Send dhcp-users mailing list submissions to dhcp-users@lists.isc.org
To subscribe or unsubscribe via the World Wide Web, visit https://lists.isc.org/mailman/listinfo/dhcp-users or, via email, send a message with subject or body 'help' to dhcp-users-requ...@lists.isc.org You can reach the person managing the list at dhcp-users-ow...@lists.isc.org When replying, please edit your Subject line so it is more specific than "Re: Contents of dhcp-users digest..." Today's Topics: 1. Re: ISC DHCPv6-BIND9 DDNS update problem (Mirsad Goran Todorovac) ---------------------------------------------------------------------- Message: 1 Date: Thu, 9 Jun 2022 11:58:31 +0200 From: Mirsad Goran Todorovac <mirsad.todoro...@alu.unizg.hr> To: dhcp-users@lists.isc.org Subject: Re: ISC DHCPv6-BIND9 DDNS update problem Message-ID: <ac559a59-08d1-d257-838c-44cd2779e...@alu.unizg.hr> Content-Type: text/plain; charset="utf-8"; Format="flowed" P.P.S. I have turned off NIC checksum offloading by `ethtool -K eth1 rx off tx off`. Now the UDP checksum should be calculated in the kernel (slower). 11:54:40.438248 IP6 (hlim 1, next-header UDP (17) payload length: 103) fe80::9418:9a22:54b8:743f.546 > ff02::1:2.547: [udp sum ok] dhcp6 solicit (xid=a1f102 (elapsed-time 0) (client-ID hwaddr/time type 1 time 499890753 f0761c5b0dd5) (IA_NA IAID:338441082 T1:0 T2:0) (Client-FQDN) (vendor-class) (option-request DNS-search-list DNS-server vendor-specific-info Client-FQDN)) 11:54:40.438928 IP6 (flowlabel 0x82364, hlim 64, next-header UDP (17) payload length: 159) fe80::f21f:afff:fef1:420a.547 > fe80::9418:9a22:54b8:743f.546: *[udp sum ok]* dhcp6 advertise (xid=a1f102 (IA_NA IAID:338441082 T1:3600 T2:7200 (IA_ADDR 2001:b68:2:2800::10:139d pltime:604800 vltime:3600)) (client-ID hwaddr/time type 1 time 499890753 f0761c5b0dd5) (server-ID hwaddr/time type 1 time 707489786 f01faff1420a) (preference 255) (DNS-search-list local.alu.hr. alu.hr.) (DNS-server 2001:b68:2:2800::3 2001:b68:c:2::70:0)) 11:54:41.445113 IP6 (hlim 1, next-header UDP (17) payload length: 103) fe80::9418:9a22:54b8:743f.546 > ff02::1:2.547: [udp sum ok] dhcp6 solicit (xid=a1f102 (elapsed-time 100) (client-ID hwaddr/time type 1 time 499890753 f0761c5b0dd5) (IA_NA IAID:338441082 T1:0 T2:0) (Client-FQDN) (vendor-class) (option-request DNS-search-list DNS-server vendor-specific-info Client-FQDN)) Now the checksums are OK, however the server still doesn't receive Request or Confirm message from the client. I'm pretty much out of ideas. Mirsad On 9.6.2022. 11:22, Mirsad Goran Todorovac wrote: > > P.S. > > We are using ISC DHCP 4.4.3 and BIND 9.16.27 on a Debian 10 Buster > system with 4.19.235-1 kernel and libc6:amd64 2.28-10+deb10u1. > > root@domac:~# ldd /usr/local/sbin/dhcpd > ??????? linux-vdso.so.1 (0x00007ffc7afdb000) > ??????? libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f0671607000) > ??????? /lib64/ld-linux-x86-64.so.2 (0x00007f0671c05000) > root@domac:~# > > We have updated the network configuration on the router to not relay > to DHCPv6 on our domac sever but to advertise DHCPv6 server presence > on the subnet. > > Now the log looks like this: > > Jun? 9 11:04:41 domac