subject:"\[Dnsmasq\-discuss\] \[PATCH v2\] DHCPv6\: Honor assigning IPv6 address based on MAC address"

Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

2020-07-26 Thread Geert Stappers

On Sun, Jul 26, 2020 at 04:05:07PM +0200, Pali Rohár wrote:
> On Thursday 23 July 2020 13:11:36 Move On wrote:
> > On Thu, Jul 23, 2020 at 10:35:45AM +0200, Pali Rohár wrote:
> > >  ... retransmit ...
> > 
> > Provide PATCH v3  and see what happens
> 
> So, this is the only thing which needs to be fixed and after patch would be 
> merged?
> 

Which part of 'and see what happens' may I explain?  And for which consultancy 
fee?


Regards
Geert Stappers
Retransmitting "a blunt 'patch rejected' is way better than ignoring a patch"
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

2020-07-26 Thread Pali Rohár

On Thursday 23 July 2020 13:11:36 Move On wrote:
> On Thu, Jul 23, 2020 at 10:35:45AM +0200, Pali Rohár wrote:
> > So finally something relevant to this patch...
>  
> Cheer   \o/
> 
> > On Wednesday 22 July 2020 23:48:19 Petr Menšík wrote:
> > > On 7/22/20 3:44 PM, Pali Rohár wrote:
> > > > I do not see any benefit why to complicate things just because "IPv6
> > > > addresses are many". I do not see nothing wrong on simple setup where
> > > > device has one IPv6 address assigned by DHCPv6 server.
> > > I think you are requesting breaking of DHCP definition RFCs. I see
> > > nothing wrong with IPv6 assigned to MAC address. I think it is wrong, if
> > > there are existing leases for the same address with different IAID.
> > 
> > The whole point of this patch is to make MAC --> IPv6 address assigning
> > working. It means that IPv6 address must be leased to MAC address if
> > assigning is based on MAC address and not on DUID/IAID.
> > 
> > If user set in configure file that for MAC address AB:CD:EF:AB:CD:EF
> > must be assigned IPv6 address FD::1 then user would expect that host
> > with address AB:CD:EF:AB:CD:EF would get IPv6 address FD::1.
> > 
> > Why host get different address, then why such option is even provided?
> > 
> > User already express by this configuration that he is interested in such
> > setup even if it does not have to be compliant with standards.
> > 
> > Some people are saying that assigning IPv6 address based on MAC address
> > is already violation of DHCPv6 RFC.
> > 
> > Also dnsmasq provides support for leasing one IPv4 address to more MAC
> > addresses. This is often used when computer has both ethernet and wifi
> > interfaces and only one is used at the same time. dnsmasq then lease
> > IPv4 address to the last MAC address which asked for it. This feature
> > also violates DHCPv4 standard, but it is there as it is useful for lot
> > of people.
> > 
> > So why should be similar useful feature problematic for IPv6 when it is
> > already provided for IPv4 in dnsmasq?
> > 
> > 
> > Anyway, if violation of DHCPv6 RFC standard with this setup of leasing
> > IPv6 address to MAC address statically is problematic, what about adding
> > a new option which enables this behavior?
> > 
> 
> Provide PATCH v3  and see what happens

So, this is the only thing which needs to be fixed and after patch would be 
merged?

-- 
Pali Rohár
pali.ro...@gmail.com

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

2020-07-26 Thread Pali Rohár

On Thursday 23 July 2020 19:03:41 Kevin 'ldir' Darbyshire-Bryant wrote:
> > On 23 Jul 2020, at 14:11, Pali Rohár  wrote:
> > 
> 
> > 
> > Hello Kevin! So you basically have similar/same feature request.
> > 
> > Could you test this dnsmasq patch if it helps with your setup?
> > 
> > --
> > Pali Rohár
> > pali.ro...@gmail.com
> 
> I have successfully used prior incarnations of your patch.

Great!

So patch was already tested that is working and it is useful.

