Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address
On Sun, Jul 26, 2020 at 04:05:07PM +0200, Pali Rohár wrote: > On Thursday 23 July 2020 13:11:36 Move On wrote: > > On Thu, Jul 23, 2020 at 10:35:45AM +0200, Pali Rohár wrote: > > > ... retransmit ... > > > > Provide PATCH v3 and see what happens > > So, this is the only thing which needs to be fixed and after patch would be > merged? > Which part of 'and see what happens' may I explain? And for which consultancy fee? Regards Geert Stappers Retransmitting "a blunt 'patch rejected' is way better than ignoring a patch" -- Silence is hard to parse ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address
On Thursday 23 July 2020 13:11:36 Move On wrote: > On Thu, Jul 23, 2020 at 10:35:45AM +0200, Pali Rohár wrote: > > So finally something relevant to this patch... > > Cheer \o/ > > > On Wednesday 22 July 2020 23:48:19 Petr Menšík wrote: > > > On 7/22/20 3:44 PM, Pali Rohár wrote: > > > > I do not see any benefit why to complicate things just because "IPv6 > > > > addresses are many". I do not see nothing wrong on simple setup where > > > > device has one IPv6 address assigned by DHCPv6 server. > > > I think you are requesting breaking of DHCP definition RFCs. I see > > > nothing wrong with IPv6 assigned to MAC address. I think it is wrong, if > > > there are existing leases for the same address with different IAID. > > > > The whole point of this patch is to make MAC --> IPv6 address assigning > > working. It means that IPv6 address must be leased to MAC address if > > assigning is based on MAC address and not on DUID/IAID. > > > > If user set in configure file that for MAC address AB:CD:EF:AB:CD:EF > > must be assigned IPv6 address FD::1 then user would expect that host > > with address AB:CD:EF:AB:CD:EF would get IPv6 address FD::1. > > > > Why host get different address, then why such option is even provided? > > > > User already express by this configuration that he is interested in such > > setup even if it does not have to be compliant with standards. > > > > Some people are saying that assigning IPv6 address based on MAC address > > is already violation of DHCPv6 RFC. > > > > Also dnsmasq provides support for leasing one IPv4 address to more MAC > > addresses. This is often used when computer has both ethernet and wifi > > interfaces and only one is used at the same time. dnsmasq then lease > > IPv4 address to the last MAC address which asked for it. This feature > > also violates DHCPv4 standard, but it is there as it is useful for lot > > of people. > > > > So why should be similar useful feature problematic for IPv6 when it is > > already provided for IPv4 in dnsmasq? > > > > > > Anyway, if violation of DHCPv6 RFC standard with this setup of leasing > > IPv6 address to MAC address statically is problematic, what about adding > > a new option which enables this behavior? > > > > Provide PATCH v3 and see what happens So, this is the only thing which needs to be fixed and after patch would be merged? -- Pali Rohár pali.ro...@gmail.com ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address
On Thursday 23 July 2020 19:03:41 Kevin 'ldir' Darbyshire-Bryant wrote: > > On 23 Jul 2020, at 14:11, Pali Rohár wrote: > > > > > > > Hello Kevin! So you basically have similar/same feature request. > > > > Could you test this dnsmasq patch if it helps with your setup? > > > > -- > > Pali Rohár > > pali.ro...@gmail.com > > I have successfully used prior incarnations of your patch. Great! So patch was already tested that is working and it is useful. > Recently I haven’t required it but I am not sure if this is because qnap have > improved something OR simply because I don’t reboot the boxes anywhere near > as often. I’ll see if I can provoke the problem over the next few days but I > am quite busy at the moment. Fixing the issue when the problem arises is a > real pain in the arse involving qnap shutdown, dnsmasq shutdown, edit > leasefile & remove the rogue leases, restart dnsmasq, restart qnap. I understand it, assigning IPv6 address based on MAC address is in dnsmasq currently unusable and removing lease file with dnsmasq restart is the only workaround which I know. I think that patch in current form is enough. -- Pali Rohár pali.ro...@gmail.com ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address
> On 23 Jul 2020, at 14:11, Pali Rohár wrote: > > > Hello Kevin! So you basically have similar/same feature request. > > Could you test this dnsmasq patch if it helps with your setup? > > -- > Pali Rohár > pali.ro...@gmail.com I have successfully used prior incarnations of your patch. Recently I haven’t required it but I am not sure if this is because qnap have improved something OR simply because I don’t reboot the boxes anywhere near as often. I’ll see if I can provoke the problem over the next few days but I am quite busy at the moment. Fixing the issue when the problem arises is a real pain in the arse involving qnap shutdown, dnsmasq shutdown, edit leasefile & remove the rogue leases, restart dnsmasq, restart qnap. Cheers, Kevin D-B gpg: 012C ACB2 28C6 C53E 9775 9123 B3A2 389B 9DE2 334A signature.asc Description: Message signed with OpenPGP ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address
On Thu, Jul 23, 2020 at 03:11:59PM +0200, Pali Rohár wrote: > On Thursday 23 July 2020 12:43:03 Kevin 'ldir' Darbyshire-Bryant wrote: > > On 23 Jul 2020, at 09:35, Pali Rohár wrote: > > > On Wednesday 22 July 2020 23:48:19 Petr Menšík wrote: > > >> On 7/22/20 3:44 PM, Pali Rohár wrote: > > >>> I do not see any benefit why to complicate things just because "IPv6 > > >>> addresses are many". I do not see nothing wrong on simple setup where > > >>> device has one IPv6 address assigned by DHCPv6 server. > > >> I think you are requesting breaking of DHCP definition RFCs. I see > > >> nothing wrong with IPv6 assigned to MAC address. I think it is wrong, if > > >> there are existing leases for the same address with different IAID. > > > > > > The whole point of this patch is to make MAC --> IPv6 address assigning > > > working. It means that IPv6 address must be leased to MAC address if > > > assigning is based on MAC address and not on DUID/IAID. > > > > > > If user set in configure file that for MAC address AB:CD:EF:AB:CD:EF > > > must be assigned IPv6 address FD::1 then user would expect that host > > > with address AB:CD:EF:AB:CD:EF would get IPv6 address FD::1. > > > > > > If I may proffer this real life use case/scenario as found in my > > very own home: > > > > I have a couple of Qnap NAS boxes. They speak legacy IP and IPv6. > > These boxes sometimes offer services such as bittorrent to the > > Internet. They live behind an Openwrt router/firewall, the very device > > that runs dnsmasq offering DHCPv4/v6 leases. For purposes of my own > > sanity I lock the IPv4 address to the qnap devices MAC addresses, > > thus I can enter unchanging and consistent entries in the firewall > > for relevant hosts/ports. I have an identical requirement for IPv6. > > I need to be sure that these Qnap devices will land at a known, > > consistent, effectively static IPv4/v6 address. > > > > The IPv4 case is easily solved and supported. The IPv6 case > > (until recently..qnap changed something..and I don’t reboot as > > much) was more challenging in that dnsmasq ignores the MAC address. > > The DUID/IAID would change at different stages of the boot, leading > > to dnsmasq thinking the address requested was being requested for > > a new client as opposed to the same client simply rebooting. > > > > There is a use case for locking/mapping IPv6 to MAC address whether > > it violates RFCs or not. For reasons of firewall pinholes I need > > certain machines to land at certain addresses. For ‘fun’ we > > can discuss if this is a problem with/for upnp/natpnp > > Hello Kevin! So you basically have similar/same feature request. > > Could you test this dnsmasq patch if it helps with your setup? That is does mean doing things you might never have done before. Feel welcome to come with questions about it. Regards Geert Stappers Who loves to see: Yes, patch "foo" works for me. -- Silence is hard to parse ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address
