20:37ZRevision history for this page on the wikiMediaWiki 1.26.0http://bering-uclibc.zetam.org/index.php?title=Bering-uClibc_5.x_-_User_Guide_-_IPv6_Networking_-_Configure_DHCPv6&diff=1355&oldid=prevKapeka: Created page with '{| summary="Navigation header" width="100%" ! colspan="3" align="center" | [[Bering-uClibc 5.x - User Guide - IPv6 Networking - Configure DHCPv6|IPv6 Networking - Configure DHCPv…'2012-10-26T14:07:00Z<p>Created page with '{| summary="Navigation header" width="100%" ! colspan="3" align="center" | [[Bering-uClibc 5.x - User Guide - IPv6 Networking - Configure DHCPv6|IPv6 Networking - Configure DHCPv…'</p>
<p><b>New page</b></p><div>{| summary="Navigation header" width="100%"<br />
! colspan="3" align="center" | [[Bering-uClibc 5.x - User Guide - IPv6 Networking - Configure DHCPv6|IPv6 Networking - Configure DHCPv6]]<br />
|-<br />
| width="20%" align="left" | [[Bering-uClibc 5.x - User Guide - IPv6 Networking - Configure Router Advertisements|Prev]]<br />
! width="60%" align="center" | [[Bering-uClibc 5.x - User Guide]]<br />
| width="20%" align="right" | <br />
|}<br />
----<br />
<br />
<br />
==Introduction==<br />
While Stateless Autoconfiguration using Router Advertisements is sufficient for some IPv6 networks, DHCPv6 provides a mechanism for better managing which IPv6 addresses get allocated to which clients and permits clients to be automatically informed of DNS servers, NTP servers and other local network resources which would otherwise need to be configured manually.<br />
<br />
DHCPv6 is defined by a number of RFCs, most notably RFC 3315.<br />
<br />
The most common use case for a [[Bering-uClibc]] machine will be acting as a DHCPv6 ''server'' while also acting as an IPv6 router, providing a full set of IPv6 services to clients on one or more internal networks.<br />
Alternative, but less common use cases will be:<br />
* Acting as a DHCPv6 ''client''<br />
** Actually, for anyone with a native IPv6 connection, this is rather important to replace <code class="filename">dhcpcd.lrp</code><br />
* Acting as a DHCPv6 ''relay''<br />
<br />
==DHCPv6 Software Candidates==<br />
There are three main candidates for DHCPv6 software for Linux and hence for [[Bering-uClibc 5.x]]:<br />
* [http://klub.com.pl/dhcpv6/ Dibbler], a dedicated IPv6 DHCP server, relay or client.<br />
** Dibbler seems to provide better diagnostic messages than ISC DHCP when running as a DHCPv6 server.<br />
* [http://www.isc.org/software/dhcp ISC DHCP], a generic DHCP solution which includes IP(v4) as well as IPv6 DHCP server and client capabilities.<br />
** The ISC DHCP server takes command-line arguments which specify either IPv4 (-4) or IPv6 (-6) behaviour. These are mutually exclusive, in other words a <code class="filename">dhcpd</code> process can run in either IPv4 mode or IPv6, but not both. Two separate processes must be run in order to support both DHCPv4 and DHCPv6 at the same time.<br />
** In many ways this is A Good Thing. In particular, it means that <code class="filename">dhcpd</code> in IPv6 mode can run alongside an existing IPv4 DHCP server like <code class="filename">dnsmasq</code>.<br />
** The ISC DHCP server supports automatic fail-over between two DHCP server machines.<br />
** See http://www.ipamworldwide.com/dhcp-options/isc-dhcpv6-options.html for details of the DHCPv6 option syntax.<br />
** See also http://tldp.org/HOWTO/Linux+IPv6-HOWTO/hints-daemons-isc-dhcp.html for more configuration hints.<br />
* [http://www.thekelleys.org.uk/dnsmasq/doc.html Dnsmasq], the well known IP(v4) DHCP and DNS server.<br />
** This started to support IPv6 and DHCPv6 at version 2.60.<br />
** Available from [[Bering-uClibc 4.3]] onwards.<br />
** Unlike the ISC DHCP server a single dnsmasq process can support IP(v4) as well as IPv6, which makes for a smaller memory footprint.<br />
** Unlike both other candidates dnsmasq can also provide Router Advertisements and hence replace radvd as well, further reducing system resource requirements.<br />
<br />
Of these, Dnsmasq is the preferred solution for [[Bering-uClibc 4.3]] onwards since it provides enough functionality for most users while making efficient use of system resources.<br />
<br />
The other alternatives are still supported since they offer more advanced functionality in some cases.<br />
DHCPv6 is still relatively new and testing by [[User:Davidmbrooke|Davidmbrooke]] and others has exposed issues with various different DHCPv6 ''client'' implementations. In some cases the alternative DHCPv6 ''server'' implementations offer better compatibility with particular clients.<br />
<br />
