Reporter: bdubbs@… | Owner: bdubbs@…
Type: enhancement | Status: assigned
Priority: normal | Milestone: 8.1
Component: BOOK | Version: SVN
Severity: normal | Resolution:
Comment (by bdubbs@…):
The major "theme" for ISC DHCP 4.3.x was to update the support for
DHCPv6 to include several of the features that have been available
for DHCPv4. These include:
- Support the use of classes
- Support for on_commit, on_expiry and on_release statements
- Better logging of address assignments
- Support for using DHCPv6 relay options in expressions
This release also adds support for the standard DDNS as described in the
current RFCs as well as enhancing support for dynamically adding and
subclasses via OMAPI.
There are a number of DHCPv6 limitations and features missing in this
release, which will be addressed in the future:
- Only Solaris, Linux, FreeBSD, NetBSD, and OpenBSD are supported.
- DHCPv6 includes human-readable text in status code messages, in
English. A method to reconfigure or support other languages would
- The "host-identifier" option is limited to a simple token.
- The client and server can only operate DHCPv4 or DHCPv6 at a time,
not both. To use both protocols simultaneously, two instances of the
relevant daemon are required, one with the '-6' command line option.
Changes since 4.3.5
- The server now allows the client identifier (option 61) to own leases
in more than one subnet concurrently. Prior to this the server would
incorrectly release an existing lease in one subnet prior to assigning
a lease in another subnet. Note that the prior behavior can be still
be achieved by enabling one-lease-per-client. Thanks to both David Zych
the University of Illinois and Norm Proffitt of Infoblox for reporting
the issue; and Norm for suggesting a solution.
- When replying to a DHCPINFORM, the server will now include options
at the pool scope, provided the ciaddr field of the DHCPINFORM is
Prior to this the server only evaluated options down to the subnet
Thanks to Fernando Soto at BlueCat Networks for reporting the issue.
- When memory allocation fails in a repeated way the process writes
"Run out of memory." on the standard error and exists with status 1.
- The new lmdb (Lightning Memory DataBase) bind9 configure option is
now disabled by default to avoid the presence of this library to be
detected which can lead to a link failure.
- The linux interface discovery code has been modified to use getifaddrs()
as is done for BSD and OS-X. Prior to this the code would only
the first address on an interface and thereby omit vlans.
Thanks to Jiri Popelka at Redhat, Marius Tomaschewski at SUSE, and Wei
Kong at Novell, who all submitted patches.
- Fixed a bug in OMAPI that causes omshell to crash when a name-value
pair with a zero length value is shipped in an object. Thanks to
Fernando Soto at BlueCat Networks for reporting the issue and
supplying the patch.
- On 64-bit platforms, dhclient now generates the correct value for the
script environment variable, "expiry", the lease expiry value exceeds
0x7FFFFFFF. Prior to this such values would produce negative values
for expiry in the script environment.
- Common timer logic was modified to cap the maximum timeout values at
0x7FFFFFFF - 1. Values larger than that were causing fatal timer out of
range errors on 64-bit platforms. Thanks to Jiri Popelka at Red Hat for
reporting the issue.
- DHCP6 FQDN option unpacking code now correctly handles values that
spaces, special, or non-printable characters. Prior to this the buffer
size needed was underestimated causing a conversion error message to
be logged and DNS updates to be skipped. Thanks to Fernando Soto at
BlueCat Networks for bringing the matter to our attention.
- When running in -6 mode, dhclient can enforce the require option
and will discard offered leases that do not contain all the required
options specified in the client configuration. If not enabled the
will still consider such leases. This must be enabled at compile time
(see ENFORCE_DHCPV6_CLIENT_REQUIRE in includes/site.h). Thanks to
Mritunjaykumar Dubey at Nokia for reporting the issue.
- Altered DHCPv4 lease time calculation to avoid roll over errors on
OS systems when using -1 or large values for default-lease-time.
values will be replaced with 0x7FFFFFFF - 1. This alleviates
short expiration times being handed out when infinite lease times (-1)
conjunction with failover. Our thanks to Alessandro Gherardi for
the issue to our attention.
- Added new compile time option --with-srv-conf-file which specifies a
default location of the server configuration file.
- Added --dad-wait-time parameter to dhclient. It specifies the maximum
in seconds, that the client process should wait for the duplicate
detection to complete before initiating DHCP requests. This value is
propagated to the dhclient script and the script is responsible for
the specified amount of time or until DAD has completed. If the script
not support it, specifying this parameter has no effect. The default
is 0 which specifies that the script should not wait for DAD. With this
change the following scripts have been modified to support the new
freebsd, linux, macos, netbsd, openbsd.
- The server nows checks both the address and length of a prefix
when attempting to match it to a prefix pool. This ensures the server
responds properly when pool configurations change such that once valid,
"in-pool" delegations are now treated as being invalid. During lease
file loading at startup, the server will discard any PD leases that
are deemed "out-of-pool" either by address or mis-matched prefix length.
Clients seeking to renew or rebind such leases will get a response of
No Binding in the case of the former, and the prefix delegation with
lifetimes set to zero in the case of the latter. Thanks to Mark Nejedlo
at TDS Telecom for reporting this issue.
- Modified DDNS support initialization such that DNS related ports will
opened by the server (dhcpd) at startup if ddns-update-style is not
by dhclient only if and when the it first attempts an update; and never
dhcrelay. Prior to this all three always did the initialization at
which causes them to always open on and listen for traffic on two random
ports. Thanks to Rodney Beede for reporting this issue.
- Added error logging to two memory allocation failure checks. Thanks to
Parker (wp02855 at gmail dot com) for reporting the issue.
- Corrected a dhclient -6 issue that caused the client to crash with an
"Impossible condition" error after de-preferencing its only IA binding.
The crash occurred when server configuration changes rendered the
binding out-of-range and no other leases were available to offer. Thanks
to Pierre Clerissi for bringing this issue to our attention.
- By defining CALL_SCRIPT_ON_ONETRY_FAIL in includes/site.h, dhclient will
now call the script with reason set to FAIL when run with -1 (one try)
there are no server responses. This applies to IPv4 mode only. Thanks
patch by Martin Pitt which got to us via Andrew Pollock.
- The server now detects failover peers that are not referenced in at
one pool when run with the command line option for test mode, -T. Prior
this the check was performed too far down stream to be detected in test
- Linux script updated. The script is now based on Debian version. It uses
ip tool from iproute2 package and ifconfig is no longer used. This also
addresses an issue of calling arping with inappropriate parameter.
- Changed severity of the log message indicating UDP checksum errors in
the received packets from 'info' to 'debug' to avoid logging excessive
number of false positives when UDP checksum offloading is enabled.
- The directory minires has been removed from the source tree. It has
long been obsolete for branches other than v4_1_esv. Additionally,
includes/minires.h was renamed includes/ns_name.h.
- Replaced ifconfig parameters "add" and "delete" with "alias" and
for IPv6 mode in the client scripts, netbsd and openbsd. This was
preventing IPv6 addresses from being added or removed from interfaces.
Thanks to Tim Dean for reporting this issue.
Ticket URL: <http://wiki.linuxfromscratch.org/blfs/ticket/9552#comment:3>
BLFS Trac <http://wiki.linuxfromscratch.org/blfs>
Beyond Linux From Scratch
Unsubscribe: See the above information page