Am Thu, 23 Jul 2020 10:35:45 +0200 schrieb Pali Rohár : > If user set in configure file that for MAC address AB:CD:EF:AB:CD:EF > must be assigned IPv6 address FD::1 then user would expect that host > with address AB:CD:EF:AB:CD:EF would get IPv6 address FD::1. In a world where a DHCP client has more power than the network admin, this is all wishful thinking. Clearly dnsmasq could serve real life instead of following some weird RFCs... Olaf pgpVal0R8hUvn.pgp Description: Digitale Signatur von OpenPGP ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address
On Thursday 23 July 2020 12:43:03 Kevin 'ldir' Darbyshire-Bryant wrote: > > On 23 Jul 2020, at 09:35, Pali Rohár wrote: > > > > So finally something relevant to this patch... > > > > On Wednesday 22 July 2020 23:48:19 Petr Menšík wrote: > >> On 7/22/20 3:44 PM, Pali Rohár wrote: > >>> I do not see any benefit why to complicate things just because "IPv6 > >>> addresses are many". I do not see nothing wrong on simple setup where > >>> device has one IPv6 address assigned by DHCPv6 server. > >> I think you are requesting breaking of DHCP definition RFCs. I see > >> nothing wrong with IPv6 assigned to MAC address. I think it is wrong, if > >> there are existing leases for the same address with different IAID. > > > > The whole point of this patch is to make MAC --> IPv6 address assigning > > working. It means that IPv6 address must be leased to MAC address if > > assigning is based on MAC address and not on DUID/IAID. > > > > If user set in configure file that for MAC address AB:CD:EF:AB:CD:EF > > must be assigned IPv6 address FD::1 then user would expect that host > > with address AB:CD:EF:AB:CD:EF would get IPv6 address FD::1. > > > If I may proffer this real life use case/scenario as found in my very own > home: > > I have a couple of Qnap NAS boxes. They speak legacy IP and IPv6. These > boxes sometimes offer services such as bittorrent to the Internet. They live > behind an Openwrt router/firewall, the very device that runs dnsmasq offering > DHCPv4/v6 leases. For purposes of my own sanity I lock the IPv4 address to > the qnap devices MAC addresses, thus I can enter unchanging and consistent > entries in the firewall for relevant hosts/ports. I have an identical > requirement for IPv6. I need to be sure that these Qnap devices will land at > a known, consistent, effectively static IPv4/v6 address. > > The IPv4 case is easily solved and supported. The IPv6 case (until > recently..qnap changed something..and I don’t reboot as much) was more > challenging in that dnsmasq ignores the MAC address. The DUID/IAID would > change at different stages of the boot, leading to dnsmasq thinking the > address requested was being requested for a new client as opposed to the same > client simply rebooting. > > There is a use case for locking/mapping IPv6 to MAC address whether it > violates RFCs or not. For reasons of firewall pinholes I need certain > machines to land at certain addresses. For ‘fun’ we can discuss if this is a > problem with/for upnp/natpnp Hello Kevin! So you basically have similar/same feature request. Could you test this dnsmasq patch if it helps with your setup? -- Pali Rohár pali.ro...@gmail.com ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address
> On 23 Jul 2020, at 09:35, Pali Rohár wrote: > > So finally something relevant to this patch... > > On Wednesday 22 July 2020 23:48:19 Petr Menšík wrote: >> On 7/22/20 3:44 PM, Pali Rohár wrote: >>> I do not see any benefit why to complicate things just because "IPv6 >>> addresses are many". I do not see nothing wrong on simple setup where >>> device has one IPv6 address assigned by DHCPv6 server. >> I think you are requesting breaking of DHCP definition RFCs. I see >> nothing wrong with IPv6 assigned to MAC address. I think it is wrong, if >> there are existing leases for the same address with different IAID. > > The whole point of this patch is to make MAC --> IPv6 address assigning > working. It means that IPv6 address must be leased to MAC address if > assigning is based on MAC address and not on DUID/IAID. > > If user set in configure file that for MAC address AB:CD:EF:AB:CD:EF > must be assigned IPv6 address FD::1 then user would expect that host > with address AB:CD:EF:AB:CD:EF would get IPv6 address FD::1. If I may proffer this real life use case/scenario as found in my very own home: I have a couple of Qnap NAS boxes. They speak legacy IP and IPv6. These boxes sometimes offer services such as bittorrent to the Internet. They live behind an Openwrt router/firewall, the very device that runs dnsmasq offering DHCPv4/v6 leases. For purposes of my own sanity I lock the IPv4 address to the qnap devices MAC addresses, thus I can enter unchanging and consistent entries in the firewall for relevant hosts/ports. I have an identical requirement for IPv6. I need to be sure that these Qnap devices will land at a known, consistent, effectively static IPv4/v6 address. The IPv4 case is easily solved and supported. The IPv6 case (until recently..qnap changed something..and I don’t reboot as much) was more challenging in that dnsmasq ignores the MAC address. The DUID/IAID would change at different stages of the boot, leading to dnsmasq thinking the address requested was being requested for a new client as opposed to the same client simply rebooting. There is a use case for locking/mapping IPv6 to MAC address whether it violates RFCs or not. For reasons of firewall pinholes I need certain machines to land at certain addresses. For ‘fun’ we can discuss if this is a problem with/for upnp/natpnp Cheers, Kevin D-B gpg: 012C ACB2 28C6 C53E 9775 9123 B3A2 389B 9DE2 334A signature.asc Description: Message signed with OpenPGP ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address
On 22/07/2020 13:42, Petr Menšík wrote: You can use SLAAC for MAC generated addresses and they would be the same regardless running OS. This hasn't been true for a number of years because a few OS (and of course dhcpcd) have grown support for RFC 7217. Now if they all used the same algorithm and secret key then they would have the same address. This is currenty only possible using dhcpcd (because it's not OS specific) but not OS vendors want to use dhcpcd by default. Roy ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address
On Thu, Jul 23, 2020 at 10:35:45AM +0200, Pali Rohár wrote: > So finally something relevant to this patch... Cheer \o/ > On Wednesday 22 July 2020 23:48:19 Petr Menšík wrote: > > On 7/22/20 3:44 PM, Pali Rohár wrote: > > > I do not see any benefit why to complicate things just because "IPv6 > > > addresses are many". I do not see nothing wrong on simple setup where > > > device has one IPv6 address assigned by DHCPv6 server. > > I think you are requesting breaking of DHCP definition RFCs. I see > > nothing wrong with IPv6 assigned to MAC address. I think it is wrong, if > > there are existing leases for the same address with different IAID. > > The whole point of this patch is to make MAC --> IPv6 address assigning > working. It means that IPv6 address must be leased to MAC address if > assigning is based on MAC address and not on DUID/IAID. > > If user set in configure file that for MAC address AB:CD:EF:AB:CD:EF > must be assigned IPv6 address FD::1 then user would expect that host > with address AB:CD:EF:AB:CD:EF would get IPv6 address FD::1. > > Why host get different address, then why such option is even provided? > > User already express by this configuration that he is interested in such > setup even if it does not have to be compliant with standards. > > Some people are saying that assigning IPv6 address based on MAC address > is already violation of DHCPv6 RFC. > > Also dnsmasq provides support for leasing one IPv4 address to more MAC > addresses. This is often used when computer has both ethernet and wifi > interfaces and only one is used at the same time. dnsmasq then lease > IPv4 address to the last MAC address which asked for it. This feature > also violates DHCPv4 standard, but it is there as it is useful for lot > of people. > > So why should be similar useful feature problematic for IPv6 when it is > already provided for IPv4 in dnsmasq? > > > Anyway, if violation of DHCPv6 RFC standard with this setup of leasing > IPv6 address to MAC address statically is problematic, what about adding > a new option which enables this behavior? > Provide PATCH v3 and see what happens ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address