==General Considerations==<br />
===As well as, not instead of Router Advertisements===<br />
DHCPv6 is not a replacement for Router Advertisements. These are still required, most notably so that the Default IPv6 Gateway can be identified (there is no way to define a Default Gateway using DHCPv6).<br />
<br />
It is necessary to slightly change the Router Advertisement configuration in order to specify that a client should ''also'' initiate a DHCPv6 transaction.<br />
Depending on the desired behaviour, two Router Advertisement configuration settings can be relevant:<br />
* <tt>AdvManagedFlag</tt> can be used to set the "M" flag in the Router Advertisement, which means that a client should use DHCPv6 to obtain a stateful IPv6 address (and potentially other network settings as well).<br />
* <tt>AdvOtherConfigFlag</tt> can be used to set the "O" flag in the Router Advertisement, which means that DHCPv6 should be used to obtain other network settings (such as a DNS or NTP server), most likely for use in conjunction with an auto-configured IPv6 address.<br />
The relevant Radvd configuration field must be set to "<tt>on</tt>" for each interface where DHCPv6 is being used (or the equivalent dnsmasq configuration directive should be selected if dnsmasq is used rather than radvd).<br />
<br />
If <tt>AdvManagedFlag</tt> is set to "<tt>on</tt>" then implicitly <tt>AdvOtherConfigFlag</tt> is set to "<tt>on</tt>" as well. A DHCPv6 client which obtains an IPv6 address via DHCPv6 will also obtain other settings via DHCPv6.<br />
<br />
'''Note:''' It is legitimate to specify <tt>AdvManagedFlag on</tt> ''at the same time as'' <tt>AdvAutonomous on</tt>. However, different DHCPv6 clients seem to react differently when this is done and the results can be difficult to predict.<br />
<br />
===Firewall rules===<br />
A DHCPv6 server (or relay) listens on UDP port 547, so if Shorewall6 is being used this must have a Rule to accept traffic on this port for each interface where DHCPv6 is being used.<br />
* This rule is configured automatically if the "<tt>dhcp</tt>" option is specified for the interface in <code class="filename">/etc/shorewall6/interfaces</code><br />
A DHCPv6 client listens on UDP port 546 so the DHCPv6 server firewall must also be allowed to send to this port and any DHCPv6 client firewall must be allowed to listen on this port.<br />
<br />
==Dnsmasq==<br />
===Configuration===<br />
The IPv6 entries are simply added to the standard dnsmasq configuration file, <code class="filename">/etc/dnsmasq.conf</code>.<br />
====Dynamic IPv6 Address Assignment from a Range====<br />
To enable basic DHCPv6 dynamic address assignment behaviour add a line like the following (replace <tt>2001:db8:1:1::</tt> with your own IPv6 network address.):<br />
dhcp-range=2001:db8:1:1::10:1, 2001:db8:1:1::10:ffff, 64, 12h<br />
Multiple lines can be added (with different addresses) if you wish to enable Router Advertisements on multiple network interfaces.<br />
<br />
====Fixed IPv6 Address Assignment based on DUID====<br />
Fixed IPv6 addresses cannot be assigned based on MAC address but they can be assigned based on a client's DHCP Unique Identifier (DUID).<br />
For example:<br />
dhcp-host=id:00:01:00:01:16:d2:83:fc:92:d4:19:e2:d8:b2, myclient, [2001:db8:1:1::7]<br />
<br />
====For All DHCPv6 Variants====<br />
In order to ensure that Router Advertisements are generated when DHCPv6 is in use un-comment the following line:<br />
enable-ra<br />
This causes dnsmasq to issue Router Advertisements for all interfaces on which DHCPv6 is active.<br />
By default these RAs specify that:<br />
* The "Managed" flag is set<br />
** So DHCPv6 will be used to obtain an IPv6 address<br />
* The "OtherConfig" flag is set<br />
** So DHCPv6 will be used to obtain other IPv6 configuration settings (e.g. DNS server, NTP server)<br />
* The "Autonomous" flag is ''not'' set<br />
** So a StateLess Automatic Address Configuration (SLAAC) address will not be used<br />
These defaults can be over-ridden by other dnsmasq configuration settings. Refer to the comments in the dnsmasq configuration file for further details.<br />
<br />
<br />
Once configuration is complete the <tt>dnsmasq</tt> daemon must be (re)started:<br />
svi dnsmasq restart<br />
<br />
==Dibbler==<br />
The [http://klub.com.pl/dhcpv6/ Dibbler] download includes source code to build three separate executables:<br />
* <code class="filename">dibbler-server</code> which is a regular DHCPv6 server.<br />
* <code class="filename">dibbler-relay</code> which is a cut-down server to relay traffic to a DHCPv6 server running on another machine.<br />