> Recently I haven’t required it but I am not sure if this is because qnap have 
> improved something OR simply because I don’t reboot the boxes anywhere near 
> as often.  I’ll see if I can provoke the problem over the next few days but I 
> am quite busy at the moment.  Fixing the issue when the problem arises is a 
> real pain in the arse involving qnap shutdown, dnsmasq shutdown, edit 
> leasefile & remove the rogue leases, restart dnsmasq, restart qnap.

I understand it, assigning IPv6 address based on MAC address is in
dnsmasq currently unusable and removing lease file with dnsmasq restart
is the only workaround which I know.

I think that patch in current form is enough.

-- 
Pali Rohár
pali.ro...@gmail.com

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

2020-07-23 Thread Kevin 'ldir' Darbyshire-Bryant

> On 23 Jul 2020, at 14:11, Pali Rohár  wrote:
> 

> 
> Hello Kevin! So you basically have similar/same feature request.
> 
> Could you test this dnsmasq patch if it helps with your setup?
> 
> --
> Pali Rohár
> pali.ro...@gmail.com

I have successfully used prior incarnations of your patch.  Recently I haven’t 
required it but I am not sure if this is because qnap have improved something 
OR simply because I don’t reboot the boxes anywhere near as often.  I’ll see if 
I can provoke the problem over the next few days but I am quite busy at the 
moment.  Fixing the issue when the problem arises is a real pain in the arse 
involving qnap shutdown, dnsmasq shutdown, edit leasefile & remove the rogue 
leases, restart dnsmasq, restart qnap.

Cheers,

Kevin D-B

gpg: 012C ACB2 28C6 C53E 9775  9123 B3A2 389B 9DE2 334A

signature.asc
Description: Message signed with OpenPGP
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

2020-07-23 Thread Geert Stappers

On Thu, Jul 23, 2020 at 03:11:59PM +0200, Pali Rohár wrote:
> On Thursday 23 July 2020 12:43:03 Kevin 'ldir' Darbyshire-Bryant wrote:
> > On 23 Jul 2020, at 09:35, Pali Rohár  wrote:
> > > On Wednesday 22 July 2020 23:48:19 Petr Menšík wrote:
> > >> On 7/22/20 3:44 PM, Pali Rohár wrote:
> > >>> I do not see any benefit why to complicate things just because "IPv6
> > >>> addresses are many". I do not see nothing wrong on simple setup where
> > >>> device has one IPv6 address assigned by DHCPv6 server.
> > >> I think you are requesting breaking of DHCP definition RFCs. I see
> > >> nothing wrong with IPv6 assigned to MAC address. I think it is wrong, if
> > >> there are existing leases for the same address with different IAID.
> > > 
> > > The whole point of this patch is to make MAC --> IPv6 address assigning
> > > working. It means that IPv6 address must be leased to MAC address if
> > > assigning is based on MAC address and not on DUID/IAID.
> > > 
> > > If user set in configure file that for MAC address AB:CD:EF:AB:CD:EF
> > > must be assigned IPv6 address FD::1 then user would expect that host
> > > with address AB:CD:EF:AB:CD:EF would get IPv6 address FD::1.
> > 
> > 
> > If I may proffer this real life use case/scenario as found in my
> > very own home:
> > 
> > I have a couple of Qnap NAS boxes.  They speak legacy IP and IPv6.
> > These boxes sometimes offer services such as bittorrent to the
> > Internet. They live behind an Openwrt router/firewall, the very device
> > that runs dnsmasq offering DHCPv4/v6 leases.  For purposes of my own
> > sanity I lock the IPv4 address to the qnap devices MAC addresses,
> > thus I can enter unchanging and consistent entries in the firewall
> > for relevant hosts/ports.  I have an identical requirement for IPv6.
> > I need to be sure that these Qnap devices will land at a known,
> > consistent, effectively static IPv4/v6 address.
> > 
> > The IPv4 case is easily solved and supported.  The IPv6 case
> > (until recently..qnap changed something..and I don’t reboot as
> > much) was more challenging in that dnsmasq ignores the MAC address.
> > The DUID/IAID would change at different stages of the boot, leading
> > to dnsmasq thinking the address requested was being requested for
> > a new client as opposed to the same client simply rebooting.
> > 
> > There is a use case for locking/mapping IPv6 to MAC address whether
> > it violates RFCs or not.  For reasons of firewall pinholes I need
> > certain machines to land at certain addresses.  For ‘fun’ we
> > can discuss if this is a problem with/for upnp/natpnp
> 
> Hello Kevin! So you basically have similar/same feature request.
> 
> Could you test this dnsmasq patch if it helps with your setup?