So finally something relevant to this patch... On Wednesday 22 July 2020 23:48:19 Petr Menšík wrote: > On 7/22/20 3:44 PM, Pali Rohár wrote: > > I do not see any benefit why to complicate things just because "IPv6 > > addresses are many". I do not see nothing wrong on simple setup where > > device has one IPv6 address assigned by DHCPv6 server. > I think you are requesting breaking of DHCP definition RFCs. I see > nothing wrong with IPv6 assigned to MAC address. I think it is wrong, if > there are existing leases for the same address with different IAID. The whole point of this patch is to make MAC --> IPv6 address assigning working. It means that IPv6 address must be leased to MAC address if assigning is based on MAC address and not on DUID/IAID. If user set in configure file that for MAC address AB:CD:EF:AB:CD:EF must be assigned IPv6 address FD::1 then user would expect that host with address AB:CD:EF:AB:CD:EF would get IPv6 address FD::1. Why host get different address, then why such option is even provided? User already express by this configuration that he is interested in such setup even if it does not have to be compliant with standards. Some people are saying that assigning IPv6 address based on MAC address is already violation of DHCPv6 RFC. Also dnsmasq provides support for leasing one IPv4 address to more MAC addresses. This is often used when computer has both ethernet and wifi interfaces and only one is used at the same time. dnsmasq then lease IPv4 address to the last MAC address which asked for it. This feature also violates DHCPv4 standard, but it is there as it is useful for lot of people. So why should be similar useful feature problematic for IPv6 when it is already provided for IPv4 in dnsmasq? Anyway, if violation of DHCPv6 RFC standard with this setup of leasing IPv6 address to MAC address statically is problematic, what about adding a new option which enables this behavior? -- Pali Rohár pali.ro...@gmail.com ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address
On 7/22/20 3:44 PM, Pali Rohár wrote: > Hello Petr! > > On Wednesday 22 July 2020 14:42:16 Petr Menšík wrote: >> More below... >> >> On 7/22/20 9:40 AM, Pali Rohár wrote: >>> Hello Petr! >>> >>> On Tuesday 21 July 2020 14:23:51 Petr Menšík wrote: I think more correct would be using the same DUID on both systems. >>> >>> Problem is that DUID generation is under control of operating system and >>> during installation of operating system, every one generates its own. It >>> is not under user control (at this stage of setup) or under "hw" control >>> (like for MAC address in IPv4 where operating system read MAC address >>> from HW). >>> >>> Also this is unsuitable in environment where MAC address should be >>> assigned to network card "by law". Or in environment where must be 1:1 >>> mapping between assigned IPv4 and IPv6 address. >> >> Could you explain a situation, why 1:1 mapping is required? Why 1:4 >> mapping would not work? > > What do you mean by 1:4 mapping? And why 4? That device would always > have one IPv4 address and randomly chosen IPv6 address from 4 member > set? Because it would be likely enough for normal host, even if it uses PXE on boot. Yes, it would have always one from those 4. > > This looks like complication. The point of DHCPv6 is that I could assign > one address, not random address from 4 member IPv6 set. One from predefined set is not random address. > > I really do not want to try 4 addresses until I figure out which one is > working. This is insane. Are you typing IPv6 addresses? How? What commands use them? Try DNS. It has support for multiple addresses on single name. Sane software would try all of them until it succeeds. > >> They are different protocols. IPv6 supports >> multiple addresses from the start. Because they make several maintenance >> actions a lot simpler. Why do you insist there must be only one address? > > And why I have to use multiple IPv6 addresses? I want to have service on > specific/chosen IPv6 address. Not random. How often do your machines change running operating system, with IAID change? Excluding changes during netboot. > >> You can use SLAAC for MAC generated addresses and they would be the same >> regardless running OS. > > SLAAC cannot be used anymore for this purpose as operating systems do > not use MAC address for generating SLAAC address. Both Windows systems > and NetworkManager systems generates randomized SLAAC address by > default. IIRC Android is doing it too. Good. Maybe there is a reason behind it. If you used hardware address to identify them instead of manually reserved IP address, it would work also with them. > >>> >>> If I have to configure every one machine on network and every one >>> operating system on that machine, then I do not have to use DHCPv6 and I >>> would assign all addresses statically. >>> >>> The point of usage DHCPv6 here is ability to configure network >>> automatically without need to re-configure network stack on operating >>> system. >> It is possible to configure them on network. > > Well, as I said, if I had to configure network stack on every IPv6 > connected computer and on every operating system on that computer then I > can set static IPv6 address. And do not see to deal with DUIDs and IADs. > > The point of usage DHCPv6 is to automatize assignment of IPv6 addresses > without need to do configuration of target systems. Like in IPv4 setup. > > Moreover, it is not possible to configure DUIDs on every system. E.g. > Intel's PXE implementation burned into PC ROM does not allow to set DUID > or IAID in firmware/setup screen. > >> It is not possible to >> ignore conflicting IDs. It would work well if host OS releases assigned >> leases before shutdown. > > Some OSes do not do it. Different closed source / burned systems > (including PXE) even cannot be workarounded / fixed. Openstack requested support for multiple IPv6 for one mac address. It got merged, because it allows solving exactly this use case without conflict with existing protocols. Unlike your proposal. And its use case included PXE boot. May I ask why does PXE boot require static IP address? Why it needs the same address as the OS later? Is it even important? Why? > > And still this does not work if you disconnected ethernet cable before > doing OS shutdown and connecting if after new bootup. > >> If they are still leased, they should not be >> assigned to conflicting ids. Is it possible to make sure they release >> the lease on shutdown/reboot? > > In case of network disconnect such thing is not obviously possible. > > And expecting that there is no network disconnect during leased IPv6 > address is wrong.> > Moreover, in static MAC <--> IPv6 setup I expect that IPv6 address is > assigned (leased) to MAC address. Otherwise, what other use case could > be for static MAC <--> IPv6 configuration setup? It works, but only if there is not already active lease. > >>> There is already another option to make this working.
Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address
Hello Petr! On Wednesday 22 July 2020 14:42:16 Petr Menšík wrote: > More below... > > On 7/22/20 9:40 AM, Pali Rohár wrote: > > Hello Petr! > > > > On Tuesday 21 July 2020 14:23:51 Petr Menšík wrote: > >> I think more correct would be using the same DUID on both systems. > > > > Problem is that DUID generation is under control of operating system and > > during installation of operating system, every one generates its own. It > > is not under user control (at this stage of setup) or under "hw" control > > (like for MAC address in IPv4 where operating system read MAC address > > from HW). > > > > Also this is unsuitable in environment where MAC address should be > > assigned to network card "by law". Or in environment where must be 1:1 > > mapping between assigned IPv4 and IPv6 address. > > Could you explain a situation, why 1:1 mapping is required? Why 1:4 > mapping would not work? What do you mean by 1:4 mapping? And why 4? That device would always have one IPv4 address and randomly chosen IPv6 address from 4 member set? This looks like complication. The point of DHCPv6 is that I could assign one address, not random address from 4 member IPv6 set. I really do not want to try 4 addresses until I figure out which one is working. This is insane. > They are different protocols. IPv6 supports > multiple addresses from the start. Because they make several maintenance > actions a lot simpler. Why do you insist there must be only one address? And why I have to use multiple IPv6 addresses? I want to have service on specific/chosen IPv6 address. Not random. > You can use SLAAC for MAC generated addresses and they would be the same > regardless running OS. SLAAC cannot be used anymore for this purpose as operating systems do not use MAC address for generating SLAAC address. Both Windows systems and NetworkManager systems generates randomized SLAAC address by default. IIRC Android is doing it too. > > > > If I have to configure every one machine on network and every one > > operating system on that machine, then I do not have to use DHCPv6 and I > > would assign all addresses statically. > > > > The point of usage DHCPv6 here is ability to configure network > > automatically without need to re-configure network stack on operating > > system. > It is possible to configure them on network. Well, as I said, if I had to configure network stack on every IPv6 connected computer and on every operating system on that computer then I can set static IPv6 address. And do not see to deal with DUIDs and IADs. The point of usage DHCPv6 is to automatize assignment of IPv6 addresses without need to do configuration of target systems. Like in IPv4 setup. Moreover, it is not possible to configure DUIDs on every system. E.g. Intel's PXE implementation burned into PC ROM does not allow to set DUID or IAID in firmware/setup screen. > It is not possible to > ignore conflicting IDs. It would work well if host OS releases assigned > leases before shutdown. Some OSes do not do it. Different closed source / burned systems (including PXE) even cannot be workarounded / fixed. And still this does not work if you disconnected ethernet cable before doing OS shutdown and connecting if after new bootup. > If they are still leased, they should not be > assigned to conflicting ids. Is it possible to make sure they release > the lease on shutdown/reboot? In case of network disconnect such thing is not obviously possible. And expecting that there is no network disconnect during leased IPv6 address is wrong. Moreover, in static MAC <--> IPv6 setup I expect that IPv6 address is assigned (leased) to MAC address. Otherwise, what other use case could be for static MAC <--> IPv6 configuration setup? > > > >> There is already another option to make this working. It is possible > >> assigning IPv6 prefix or multiple addresses. dhcp-host can provide > >> multiple addresses to single mac > > > > Assigning IPv6 address based on mac address is broken as I pointed in > > this patch. So such setup would not work. > > > > Anyway, my point is not to assign multiple addresses to single MAC > > address, but rather to ensure that for one MAC address would be assigned > > always only one specific MAC address. And not more. > But you need dnsmasq to ignore conflicts between addresses. While > existing solution allows to predefine addresses to static host entry. It > would always gen one of those addresses in case of conflict. It seems > more elegant and more correct fix to me. You haven't stated why do you > need just a single address for conflicting DUID. Just to note that dnsmasq assign address to IAID, not to DUID. Same problem happens if you even configure *same* DUID on both Windows and Linux systems on particular computer and on of them does not release its IAID (e.g. because network disconnect). Anyway, there cannot be any conflict which you described. MAC addresses on local network are unique (I do not have DHCPv6 relays). I did
Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address
Btw, found windows allows releasing of leases to be configured from DHCP server. I doubt similar option is accepted on ISC DHCP client. NetworkManager probably does not implement such thing. This should help you avoiding conflicts between multiple instances in a different way. Never used it, not sure whether it does work. Some customization might be necessary on Linux distribution. 1. https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-dhcpe/4cde5ceb-4fc1-4f9a-82e9-13f6b38d930c On 7/22/20 9:40 AM, Pali Rohár wrote: > Hello Petr! > > On Tuesday 21 July 2020 14:23:51 Petr Menšík wrote: >> I think more correct would be using the same DUID on both systems. > > Problem is that DUID generation is under control of operating system and > during installation of operating system, every one generates its own. It > is not under user control (at this stage of setup) or under "hw" control > (like for MAC address in IPv4 where operating system read MAC address > from HW). > > Also this is unsuitable in environment where MAC address should be > assigned to network card "by law". Or in environment where must be 1:1 > mapping between assigned IPv4 and IPv6 address. > > If I have to configure every one machine on network and every one > operating system on that machine, then I do not have to use DHCPv6 and I > would assign all addresses statically. > > The point of usage DHCPv6 here is ability to configure network > automatically without need to re-configure network stack on operating > system. > >> There is already another option to make this working. It is possible >> assigning IPv6 prefix or multiple addresses. dhcp-host can provide >> multiple addresses to single mac > > Assigning IPv6 address based on mac address is broken as I pointed in > this patch. So such setup would not work. > > Anyway, my point is not to assign multiple addresses to single MAC > address, but rather to ensure that for one MAC address would be assigned > always only one specific MAC address. And not more. > >> which works with different DUID quite >> well. It still has different addresses, but with the same base. >> >> taken from manual page: >> --dhcp-host=laptop,[1234:50/126] >> >> Why isn't this sufficient? >> >> On 5/26/20 10:52 AM, Pali Rohár wrote: >>> On Thursday 21 May 2020 16:22:03 Geert Stappers wrote: On Sun, May 03, 2020 at 01:23:15PM +0200, Pali Rohár wrote: > Currently IPv6 addresses are assigned to tuple (IAID, DUID). When system > changes IAID/DUID then old assigned IPv6 address cannot be reused, even > when in config file was DHCPv6 assignment based on MAC address (and not on > DUID). > > IAID/DUID is changed when rebooting from one operating system to another; > or after reinstalling system. In reality it is normal that DUID of some > machine is changed, so people rather assign also IPv6 addresses