* <code class="filename">dibbler-client</code> which is a DHCPv6 client.<br />
<br />
At this time, only the "server" is packaged for [[Bering-uClibc 5.x]].<br />
The "relay" and "client" may be added in the future.<br />
<br />
===Dibbler Server===<br />
====Packages====<br />
The "server" capability is available for [[Bering-uClibc 5.x]] in the form of the <code class="filename">dibbler-server.lrp</code> Package.<br />
This depends on <code class="filename">libcxx.lrp</code>.<br />
<br />
====Modules====<br />
There are no specific kernel Modules required for Dibbler.<br />
<br />
====Configuration====<br />
The Dibbler server has a single configuration file: <code class="filename">/etc/dibbler/server.conf</code>.<br />
The initial version included in the <code class="filename">dibbler-server.lrp</code> Package is just the standard example from the Dibbler distribution.<br />
<br />
The full documentation is available in the user manual, available as [http://www.klub.com.pl/var/svn/dibbler/trunk/doc/dibbler-user.pdf dibbler-user.pdf]. (Note that this link points to the master configuration management repository for the Dibbler software and might refer to a later version of Dibbler than is packaged for [[Bering-uClibc 5.x]]).<br />
<br />
The basic structure of <code class="filename">/etc/dibbler/server.conf</code> is as follows:<br />
* A header section which contains configuration settings which apply in "global scope".<br />
* A set of per-interface configuration blocks, each of which takes settings in "interface scope".<br />
<br />
A very simple example file is shown below:<br />
# Global settings<br />
log-level 8<br />
preference 9<br />
stateless<br />
<br />
# Internal network interface<br />
iface "eth1" {<br />
option lifetime 1800<br />
option domain private.network<br />
option dns-server 2001:db8:1:1::1<br />
}<br />
Note in particular the "<tt>stateless</tt>" setting which indicates that this server should not issue IPv6 address to clients but is only serving "other" (as in <tt>AdvOtherConfigFlag</tt>) configuration details such as DNS settings. Since this is a global setting it applies to all interfaces. If any interface is serving IPv6 addresses this setting must be removed.<br />
<br />
====Runtime Files====<br />
Log messages are written to file <code class="filename">/var/log/dibbler/dibbler-server.log</code>.<br />
<br />
The "<tt>log-level</tt>" specified in the configuration file governs the volume of log output generated.<br />
<br />
Other files containing run-time state information are written to the <code class="filename">/var/lib/dibbler/</code> directory.<br />
<br />
====Debugging====<br />
In case of problems, you can run the <code class="filename">dibbler-server</code> executable in the foreground, displaying any error messages, with the following command:<br />
dibbler-server run<br />
<br />
==ISC DHCP==<br />
As with Dibbler, the [http://www.isc.org/software/dhcp ISC DHCP] download includes source code to build three separate executables:<br />
* <code class="filename">dhcpd</code> which is a DHCP(v4) or DHCPv6 server.<br />
* <code class="filename">dhrelay</code> which is a cut-down server to relay traffic to a DHCP(v4) or DHCPv6 server running on another machine.<br />
* <code class="filename">dhclient</code> which is a DHCP(v4) or DHCPv6 client.<br />
<br />
Again just as with Dibbler, at this time, only the "server" is packaged for [[Bering-uClibc 5.x]].<br />
The "relay" and "client" may be added in the future.<br />
<br />
===ISC DHCP Server===<br />
====Packages====<br />
The "server" capability is available for [[Bering-uClibc 5.x]] in the form of the <code class="filename">dhcpd.lrp</code> Package. This name was chosen for compatibility with the Package name used for old, IPv4-only versions of the ISC DHCP code.<br />
This Package has no dependencies.<br />
<br />
The optional <code class="filename">omshell</code> utility (the ISC DHCP server Object Management API shell) is available in the separate <code class="filename">omshell.lrp</code> Package.<br />
<br />
====Modules====<br />
There are no specific kernel Modules required for ISC DHCP.<br />
<br />
====Configuration====<br />
TODO<br />
<br />
<br />
----<br />
{| summary="Navigation footer" width="100%"<br />
| width="40%" align="left" | [[Bering-uClibc 5.x - User Guide - IPv6 Networking - Configure Router Advertisements|Prev]]<br />
| width="20%" align="center" | [[Bering-uClibc 5.x - User Guide - IPv6 Networking|Up]]<br />
| width="40%" align="right" | <br />
|}<br />
<br />
[[Category:Bering-uClibc 5.x]]<br />
[[Category:User Guide]]</div>Kapeka