That is does mean doing things you might never have done before.
Feel welcome to come with questions about it.


Regards
Geert Stappers
Who loves to see:  Yes, patch "foo" works for me.
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

2020-07-23 Thread Olaf Hering

Am Thu, 23 Jul 2020 10:35:45 +0200
schrieb Pali Rohár :

> If user set in configure file that for MAC address AB:CD:EF:AB:CD:EF
> must be assigned IPv6 address FD::1 then user would expect that host
> with address AB:CD:EF:AB:CD:EF would get IPv6 address FD::1.

In a world where a DHCP client has more power than the network admin,
this is all wishful thinking. Clearly dnsmasq could serve real life
instead of following some weird RFCs...


Olaf


pgpVal0R8hUvn.pgp
Description: Digitale Signatur von OpenPGP
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

2020-07-23 Thread Pali Rohár

On Thursday 23 July 2020 12:43:03 Kevin 'ldir' Darbyshire-Bryant wrote:
> > On 23 Jul 2020, at 09:35, Pali Rohár  wrote:
> > 
> > So finally something relevant to this patch...
> > 
> > On Wednesday 22 July 2020 23:48:19 Petr Menšík wrote:
> >> On 7/22/20 3:44 PM, Pali Rohár wrote:
> >>> I do not see any benefit why to complicate things just because "IPv6
> >>> addresses are many". I do not see nothing wrong on simple setup where
> >>> device has one IPv6 address assigned by DHCPv6 server.
> >> I think you are requesting breaking of DHCP definition RFCs. I see
> >> nothing wrong with IPv6 assigned to MAC address. I think it is wrong, if
> >> there are existing leases for the same address with different IAID.
> > 
> > The whole point of this patch is to make MAC --> IPv6 address assigning
> > working. It means that IPv6 address must be leased to MAC address if
> > assigning is based on MAC address and not on DUID/IAID.
> > 
> > If user set in configure file that for MAC address AB:CD:EF:AB:CD:EF
> > must be assigned IPv6 address FD::1 then user would expect that host
> > with address AB:CD:EF:AB:CD:EF would get IPv6 address FD::1.
> 
> 
> If I may proffer this real life use case/scenario as found in my very own 
> home:
> 
> I have a couple of Qnap NAS boxes.  They speak legacy IP and IPv6.  These 
> boxes sometimes offer services such as bittorrent to the Internet. They live 
> behind an Openwrt router/firewall, the very device that runs dnsmasq offering 
> DHCPv4/v6 leases.  For purposes of my own sanity I lock the IPv4 address to 
> the qnap devices MAC addresses, thus I can enter unchanging and consistent 
> entries in the firewall for relevant hosts/ports.  I have an identical 
> requirement for IPv6.  I need to be sure that these Qnap devices will land at 
> a known, consistent, effectively static IPv4/v6 address.
> 
> The IPv4 case is easily solved and supported.  The IPv6 case (until 
> recently..qnap changed something..and I don’t reboot as much) was more 
> challenging in that dnsmasq ignores the MAC address.  The DUID/IAID would 
> change at different stages of the boot, leading to dnsmasq thinking the 
> address requested was being requested for a new client as opposed to the same 
> client simply rebooting.
> 
> There is a use case for locking/mapping IPv6 to MAC address whether it 
> violates RFCs or not.  For reasons of firewall pinholes I need certain 
> machines to land at certain addresses.  For ‘fun’ we can discuss if this is a 
> problem with/for upnp/natpnp

Hello Kevin! So you basically have similar/same feature request.