based on > MAC address. > > So assigning IPv6 based on MAC address in dnsmasq is currently semi-broken How to reproduce that semi-brokenness? >>> >>> Take computer with Windows/Linux dual boot systems. >>> >>> Configure MAC-based static IPv6 entry for that computer in dnsmasq and >>> set big enough lease time (e.g. day or more). >>> >>> Boot computer into Windows and wait until dnsmasq assign it IPv6 >>> address. It should match MAC-based entry in dnsmasq. Then reboot >>> computer into Linux system and again wait until it got assigned IPv6 >>> address. >>> >>> Normally it should get again same IPv6 address as it was assigned on >>> Windows, due to MAC-based static IPv6 entry in dnsmasq. >>> >>> But in reality that static entry is ignored by dnsmasq and rather some >>> "random" address is assigned. >>> >>> So assigning IPv6 addresses based on static MAC address in dnsmasq is >>> broken. >>> >>> You can reproduce it not only with Windows/Linux, but with any two >>> DHCPv6 clients which use different IAID/DUID. E.g. PXE DHCPv6 client >>> (for network booting) and Linux DHCPv6 client. >>> >>> dnsmasq without this patch refuse to assign MAC-based IPv6 static >>> address to computer with that MAC address, if that IPv6 address is still >>> leased to DHCPv6 client with different IAID. >>> >>> In my above example/reproducer, IPv6 address was leased to Windows >>> DHCPv6 client and therefore dnsmasq refused to assign it to Linux DHCPv6 >>> client, which in most cases have different IAID. Even both clients >>> (Windows and Linux) are on the same computer with same MAC address, >>> which matches MAC address in dnsmasq configuration file. >>> >>> That is why I called IPv6 address assignment according to MAC address as >>> "semi-brokenness". >>> > This patch tries to fix it and honors IPv6 config rules with MAC address, > to always assign particular IPv6 address to specific MAC address (when > configured). And ignores the fact if IAID/DUID was changed. > > Normally IPv6 address should be assigned by IAID/DUID (which also state > DHCPv6
Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address
More below... On 7/22/20 9:40 AM, Pali Rohár wrote: > Hello Petr! > > On Tuesday 21 July 2020 14:23:51 Petr Menšík wrote: >> I think more correct would be using the same DUID on both systems. > > Problem is that DUID generation is under control of operating system and > during installation of operating system, every one generates its own. It > is not under user control (at this stage of setup) or under "hw" control > (like for MAC address in IPv4 where operating system read MAC address > from HW). > > Also this is unsuitable in environment where MAC address should be > assigned to network card "by law". Or in environment where must be 1:1 > mapping between assigned IPv4 and IPv6 address. Could you explain a situation, why 1:1 mapping is required? Why 1:4 mapping would not work? They are different protocols. IPv6 supports multiple addresses from the start. Because they make several maintenance actions a lot simpler. Why do you insist there must be only one address? You can use SLAAC for MAC generated addresses and they would be the same regardless running OS. > > If I have to configure every one machine on network and every one > operating system on that machine, then I do not have to use DHCPv6 and I > would assign all addresses statically. > > The point of usage DHCPv6 here is ability to configure network > automatically without need to re-configure network stack on operating > system. It is possible to configure them on network. It is not possible to ignore conflicting IDs. It would work well if host OS releases assigned leases before shutdown. If they are still leased, they should not be assigned to conflicting ids. Is it possible to make sure they release the lease on shutdown/reboot? > >> There is already another option to make this working. It is possible >> assigning IPv6 prefix or multiple addresses. dhcp-host can provide >> multiple addresses to single mac > > Assigning IPv6 address based on mac address is broken as I pointed in > this patch. So such setup would not work. > > Anyway, my point is not to assign multiple addresses to single MAC > address, but rather to ensure that for one MAC address would be assigned > always only one specific MAC address. And not more. But you need dnsmasq to ignore conflicts between addresses. While existing solution allows to predefine addresses to static host entry. It would always gen one of those addresses in case of conflict. It seems more elegant and more correct fix to me. You haven't stated why do you need just a single address for conflicting DUID. There are plenty of IPv6 addresses available. Why does single host need exactly one? Especially if DNS can be synchronized and contains valid records? > >> which works with different DUID quite >> well. It still has different addresses, but with the same base. >> >> taken from manual page: >> --dhcp-host=laptop,[1234:50/126] >> >> Why isn't this sufficient? >> >> On 5/26/20 10:52 AM, Pali Rohár wrote: >>> On Thursday 21 May 2020 16:22:03 Geert Stappers wrote: On Sun, May 03, 2020 at 01:23:15PM +0200, Pali Rohár wrote: > Currently IPv6 addresses are assigned to tuple (IAID, DUID). When system > changes IAID/DUID then old assigned IPv6 address cannot be reused, even > when in config file was DHCPv6 assignment based on MAC address (and not on > DUID). > > IAID/DUID is changed when rebooting from one operating system to another; > or after reinstalling system. In reality it is normal that DUID of some > machine is changed, so people rather assign also IPv6 addresses based on > MAC address. > > So assigning IPv6 based on MAC address in dnsmasq is currently semi-broken How to reproduce that semi-brokenness? >>> >>> Take computer with Windows/Linux dual boot systems. >>> >>> Configure MAC-based static IPv6 entry for that computer in dnsmasq and >>> set big enough lease time (e.g. day or more). >>> >>> Boot computer into Windows and wait until dnsmasq assign it IPv6 >>> address. It should match MAC-based entry in dnsmasq. Then reboot >>> computer into Linux system and again wait until it got assigned IPv6 >>> address. >>> >>> Normally it should get again same IPv6 address as it was assigned on >>> Windows, due to MAC-based static IPv6 entry in dnsmasq. >>> >>> But in reality that static entry is ignored by dnsmasq and rather some >>> "random" address is assigned. >>> >>> So assigning IPv6 addresses based on static MAC address in dnsmasq is >>> broken. >>> >>> You can reproduce it not only with Windows/Linux, but with any two >>> DHCPv6 clients which use different IAID/DUID. E.g. PXE DHCPv6 client >>> (for network booting) and Linux DHCPv6 client. >>> >>> dnsmasq without this patch refuse to assign MAC-based IPv6 static >>> address to computer with that MAC address, if that IPv6 address is still >>> leased to DHCPv6 client with different IAID. >>> >>> In my above example/reproducer, IPv6 address was leased to Windows >>> DHCPv6 client and
Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address