dhcpd: Solicit message from > fe80::cff:4b3a:be79:cec0 port 546, transaction ID 0xA2D9AB00 > Jun? 9 11:04:41 domac dhcpd: Picking pool address 2001:b68:2:2800::10:1228 > Jun? 9 11:04:41 domac dhcpd: Advertise NA: address > 2001:b68:2:2800::10:1228 to client with duid > 00:01:00:01:2a:30:9a:4a:7c:6d:62:89:b4:29 iaid = 0 valid for 3600 seconds > Jun? 9 11:04:41 domac dhcpd: Sending Advertise to > fe80::cff:4b3a:be79:cec0 port 546 > Jun? 9 11:04:41 domac dhcpd: Solicit message from > fe80::cff:4b3a:be79:cec0 port 546, transaction ID 0xA2D9AB00 > Jun? 9 11:04:41 domac dhcpd: Picking pool address 2001:b68:2:2800::10:1228 > Jun? 9 11:04:41 domac dhcpd: Advertise NA: address > 2001:b68:2:2800::10:1228 to client with duid > 00:01:00:01:2a:30:9a:4a:7c:6d:62:89:b4:29 iaid = 0 valid for 3600 seconds > Jun? 9 11:04:41 domac dhcpd: Sending Advertise to > fe80::cff:4b3a:be79:cec0 port 546 > Jun? 9 11:04:42 domac dhcpd: Solicit message from > fe80::cff:4b3a:be79:cec0 port 546, transaction ID 0xA2D9AB00 > Jun? 9 11:04:42 domac dhcpd: Picking pool address 2001:b68:2:2800::10:1228 > Jun? 9 11:04:42 domac dhcpd: Advertise NA: address > 2001:b68:2:2800::10:1228 to client with duid > 00:01:00:01:2a:30:9a:4a:7c:6d:62:89:b4:29 iaid = 0 valid for 3600 seconds > Jun? 9 11:04:42 domac dhcpd: Sending Advertise to > fe80::cff:4b3a:be79:cec0 port 546 > Jun? 9 11:04:42 domac dhcpd: Solicit message from > fe80::cff:4b3a:be79:cec0 port 546, transaction ID 0xA2D9AB00 > Jun? 9 11:04:42 domac dhcpd: Picking pool address 2001:b68:2:2800::10:1228 > Jun? 9 11:04:42 domac dhcpd: Advertise NA: address > 2001:b68:2:2800::10:1228 to client with duid > 00:01:00:01:2a:30:9a:4a:7c:6d:62:89:b4:29 iaid = 0 valid for 3600 seconds > Jun? 9 11:04:42 domac dhcpd: Sending Advertise to > fe80::cff:4b3a:be79:cec0 port 546 > Jun? 9 11:04:44 domac dhcpd: Solicit message from > fe80::cff:4b3a:be79:cec0 port 546, transaction ID 0xA2D9AB00 > Jun? 9 11:04:44 domac dhcpd: Picking pool address 2001:b68:2:2800::10:1228 > Jun? 9 11:04:44 domac dhcpd: Advertise NA: address > 2001:b68:2:2800::10:1228 to client with duid > 00:01:00:01:2a:30:9a:4a:7c:6d:62:89:b4:29 iaid = 0 valid for 3600 seconds > Jun? 9 11:04:44 domac dhcpd: Sending Advertise to > fe80::cff:4b3a:be79:cec0 port 546 > Jun? 9 11:04:44 domac dhcpd: Solicit message from > fe80::cff:4b3a:be79:cec0 port 546, transaction ID 0xA2D9AB00 > Jun? 9 11:04:44 domac dhcpd: Picking pool address 2001:b68:2:2800::10:1228 > Jun? 9 11:04:44 domac dhcpd: Advertise NA: address > 2001:b68:2:2800::10:1228 to client with duid > 00:01:00:01:2a:30:9a:4a:7c:6d:62:89:b4:29 iaid = 0 valid for 3600 seconds > Jun? 9 11:04:44 domac dhcpd: Sending Advertise to > fe80::cff:4b3a:be79:cec0 port 546 > Jun? 9 11:04:48 domac dhcpd: Solicit message from > fe80::cff:4b3a:be79:cec0 port 546, transaction ID 0xA2D9AB00 > Jun? 9 11:04:48 domac dhcpd: Picking pool address 2001:b68:2:2800::10:1228 > Jun? 9 11:04:48 domac dhcpd: Advertise NA: address > 2001:b68:2:2800::10:1228 to client with duid > 00:01:00:01:2a:30:9a:4a:7c:6d:62:89:b4:29 iaid = 0 valid for 3600 seconds > Jun? 9 11:04:48 domac dhcpd: Sending Advertise to > fe80::cff:4b3a:be79:cec0 