Hello Petr! On Tuesday 21 July 2020 14:23:51 Petr Menšík wrote: > I think more correct would be using the same DUID on both systems. Problem is that DUID generation is under control of operating system and during installation of operating system, every one generates its own. It is not under user control (at this stage of setup) or under "hw" control (like for MAC address in IPv4 where operating system read MAC address from HW). Also this is unsuitable in environment where MAC address should be assigned to network card "by law". Or in environment where must be 1:1 mapping between assigned IPv4 and IPv6 address. If I have to configure every one machine on network and every one operating system on that machine, then I do not have to use DHCPv6 and I would assign all addresses statically. The point of usage DHCPv6 here is ability to configure network automatically without need to re-configure network stack on operating system. > There is already another option to make this working. It is possible > assigning IPv6 prefix or multiple addresses. dhcp-host can provide > multiple addresses to single mac Assigning IPv6 address based on mac address is broken as I pointed in this patch. So such setup would not work. Anyway, my point is not to assign multiple addresses to single MAC address, but rather to ensure that for one MAC address would be assigned always only one specific MAC address. And not more. > which works with different DUID quite > well. It still has different addresses, but with the same base. > > taken from manual page: > --dhcp-host=laptop,[1234:50/126] > > Why isn't this sufficient? > > On 5/26/20 10:52 AM, Pali Rohár wrote: > > On Thursday 21 May 2020 16:22:03 Geert Stappers wrote: > >> On Sun, May 03, 2020 at 01:23:15PM +0200, Pali Rohár wrote: > >>> Currently IPv6 addresses are assigned to tuple (IAID, DUID). When system > >>> changes IAID/DUID then old assigned IPv6 address cannot be reused, even > >>> when in config file was DHCPv6 assignment based on MAC address (and not on > >>> DUID). > >>> > >>> IAID/DUID is changed when rebooting from one operating system to another; > >>> or after reinstalling system. In reality it is normal that DUID of some > >>> machine is changed, so people rather assign also IPv6 addresses based on > >>> MAC address. > >>> > >>> So assigning IPv6 based on MAC address in dnsmasq is currently semi-broken > >> > >> How to reproduce that semi-brokenness? > > > > Take computer with Windows/Linux dual boot systems. > > > > Configure MAC-based static IPv6 entry for that computer in dnsmasq and > > set big enough lease time (e.g. day or more). > > > > Boot computer into Windows and wait until dnsmasq assign it IPv6 > > address. It should match MAC-based entry in dnsmasq. Then reboot > > computer into Linux system and again wait until it got assigned IPv6 > > address. > > > > Normally it should get again same IPv6 address as it was assigned on > > Windows, due to MAC-based static IPv6 entry in dnsmasq. > > > > But in reality that static entry is ignored by dnsmasq and rather some > > "random" address is assigned. > > > > So assigning IPv6 addresses based on static MAC address in dnsmasq is > > broken. > > > > You can reproduce it not only with Windows/Linux, but with any two > > DHCPv6 clients which use different IAID/DUID. E.g. PXE DHCPv6 client > > (for network booting) and Linux DHCPv6 client. > > > > dnsmasq without this patch refuse to assign MAC-based IPv6 static > > address to computer with that MAC address, if that IPv6 address is still > > leased to DHCPv6 client with different IAID. > > > > In my above example/reproducer, IPv6 address was leased to Windows > > DHCPv6 client and therefore dnsmasq refused to assign it to Linux DHCPv6 > > client, which in most cases have different IAID. Even both clients > > (Windows and Linux) are on the same computer with same MAC address, > > which matches MAC address in dnsmasq configuration file. > > > > That is why I called IPv6 address assignment according to MAC address as > > "semi-brokenness". > > > >> > >>> This patch tries to fix it and honors IPv6 config rules with MAC address, > >>> to always assign particular IPv6 address to specific MAC address (when > >>> configured). And ignores the fact if IAID/DUID was changed. > >>> > >>> Normally IPv6 address should be assigned by IAID/DUID (which also state > >>> DHCPv6 RFCs), but dnsmasq has already some support for assigning IPv6 > >>> address based on MAC address, when users configured in config file. > >>> > >>> So this patch just tries to fix above problem for user configuration with > >>> MAC addresses. It does not change assignment based on DUID. > >>> --- > >>> > >>> This is my original patch rebased on top of current git master branch. > >> > >> Acknowledge > >> > >> > >>> Previous email with this patch probably dropped into spambox > >>> and was not processed. > >> > >> (unspoken words + > >> > >>
Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address
I think more correct would be using the same DUID on both systems. There is already another option to make this working. It is possible assigning IPv6 prefix or multiple addresses. dhcp-host can provide multiple addresses to single mac, which works with different DUID quite well. It still has different addresses, but with the same base. taken from manual page: --dhcp-host=laptop,[1234:50/126] Why isn't this sufficient? On 5/26/20 10:52 AM, Pali Rohár wrote: > On Thursday 21 May 2020 16:22:03 Geert Stappers wrote: >> On Sun, May 03, 2020 at 01:23:15PM +0200, Pali Rohár wrote: >>> Currently IPv6 addresses are assigned to tuple (IAID, DUID). When system >>> changes IAID/DUID then old assigned IPv6 address cannot be reused, even >>> when in config file was DHCPv6 assignment based on MAC address (and not on >>> DUID). >>> >>> IAID/DUID is changed when rebooting from one operating system to another; >>> or after reinstalling system. In reality it is normal that DUID of some >>> machine is changed, so people rather assign also IPv6 addresses based on >>> MAC address. >>> >>> So assigning IPv6 based on MAC address in dnsmasq is currently semi-broken >> >> How to reproduce that semi-brokenness? > > Take computer with Windows/Linux dual boot systems. > > Configure MAC-based static IPv6 entry for that computer in dnsmasq and > set big enough lease time (e.g. day or more). > > Boot computer into Windows and wait until dnsmasq assign it IPv6 > address. It should match MAC-based entry in dnsmasq. Then reboot > computer into Linux system and again wait until it got assigned IPv6 > address. > > Normally it should get again same IPv6 address as it was assigned on > Windows, due to MAC-based static IPv6 entry in dnsmasq. > > But in reality that static entry is ignored by dnsmasq and rather some > "random" address is assigned. > > So assigning IPv6 addresses based on static MAC address in dnsmasq is > broken. > > You can reproduce it not only with Windows/Linux, but with any two > DHCPv6 clients which use different IAID/DUID. E.g. PXE DHCPv6 client > (for network booting) and Linux DHCPv6 client. > > dnsmasq without this patch refuse to assign MAC-based IPv6 static > address to computer with that MAC address, if that IPv6 address is still > leased to DHCPv6 client with different IAID. > > In my above example/reproducer, IPv6 address was leased to Windows > DHCPv6 client and therefore dnsmasq refused to assign it to Linux DHCPv6 > client, which in most cases have different IAID. Even both clients > (Windows and Linux) are on the same computer with same MAC address, > which matches MAC address in dnsmasq configuration file. > > That is why I called IPv6 address assignment according to MAC address as > "semi-brokenness". > >> >>> This patch tries to fix it and honors IPv6 config rules with MAC address, >>> to always assign particular IPv6 address to specific MAC address (when >>> configured). And ignores the fact if IAID/DUID was changed. >>> >>> Normally IPv6 address should be assigned by IAID/DUID (which also state >>> DHCPv6 RFCs), but dnsmasq has already some support for assigning IPv6 >>> address based on MAC address, when users configured in config file. >>> >>> So this patch just tries to fix above problem for user configuration with >>> MAC addresses. It does not change assignment based on DUID. >>> --- >>> >>> This is my original patch rebased on top of current git master branch. >> >> Acknowledge >> >> >>> Previous email with this patch probably dropped into spambox >>> and was not processed. >> >> (unspoken words + >> >> http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2020q2/014018.html ) >> >> >>> So please let me know if now this email was correctly received. >> >> Recieved the patch and was able to `git am` it. >> It did compile and passed the unittests. >> >> No further check was done. Mostly because not facing the problem that >> patch submitter has. Probably some day I will, hence the above 'How to >> reproduce that semi-brokenness?' >> >> >>> src/rfc3315.c | 55 +++ >>> 1 file changed, 47 insertions(+), 8 deletions(-) >>> >>> diff --git a/src/rfc3315.c b/src/rfc3315.c >>> index b3f0a0a..e588b13 100644 >>> --- a/src/rfc3315.c >>> +++ b/src/rfc3315.c >> ... 142 lines of actual patch ... >> >> >> Groeten >> Geert Stappers >> -- >> Silence is hard to parse >> >> ___ >> Dnsmasq-discuss mailing list >> Dnsmasq-discuss@lists.thekelleys.org.uk >> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss > -- Petr Menšík Software Engineer Red Hat, http://www.redhat.com/ email: pemen...@redhat.com PGP: DFCF908DB7C87E8E529925BC4931CA5B6C9FC5CB ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address
On Tuesday 26 May 2020 10:52:05 Pali Rohár wrote: > On Thursday 21 May 2020 16:22:03 Geert Stappers wrote: > > On Sun, May 03, 2020 at 01:23:15PM +0200, Pali Rohár wrote: > > > Currently IPv6 addresses are assigned to tuple (IAID, DUID). When system > > > changes IAID/DUID then old assigned IPv6 address cannot be reused, even > > > when in config file was DHCPv6 assignment based on MAC address (and not on > > > DUID). > > > > > > IAID/DUID is changed when rebooting from one operating system to another; > > > or after reinstalling system. In reality it is normal that DUID of some > > > machine is changed, so people rather assign also IPv6 addresses based on > > > MAC address. > > > > > > So assigning IPv6 based on MAC address in dnsmasq is currently > > > semi-broken. > > > > How to reproduce that semi-brokenness? > > Take computer with Windows/Linux dual boot systems. > > Configure MAC-based static IPv6 entry for that computer in dnsmasq and > set big enough lease time (e.g. day or more). > > Boot computer into Windows and wait until dnsmasq assign it IPv6 > address. It should match MAC-based entry in dnsmasq. Then reboot > computer into Linux system and again wait until it got assigned IPv6 > address. > > Normally it should get again same IPv6 address as it was assigned on > Windows, due to MAC-based static IPv6 entry in dnsmasq. > > But in reality that static entry is ignored by dnsmasq and rather some > "random" address is assigned. > > So assigning IPv6 addresses based on static MAC address in dnsmasq is > broken. > > You can reproduce it not only with Windows/Linux, but with any two > DHCPv6 clients which use different IAID/DUID. E.g. PXE DHCPv6 client > (for network booting) and Linux DHCPv6 client. > > dnsmasq without this patch refuse to assign MAC-based IPv6 static > address to computer with that MAC address, if that IPv6 address is still > leased to DHCPv6 client with different IAID. > > In my above example/reproducer, IPv6 address was leased to Windows > DHCPv6 client and therefore dnsmasq refused to assign it to Linux DHCPv6 > client, which in most cases have different IAID. Even both clients > (Windows and Linux) are on the same computer with same MAC address, > which matches MAC address in dnsmasq configuration file. > > That is why I called IPv6 address assignment according to MAC address as > "semi-brokenness". > > > > > > This patch tries to fix it and honors IPv6 config rules with MAC address, > > > to always assign particular IPv6 address to specific MAC address (when > > > configured). And ignores the fact if IAID/DUID was changed. > > > > > > Normally IPv6 address should be assigned by IAID/DUID (which also state > > > DHCPv6 RFCs), but dnsmasq has already some support for assigning IPv6 > > > address based on MAC address, when users configured in config file. > > > > > > So this patch just tries to fix above problem for user configuration with > > > MAC addresses. It does not change assignment based on DUID. > > > --- > > > > > > This is my original patch rebased on top of current git master branch. > > > > Acknowledge > > > > > > > Previous email with this patch probably dropped into spambox > > > and was not processed. > > > > (unspoken words + > > > > http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2020q2/014018.html > > ) I'm not sure if this is that case... because Simon reacted to other patch emails. This really looks like that patch email was dropped into spambox. Simon, if you are reading this email / patch could you react if you have received this email? Or if it was dropped into spambox? > > > > > So please let me know if now this email was correctly received. > > > > Recieved the patch and was able to `git am` it. > > It did compile and passed the unittests. > > > > No further check was done. Mostly because not facing the problem that > > patch submitter has. Probably some day I will, hence the above 'How to > > reproduce that semi-brokenness?' > > > > > > > src/rfc3315.c | 55 +++ > > > 1 file changed, 47 insertions(+), 8 deletions(-) > > > > > > diff --git a/src/rfc3315.c b/src/rfc3315.c > > > index b3f0a0a..e588b13 100644 > > > --- a/src/rfc3315.c > > > +++ b/src/rfc3315.c > > ... 142 lines of actual patch ... > > > > > > Groeten > > Geert Stappers > > -- > > Silence is hard to parse > > > > ___ > > Dnsmasq-discuss mailing list > > Dnsmasq-discuss@lists.thekelleys.org.uk > > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss > > -- > Pali Rohár > pali.ro...@gmail.com -- Pali Rohár pali.ro...@gmail.com ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address
On Thursday 21 May 2020 16:22:03 Geert Stappers wrote: > On Sun, May 03, 2020 at 01:23:15PM +0200, Pali Rohár wrote: > > Currently IPv6 addresses are assigned to tuple (IAID, DUID). When system > > changes IAID/DUID then old assigned IPv6 address cannot be reused, even > > when in config file was DHCPv6 assignment based on MAC address (and not on > > DUID). > > > > IAID/DUID is changed when rebooting from one operating system to another; > > or after reinstalling system. In reality it is normal that DUID of some > > machine is changed, so people rather assign also IPv6 addresses based on > > MAC address. > > > > So assigning IPv6 based on MAC address in dnsmasq is currently semi-broken. > > How to reproduce that semi-brokenness? Take computer with Windows/Linux dual boot systems. Configure MAC-based static IPv6 entry for that computer in dnsmasq and set big enough lease time (e.g. day or more). Boot computer into Windows and wait until dnsmasq assign it IPv6 address. It should match MAC-based entry in dnsmasq. Then reboot computer into Linux system and again wait until it got assigned IPv6 address. Normally it should get again same IPv6 address as it was assigned on Windows, due to MAC-based static IPv6 entry in dnsmasq. But in reality that static entry is ignored by dnsmasq and rather some "random" address is assigned. So assigning IPv6 addresses based on static MAC address in dnsmasq is broken. You can reproduce it not only with Windows/Linux, but with any two DHCPv6 clients which use different IAID/DUID. E.g. PXE DHCPv6 client (for network booting) and Linux DHCPv6 client. dnsmasq without this patch refuse to assign MAC-based IPv6 static address to computer with that MAC address, if that IPv6 address is still leased to DHCPv6 client with different IAID. In my above example/reproducer, IPv6 address was leased to Windows DHCPv6 client and therefore dnsmasq refused to assign it to Linux DHCPv6 client, which in most cases have different IAID. Even both clients (Windows and Linux) are on the same computer with same MAC address, which matches MAC address in dnsmasq configuration file. That is why I called IPv6 address assignment according to MAC address as "semi-brokenness". > > > This patch tries to fix it and honors IPv6 config rules with MAC address, > > to always assign particular IPv6 address to specific MAC address (when > > configured). And