port 546 > Jun? 9 11:04:48 domac dhcpd: Solicit message from > fe80::cff:4b3a:be79:cec0 port 546, transaction ID 0xA2D9AB00 > Jun? 9 11:04:48 domac dhcpd: Picking pool address 2001:b68:2:2800::10:1228 > Jun? 9 11:04:48 domac dhcpd: Advertise NA: address > 2001:b68:2:2800::10:1228 to client with duid > 00:01:00:01:2a:30:9a:4a:7c:6d:62:89:b4:29 iaid = 0 valid for 3600 seconds > Jun? 9 11:04:48 domac dhcpd: Sending Advertise to > fe80::cff:4b3a:be79:cec0 port 546 > > Apparently, the client fe80::cff:4b3a:be79:cec0 never receives DHCPv6 > Advertisement with assigned address from domac server, so it repeats > soliciting for other DHCPv6 server 7 more times: > > 11:02:37.403227 IP6 (flowlabel 0x9ecff, hlim 1, next-header UDP (17) > payload length: 94) fe80::3d9c:9ecd:42c:b76e.546 > ff02::1:2.547: [udp > sum ok] dhcp6 solicit (xid=9e8166 (elapsed-time 0) (client-ID > hwaddr/time type 1 time 641857482 1ca0b87d1191) (IA_NA IAID:102539448 > T1:0 T2:0) (Client-FQDN) (vendor-class) (option-request > vendor-specific-info DNS-server DNS-search-list Client-FQDN)) > 11:02:37.403352 IP6 (flowlabel 0x52e68, hlim 64, next-header UDP (17) > payload length: 159) fe80::f21f:afff:fef1:420a.547 > > fe80::3d9c:9ecd:42c:b76e.546: *[bad udp cksum 0x78d2 -> 0x8bad!]* > dhcp6 advertise (xid=9e8166 (IA_NA IAID:102539448 T1:3600 T2:7200 > (IA_ADDR 2001:b68:2:2800::10:10ef pltime:604800 vltime:3600)) > (client-ID hwaddr/time type 1 time 641857482 1ca0b87d1191) (server-ID > hwaddr/time type 1 time 707489786 f01faff1420a) (preference 255) > (DNS-server 2001:b68:2:2800::3 2001:b68:c:2::70:0) (DNS-search-list > local.alu.hr. alu.hr.)) > > There is this problem with "bad udp checksum" in tcpdump-ed packets > from domac's fe80::f21f:afff:fef1:420a interface: I'm new to IPv6, but > I think the receiver party is mandated to discard UDP packets with bad > checksum. > > So the DHCPv6 server on domac never sees a Request nor Confirm message > from the client https://datatracker.ietf.org/doc/html/rfc3315#section-5.3 > > ? ? ? REQUEST (3) ? ? ? ?A client sends a Request message to request > ? ? ? ? ? ? ? ? ? ? ? ? ?configuration parameters, including IP > ? ? ? ? ? ? ? ? ? ? ? ? ?addresses, from a specific server. > > ? ? ? CONFIRM (4) ? ? ? ?A client sends a Confirm message to any > ? ? ? ? ? ? ? ? ? ? ? ? ?available server to determine whether the > ? ? ? ? ? ? ? ? ? ? ? ? ?addresses it was assigned are still appropriate > ? ? ? ? ? ? ? ? ? ? ? ? ?to the link to which the client is connected. > My knowledge of DHCPv6 is very beginning level, but I'm afraid if we > do not make DHCPv6 DDNS work no one will use IPv6 for the addresses > like 2001:b68:2:2800::3 are very hard to configure manually, remember > and type. > The idea was that the users would be able to log in via VPN and access > their work PC with a symbolic FQDN domain name. > > I think I am defeated here: some Googled articles say it is normal for > checksum to be bad if it is generated by NIC, but on the other hand > the client doesn't appear to receive any Advertise messages or send > back Request or Confirm. This way the server never gets confirmation > that the address is acceptable by the client and it never proceeds to > DDNS name update to the zone at all. > > The clients worked with the IPv6 SLAAC configuration on the router, > but we wanted dynamic DNS addresses on the subnet for the assigned > IPv6 addresses to make it more usable. > > Thank you very much for help. > > Kind regards, > Mirsad Todorovac > > On 8.6.2022. 