ignores the fact if IAID/DUID was changed. > > > > Normally IPv6 address should be assigned by IAID/DUID (which also state > > DHCPv6 RFCs), but dnsmasq has already some support for assigning IPv6 > > address based on MAC address, when users configured in config file. > > > > So this patch just tries to fix above problem for user configuration with > > MAC addresses. It does not change assignment based on DUID. > > --- > > > > This is my original patch rebased on top of current git master branch. > > Acknowledge > > > > Previous email with this patch probably dropped into spambox > > and was not processed. > > (unspoken words + > http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2020q2/014018.html > ) > > > > So please let me know if now this email was correctly received. > > Recieved the patch and was able to `git am` it. > It did compile and passed the unittests. > > No further check was done. Mostly because not facing the problem that > patch submitter has. Probably some day I will, hence the above 'How to > reproduce that semi-brokenness?' > > > > src/rfc3315.c | 55 +++ > > 1 file changed, 47 insertions(+), 8 deletions(-) > > > > diff --git a/src/rfc3315.c b/src/rfc3315.c > > index b3f0a0a..e588b13 100644 > > --- a/src/rfc3315.c > > +++ b/src/rfc3315.c > ... 142 lines of actual patch ... > > > Groeten > Geert Stappers > -- > Silence is hard to parse > > ___ > Dnsmasq-discuss mailing list > Dnsmasq-discuss@lists.thekelleys.org.uk > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss -- Pali Rohár pali.ro...@gmail.com ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address
On Sun, May 03, 2020 at 01:23:15PM +0200, Pali Rohár wrote: > Currently IPv6 addresses are assigned to tuple (IAID, DUID). When system > changes IAID/DUID then old assigned IPv6 address cannot be reused, even > when in config file was DHCPv6 assignment based on MAC address (and not on > DUID). > > IAID/DUID is changed when rebooting from one operating system to another; > or after reinstalling system. In reality it is normal that DUID of some > machine is changed, so people rather assign also IPv6 addresses based on > MAC address. > > So assigning IPv6 based on MAC address in dnsmasq is currently semi-broken. How to reproduce that semi-brokenness? > This patch tries to fix it and honors IPv6 config rules with MAC address, > to always assign particular IPv6 address to specific MAC address (when > configured). And ignores the fact if IAID/DUID was changed. > > Normally IPv6 address should be assigned by IAID/DUID (which also state > DHCPv6 RFCs), but dnsmasq has already some support for assigning IPv6 > address based on MAC address, when users configured in config file. > > So this patch just tries to fix above problem for user configuration with > MAC addresses. It does not change assignment based on DUID. > --- > > This is my original patch rebased on top of current git master branch. Acknowledge > Previous email with this patch probably dropped into spambox > and was not processed. (unspoken words + http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2020q2/014018.html ) > So please let me know if now this email was correctly received. Recieved the patch and was able to `git am` it. It did compile and passed the unittests. No further check was done. Mostly because not facing the problem that patch submitter has. Probably some day I will, hence the above 'How to reproduce that semi-brokenness?' > src/rfc3315.c | 55 +++ > 1 file changed, 47 insertions(+), 8 deletions(-) > > diff --git a/src/rfc3315.c b/src/rfc3315.c > index b3f0a0a..e588b13 100644 > --- a/src/rfc3315.c > +++ b/src/rfc3315.c ... 142 lines of actual patch ... Groeten Geert Stappers -- Silence is hard to parse ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address
Currently IPv6 addresses are assigned to tuple (IAID, DUID). When system changes IAID/DUID then old assigned IPv6 address cannot be reused, even when in config file was DHCPv6 assignment based on MAC address (and not on DUID). IAID/DUID is changed when rebooting from one operating system to another; or after reinstalling system. In reality it is normal that DUID of some machine is changed, so people rather assign also IPv6 addresses based on MAC address. So assigning IPv6 based on MAC address in dnsmasq is currently semi-broken. This patch tries to fix it and honors IPv6 config rules with MAC address, to always assign particular IPv6 address to specific MAC address (when configured). And ignores the fact if IAID/DUID was changed. Normally IPv6 address should be assigned by IAID/DUID (which also state DHCPv6 RFCs), but dnsmasq has already some support for assigning IPv6 address based on MAC address, when users configured in config file. So this patch just tries to fix above problem for user configuration with MAC addresses. It does not change assignment based on DUID. --- This is my original patch rebased on top of current git master branch. Previous email with this patch probably dropped into spambox and was not processed. So please let me know if now this email was correctly received. --- src/rfc3315.c | 55 +++ 1 file changed, 47 insertions(+), 8 deletions(-) diff --git a/src/rfc3315.c b/src/rfc3315.c index b3f0a0a..e588b13 100644 --- a/src/rfc3315.c +++ b/src/rfc3315.c @@ -48,7 +48,7 @@ static int build_ia(struct state *state, int *t1cntr); static void end_ia(int t1cntr, unsigned int min_time, int do_fuzz); static void mark_context_used(struct state *state, struct in6_addr *addr); static void mark_config_used(struct dhcp_context *context, struct in6_addr *addr); -static int check_address(struct state *state, struct in6_addr *addr); +static int check_address(struct state *state, struct dhcp_config *config, struct in6_addr *addr); static int config_valid(struct dhcp_config *config, struct dhcp_context *context, struct in6_addr *addr, struct state *state, time_t now); static struct addrlist *config_implies(struct dhcp_config *config, struct dhcp_context *context, struct in6_addr *addr); static void add_address(struct state *state, struct dhcp_context *context, unsigned int lease_time, void *ia_option, @@ -688,8 +688,13 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_ } else if (!(c = address6_available(state->context, _addr, solicit_tags, plain_range))) continue; /* not an address we're allowed */ - else if (!check_address(state, _addr)) + else if (!check_address(state, config, _addr)) continue; /* address leased elsewhere */ + else if (state->mac_len && config && +config_has_mac(config, state->mac, state->mac_len, state->mac_type) && +match_netid(c->filter, solicit_tags, plain_range) && +!config_implies(config, c, _addr)) + continue; /* another static address is configured */ /* add address to output packet */ add_address(state, c, lease_time, ia_option, _time, _addr, now); @@ -701,7 +706,10 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_ /* Suggest configured address(es) */ for (c = state->context; c; c = c->current) - if (!(c->flags & CONTEXT_CONF_USED) && + if ((!(c->flags & CONTEXT_CONF_USED) || + (state->mac_len && config && + config_has_mac(config, state->mac, state->mac_len, state->mac_type) + )) && match_netid(c->filter, solicit_tags, plain_range) && config_valid(config, c, , state, now)) { @@ -725,6 +733,11 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_ req_addr = ltmp->addr6; if ((c = address6_available(state->context, _addr, solicit_tags, plain_range))) { + if (state->mac_len && config && + config_has_mac(config, state->mac, state->mac_len, state->mac_type) && + match_netid(c->filter, solicit_tags, plain_range) && + !config_implies(config, c, _addr)) + continue; /* skip this lease because another static address is configured */ add_address(state, c, c->lease_time, NULL, _time, _addr, now); mark_context_used(state, _addr); get_context_tag(state, c); @@ -859,7 +872,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void