6:14, Mirsad Goran Todorovac wrote: >> Dear Sirs, >> >> Having compiled ISC DHCPD 4.4.3 with includes/site.h: #define >> DEBUG_DNS_UPDATES >> I get the following output. It appears that the DDNS update code >> isn't even called for IPv6. >> >> Am I doing something terribly wrong? >> >> Thank you. >> >> Jun? 8 06:09:02 domac dhcpd: ddns.c(150): Allocating >> ddns_cb=0x5604136c60a0 >> Jun? 8 06:09:02 domac dhcpd: DDNS: ddns_fwd_srv_connector: ddns_cb: >> 0x5604136c60a0 flags: 50b state: DDNS_STATE_CLEANUP cur_func: <null> >> eresult: 0 >> Jun? 8 06:09:02 domac dhcpd: DDNS: ddns_modify_fwd >> Jun? 8 06:09:02 domac dhcpd: DDNS: build_fwd_add1: >> pname:[R7000P.local.alu.hr] uname:[R7000P.local.alu.hr] >> Jun? 8 06:09:02 domac dhcpd: DDNS request: id ptr 0x7fdc349e8010 >> DDNS_STATE_ADD_FW_NXDOMAIN 192.168.100.215 for R7000P.local.alu.hr >> zone: local.alu.hr.dhcid: >> [00:01:01:52:62:16:06:17:56:5b:21:58:8f:69:59:ee:4e:bb:79:9d:5e:76:9b:3a:f3:b7:2c:0f:cf:01:db:4c:eb:6b:87 >> >> >> Jun? 8 06:09:02 domac dhcpd: ddns.c(1722): Updating lease_ptr for >> ddns_cp=0x5604136c60a0 (addr=192.168.100.215) >> Jun? 8 06:09:02 domac dhcpd: DHCPREQUEST for 192.168.100.215 from >> 9c:3d:cf:11:aa:a6 (R7000P) via eth1 >> Jun? 8 06:09:02 domac dhcpd: DHCPACK on 192.168.100.215 to >> 9c:3d:cf:11:aa:a6 (R7000P) via eth1 >> Jun? 8 06:09:02 domac dhcpd: DDNS reply: id ptr 0x7fdc349e8010, >> result: YXDOMAIN >> Jun? 8 06:09:02 domac dhcpd: DDNS: ddns_fwd_srv_add1: ddns_cb: >> 0x5604136c60a0 flags: 50b state: DDNS_STATE_ADD_FW_NXDOMAIN cur_func: >> ddns_fwd_srv_add1 eresult: 196614 >> Jun? 8 06:09:02 domac dhcpd: DDNS: ddns_modify_fwd >> Jun? 8 06:09:02 domac dhcpd: DDNS: build_fwd_add2: >> pname:[R7000P.local.alu.hr] uname:[R7000P.local.alu.hr] >> Jun? 8 06:09:02 domac dhcpd: DDNS request: id ptr 0x7fdc349e8010 >> DDNS_STATE_ADD_FW_YXDHCID 192.168.100.215 for R7000P.local.alu.hr >> zone: local.alu.hr.dhcid: >> [00:01:01:52:62:16:06:17:56:5b:21:58:8f:69:59:ee:4e:bb:79:9d:5e:76:9b:3a:f3:b7:2c:0f:cf:01:db:4c:eb:6b:87 >> >> >> Jun? 8 06:09:02 domac dhcpd: DDNS reply: id ptr 0x7fdc349e8010, >> result: success >> Jun? 8 06:09:02 domac dhcpd: DDNS:ddns_fwd_srv_add2: ddns_cb: >> 0x5604136c60a0 flags: 50b state: DDNS_STATE_ADD_FW_YXDHCID cur_func: >> ddns_fwd_srv_add2 eresult: 0 >> Jun? 8 06:09:02 domac dhcpd: Added new forward map from >> R7000P.local.alu.hr to 192.168.100.215 >> Jun? 8 06:09:02 domac dhcpd: DDNS: ddns_modify_ptr >> Jun? 8 06:09:02 domac dhcpd: DDNS request: id ptr 0x7fdc349e8010 >> DDNS_STATE_ADD_PTR R7000P.local.alu.hr for >> 215.100.168.192.in-addr.arpa. zone: 168.192.in-addr.arpa.dhcid: >> [00:01:01:52:62:16:06:17:56:5b:21:58:8f:69:59:ee:4e:bb:79:9d:5e:76:9b:3a:f3:b7:2c:0f:cf:01:db:4c:eb:6b:87 >> >> >> Jun? 8 06:09:02 domac dhcpd: DDNS reply: id ptr 0x7fdc349e8010, >> result: success >> Jun? 8 06:09:02 domac dhcpd: Added reverse map from >> 215.100.168.192.in-addr.arpa. to R7000P.local.alu.hr >> Jun? 8 06:09:02 domac dhcpd: ddns.c(1325): Updating lease_ptr for >> ddns_cp=0x5604136c60a0 (addr=192.168.100.215) >> Jun? 8 06:09:02 domac dhcpd: ddns.c(1325): >> find_lease_by_ip_addr(192.168.100.215) successful:lease=0x7fdc346b4e20 >> Jun? 8 06:09:02 domac dhcpd: ddns.c(1326): freeing >> ddns_cb=0x5604136c60a0 >> Jun? 8 06:09:46 domac dhcpd: Solicit message from >> fe80::8aad:43ff:fefa:3f96 port 546, transaction ID 0x55E06C00 >> Jun? 8 06:09:46 domac dhcpd: Picking pool address >> 2001:b68:2:2800::10:1208 >> Jun? 8 06:09:46 domac dhcpd: Advertise NA: address >> 2001:b68:2:2800::10:1208 to client with duid >> 00:01:00:01:27:7d:dd:63:88:ad:43:fa:3f:96 iaid = -1774192061 valid >> for 3600 seconds >> Jun? 8 06:09:46 domac dhcpd: Sending Advertise to >> fe80::8aad:43ff:fefa:3f96 port 546 >> Jun? 8 06:09:46 domac dhcpd: Solicit message from >> fe80::8aad:43ff:fefa:3f96 port 546, transaction ID 0x55E06C00 >> Jun? 8 06:09:46 domac dhcpd: Picking pool address >> 2001:b68:2:2800::10:1208 >> Jun? 8 06:09:46 domac dhcpd: Advertise NA: address >> 2001:b68:2:2800::10:1208 to client with duid >> 00:01:00:01:27:7d:dd:63:88:ad:43:fa:3f:96 iaid = -1774192061 valid >> for 3600 seconds >> Jun? 8 06:09:46 domac dhcpd: Sending Advertise to >> fe80::8aad:43ff:fefa:3f96 port 546 >> Jun? 8 06:09:46 domac dhcpd: Relay-forward message from >> fe80::babe:bfff:fe26:9542 port 547, link address 2001:b68:2:2800::1, >> peer address fe80::8aad:43ff:fefa:3f96 >> Jun? 8 06:09:46 domac dhcpd: Picking pool address >> 2001:b68:2:2800::10:1208 >> Jun? 8 06:09:46 domac dhcpd: Advertise NA: address >> 2001:b68:2:2800::10:1208 to client with duid >> 00:01:00:01:27:7d:dd:63:88:ad:43:fa:3f:96 iaid = -1774192061 valid >> for 3600 seconds >> Jun? 8 06:09:46 domac dhcpd: Sending Relay-reply to >> fe80::babe:bfff:fe26:9542 port 547 >> Jun? 8 06:11:57 domac dhcpd: Solicit message from >> fe80::8aad:43ff:fefa:3f96 port 546, transaction ID 0x55E06C00 >> Jun? 8 06:11:57 domac dhcpd: Picking pool address >> 2001:b68:2:2800::10:1208 >> Jun? 8 06:11:57 domac dhcpd: Advertise NA: address >> 2001:b68:2:2800::10:1208 to client with duid >> 00:01:00:01:27:7d:dd:63:88:ad:43:fa:3f:96 iaid = -1774192061 valid >> for 3600 seconds >> Jun? 8 06:11:57 domac dhcpd: Sending Advertise to >> fe80::8aad:43ff:fefa:3f96 port 546 >> Jun? 8 06:11:57 domac dhcpd: Solicit message from >> fe80::8aad:43ff:fefa:3f96 port 546, transaction ID 0x55E06C00 >> Jun? 8 06:11:57 domac dhcpd: Picking pool address >> 2001:b68:2:2800::10:1208 >> Jun? 8 06:11:57 domac dhcpd: Advertise NA: address >> 2001:b68:2:2800::10:1208 to client with duid >> 00:01:00:01:27:7d:dd:63:88:ad:43:fa:3f:96 iaid = -1774192061 valid >> for 3600 seconds >> Jun? 8 06:11:57 domac dhcpd: Sending Advertise to >> fe80::8aad:43ff:fefa:3f96 port 546 >> Jun? 8 06:11:57 domac dhcpd: Relay-forward message from >> fe80::babe:bfff:fe26:9542 port 547, link address 2001:b68:2:2800::1, >> peer address fe80::8aad:43ff:fefa:3f96 >> Jun? 8 06:11:57 domac dhcpd: Picking pool address >> 2001:b68:2:2800::10:1208 >> Jun? 8 06:11:57 domac dhcpd: Advertise NA: address >> 2001:b68:2:2800::10:1208 to client with duid >> 00:01:00:01:27:7d:dd:63:88:ad:43:fa:3f:96 iaid = -1774192061 valid >> for 3600 seconds >> Jun? 8 06:11:57 domac dhcpd: Sending Relay-reply to >> fe80::babe:bfff:fe26:9542 port 547 >> >> On 07. 06. 2022. 19:13, Mirsad Goran Todorovac wrote: >>> Hello all, >>> >>> I have a problem that our DHCPv6 DDNS update which works reliably >>> with IPv4 doesn't work at all when we implemented >>> the dual-stack operation with IPv6. There is not even a warning, >>> notice or error in the log. No syntax errors in the config >>> /etc/dhcp/dhcpd6.conf file. >>> >>> We are running Debian 10 Buster server with BIND 9.16.27 and ISC >>> DHCPd 4.4.1 >>> >>> root@domac:# dpkg -l ... >>> Desired=Unknown/Install/Remove/Purge/Hold >>> | >>> Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend >>> |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad) >>> ||/ Name?????????? Version???????????????????? Architecture Description >>> +++-==============-===========================-============-================================= >>> >>> >>> ii? bind9????????? 1:9.16.27-1~deb11u1~bpo10+1 amd64 Internet Domain >>> Name Server >>> ii? isc-dhcp-server 4.4.1-2+deb10u1 amd64??????? ISC DHCP server for >>> automatic IP address assignment >>> >>> Here is a typical example of DHCPv6 transactions found in the log: >>> >>> Jun? 7 16:53:27 domac dhcpd[2971]: Solicit message from >>> fe80::8aad:43ff:fefa:3f96 port 546, transaction ID 0x55E06C00 >>> Jun? 7 16:53:27 domac dhcpd[2971]: Picking pool address >>> 2001:b68:2:2800::10:1208 >>> Jun? 7 16:53:27 domac dhcpd[2971]: Advertise NA: address >>> 2001:b68:2:2800::10:1208 to client with duid >>> 00:01:00:01:27:7d:dd:63:88:ad:43:fa:3f:96 iaid = -1774192061 valid >>> for 3600 seconds >>> Jun? 7 16:53:27 domac dhcpd[2971]: Sending Advertise to >>> fe80::8aad:43ff:fefa:3f96 port 546 >>> Jun? 7 16:53:27 domac dhcpd[2971]: Solicit message from >>> fe80::8aad:43ff:fefa:3f96 port 546, transaction ID 0x55E06C00 >>> Jun? 7 16:53:27 domac dhcpd[2971]: Picking pool address >>> 2001:b68:2:2800::10:1208 >>> Jun? 7 16:53:27 domac dhcpd[2971]: Advertise NA: address >>> 2001:b68:2:2800::10:1208 to client with duid >>> 00:01:00:01:27:7d:dd:63:88:ad:43:fa:3f:96 iaid = -1774192061 valid >>> for 3600 seconds >>> Jun? 7 16:53:27 domac dhcpd[2971]: Sending Advertise to >>> fe80::8aad:43ff:fefa:3f96 port 546 >>> Jun? 7 16:53:27 domac dhcpd[2971]: Relay-forward message from >>> fe80::babe:bfff:fe26:9542 port 547, link address 2001:b68:2:2800::1, >>> peer address fe80::8aad:43ff:fefa:3f96 >>> Jun? 7 16:53:27 domac dhcpd[2971]: Picking pool address >>> 2001:b68:2:2800::10:1208 >>> Jun? 7 16:53:27 domac dhcpd[2971]: Advertise NA: address >>> 2001:b68:2:2800::10:1208 to client with duid >>> 00:01:00:01:27:7d:dd:63:88:ad:43:fa:3f:96 iaid = -1774192061 valid >>> for 3600 seconds >>> Jun? 7 16:53:27 domac dhcpd[2971]: Sending Relay-reply to >>> fe80::babe:bfff:fe26:9542 port 547 >>> >>> fe80::babe:bfff:fe26:9542 is local-link address of our router. >>> >>> Our DNS/DHCP server is 161.53.235.3 or 2001:b68:2:2800::3, LLA for >>> eth1 is fe80::f21f:afff:fef1:420a/64 >>> >>> Here is our /etc/dhcp/dhcpd6.conf: >>> >>> default-lease-time 3600; >>> preferred-lifetime 604800; >>> option dhcp-renewal-time 3600; >>> option dhcp-rebinding-time 7200; >>> allow leasequery; >>> >>> option dhcp6.name-servers 2001:b68:2:2800::3,2001:b68:c:2::70:0; >>> option dhcp6.domain-search "alu.hr"; >>> >>> option dhcp6.info-refresh-time 21600; >>> >>> ddns-update-style standard; >>> ddns-dual-stack-mixed-mode true; >>> update-conflict-detection false; >>> update-optimization false; >>> deny client-updates; >>> ddns-updates on; >>> authoritative; >>> log-facility local7; >>> ddns-domainname "local.alu.hr."; >>> ddns-rev-domainname "ip6.arpa."; >>> >>> include "/etc/bind/ddns.key"; >>> >>> shared-network ilica85.alu.hr { >>> ??? subnet6 2001:b68:2:2800::/64 { >>> ??????? range6 2001:b68:2:2800::10:1000 2001:b68:2:2800::10:13ff; >>> ??????? option dhcp6.domain-search "local.alu.hr","alu.hr"; >>> ??????? option dhcp6.name-servers >>> 2001:b68:2:2800::3,2001:b68:c:2::70:0; >>> ??????? ddns-domainname "local.alu.hr"; >>> >>> ??????? zone local.alu.hr. { >>> ??????????????? # primary6 2001:b68:2:2800::3; >>> ??????????????? primary 127.0.0.1; >>> ??????????????? key DDNS_UPDATE; >>> ??????? } >>> ??????? zone 0.0.8.2.2.0.0.0.8.6.b.0.1.0.0.2.ip6.arpa. { >>> ??????????????? # primary6 2001:b68:2:2800::3; >>> ??????????????? primary 127.0.0.1; >>> ??????????????? key DDNS_UPDATE; >>> ??????? } >>> ??? } >>> } >>> >>> subnet6 2001:b68:2:2a00::/64 { >>> ??????? range6 2001:b68:2:2a00::1000 2001:b68:2:2a00::10ff; >>> ??????? option dhcp6.domain-search "slava.alu.hr","alu.hr"; >>> ??????? option dhcp6.name-servers >>> 2001:b68:2:2800::3,2001:b68:c:2::70:0; >>> ??????? ddns-domainname "slava.alu.hr"; >>> >>> ??????? zone slava.alu.hr. { >>> ??????????????? primary6 2001:b68:2:2800::3; >>> ??????????????? key DDNS_UPDATE; >>> ??????? } >>> >>> ??????? zone 0.0.a.2.2.0.0.0.8.6.b.0.1.0.0.2.ip6.arpa. { >>> ??????????????? primary6 2001:b68:2:2800::3; >>> ??????????????? key DDNS_UPDATE; >>> ??????? } >>> } >>> >>> The corresponding entries in /etc/bind/named.conf.local are: >>> >>> ??? zone "0.0.8.2.2.0.0.0.8.6.b.0.1.0.0.2.ip6.arpa" in { >>> ??????? type master; >>> ??????? file >>> "/var/cache/bind/0.0.8.2.2.0.0.0.8.6.b.0.1.0.0.2.ip6.arpa.db"; >>> ??????? allow-update { key DDNS_UPDATE; }; >>> ??????? allow-transfer { 31.147.205.54; 161.53.2.70; }; >>> ??????? also-notify { 31.147.205.54; 161.53.2.70; }; >>> ??????? forwarders {}; >>> ??? }; >>> >>> ??? zone "0.0.a.2.2.0.0.0.8.6.b.0.1.0.0.2.ip6.arpa" in { >>> ??????? type master; >>> ??????? file >>> "/var/cache/bind/0.0.a.2.2.0.0.0.8.6.b.0.1.0.0.2.ip6.arpa.db"; >>> ??????? allow-update { key DDNS_UPDATE; }; >>> ??????? allow-transfer { 31.147.205.54; 161.53.2.70; }; >>> ??????? also-notify { 31.147.205.54; 161.53.2.70; }; >>> ??????? forwarders {}; >>> ??? }; >>> >>> ??? zone "local.alu.hr" in { >>> ??????? type master; >>> ??????? file "/var/cache/bind/local.alu.hr.db"; >>> ??????? allow-update { key DDNS_UPDATE; }; >>> ??????? allow-transfer { 31.147.205.54; 161.53.2.70; }; >>> ??????? also-notify { 31.147.205.54; 161.53.2.70; }; >>> ??????? forwarders {}; >>> ??? }; >>> >>> ??? zone "slava.alu.hr" in { >>> ??????? type master; >>> ??????? file "/var/cache/bind/slava.alu.hr.db"; >>> ??????? allow-update { key DDNS_UPDATE; }; >>> ??????? allow-transfer { 31.147.205.54; 161.53.2.70; }; >>> ??????? also-notify { 31.147.205.54; 161.53.2.70; }; >>> ??????? dnssec-policy "standard"; >>> ??????? key-directory "/var/cache/bind/keys"; >>> ??????? forwarders {}; >>> ??? }; >>> >>> We are also using views in BIND9, but they work well updating the >>> "internal" and "universe" zones with DHCPv4, i.e.: >>> >>> Jun? 7 16:48:21 domac dhcpd[986]: DHCPREQUEST for 192.168.100.215 >>> from 9c:3d:cf:11:aa:a6 (R7000P) via eth1 >>> Jun? 7 16:48:21 domac dhcpd[986]: DHCPACK on 192.168.100.215 to >>> 9c:3d:cf:11:aa:a6 (R7000P) via eth1 >>> Jun? 7 16:48:21 domac dhcpd[986]: Added new forward map from >>> R7000P.local.alu.hr to 192.168.100.215 >>> Jun? 7 16:48:21 domac dhcpd[986]: Added reverse map from >>> 215.100.168.192.in-addr.arpa. to R7000P.local.alu.hr >>> >>> As you can see in the options, I tried various combinations, and I >>> seem to be out of options. But we are new to IPv6 >>> and DHCPv6, so there may be something obvious to you I cannot see >>> (like DDNS not being enabled in ISC dhcpd binary >>> with option -6)? >>> >>> I am very interested personally in IPv6 adoption for we are >>> expecting a surge in multimedia content provided, >>> possibly broadcasted, additional options with IoT, security, >>> surveillance cameras (requiring public IP we are short of). >>> >>> All of this would be greatly simplified and more adopted if the >>> users, professors, staff and students wouldn't >>> have to remember IPv6 address like 2001:b68:2:2800::3 but used an >>> automatically assigned domain name instead. >>> >>> Manual IPv6 configuration and static tables for this would be an >>> overkill, we are understaffed to maintain it. >>> >>> Thank you very much for your time and help. >>> >>> Kind regards, >>> Mirsad Todorovac >>> >> -- >> Mirsad Goran Todorovac >> CARNet sistem in?enjer >> Grafi?ki fakultet | Akademija likovnih umjetnosti >> Sveu?ili?te u Zagrebu > -- > Mirsad Todorovac > CARNet system engineer > Faculty of Graphic Arts | Academy of Fine Arts > University of Zagreb > Republic of Croatia, the European Union > -- > CARNet sistem in?enjer > Grafi?ki fakultet | Akademija likovnih umjetnosti > Sveu?ili?te u Zagrebu > -- Mirsad Todorovac CARNet system engineer Faculty of Graphic Arts | Academy of Fine Arts University of Zagreb Republic of Croatia, the European Union -- CARNet sistem in?enjer Grafi?ki fakultet | Akademija likovnih umjetnosti Sveu?ili?te u Zagrebu -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20220609/55968960/attachment.htm> ------------------------------ Subject: Digest Footer _______________________________________________ ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. dhcp-users mailing list dhcp-users@lists.isc.org https://lists.isc.org/mailman/listinfo/dhcp-users ------------------------------ End of dhcp-users Digest, Vol 164, Issue 18 *******************************************