Could you test this dnsmasq patch if it helps with your setup?

-- 
Pali Rohár
pali.ro...@gmail.com

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

2020-07-23 Thread Kevin 'ldir' Darbyshire-Bryant

> On 23 Jul 2020, at 09:35, Pali Rohár  wrote:
> 
> So finally something relevant to this patch...
> 
> On Wednesday 22 July 2020 23:48:19 Petr Menšík wrote:
>> On 7/22/20 3:44 PM, Pali Rohár wrote:
>>> I do not see any benefit why to complicate things just because "IPv6
>>> addresses are many". I do not see nothing wrong on simple setup where
>>> device has one IPv6 address assigned by DHCPv6 server.
>> I think you are requesting breaking of DHCP definition RFCs. I see
>> nothing wrong with IPv6 assigned to MAC address. I think it is wrong, if
>> there are existing leases for the same address with different IAID.
> 
> The whole point of this patch is to make MAC --> IPv6 address assigning
> working. It means that IPv6 address must be leased to MAC address if
> assigning is based on MAC address and not on DUID/IAID.
> 
> If user set in configure file that for MAC address AB:CD:EF:AB:CD:EF
> must be assigned IPv6 address FD::1 then user would expect that host
> with address AB:CD:EF:AB:CD:EF would get IPv6 address FD::1.

If I may proffer this real life use case/scenario as found in my very own home:

I have a couple of Qnap NAS boxes.  They speak legacy IP and IPv6.  These boxes 
sometimes offer services such as bittorrent to the Internet. They live behind 
an Openwrt router/firewall, the very device that runs dnsmasq offering 
DHCPv4/v6 leases.  For purposes of my own sanity I lock the IPv4 address to the 
qnap devices MAC addresses, thus I can enter unchanging and consistent entries 
in the firewall for relevant hosts/ports.  I have an identical requirement for 
IPv6.  I need to be sure that these Qnap devices will land at a known, 
consistent, effectively static IPv4/v6 address.

The IPv4 case is easily solved and supported.  The IPv6 case (until 
recently..qnap changed something..and I don’t reboot as much) was more 
challenging in that dnsmasq ignores the MAC address.  The DUID/IAID would 
change at different stages of the boot, leading to dnsmasq thinking the address 
requested was being requested for a new client as opposed to the same client 
simply rebooting.

There is a use case for locking/mapping IPv6 to MAC address whether it violates 
RFCs or not.  For reasons of firewall pinholes I need certain machines to land 
at certain addresses.  For ‘fun’ we can discuss if this is a problem with/for 
upnp/natpnp

Cheers,

Kevin D-B

gpg: 012C ACB2 28C6 C53E 9775  9123 B3A2 389B 9DE2 334A

signature.asc
Description: Message signed with OpenPGP
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

2020-07-23 Thread Roy Marples


On 22/07/2020 13:42, Petr Menšík wrote:

You can use SLAAC for MAC generated addresses and they would be the same
regardless running OS.


This hasn't been true for a number of years because a few OS (and of course 
dhcpcd) have grown support for RFC 7217.


Now if they all used the same algorithm and secret key then they would have the 
same address. This is currenty only possible using dhcpcd (because it's not OS 
specific) but not OS vendors want to use dhcpcd by default.


Roy

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

2020-07-23 Thread Move On

On Thu, Jul 23, 2020 at 10:35:45AM +0200, Pali Rohár wrote:
> So finally something relevant to this patch...
 
Cheer   \o/

> On Wednesday 22 July 2020 23:48:19 Petr Menšík wrote:
> > On 7/22/20 3:44 PM, Pali Rohár wrote:
> > > I do not see any benefit why to complicate things just because "IPv6
> > > addresses are many". I do not see nothing wrong on simple setup where
> > > device has one IPv6 address assigned by DHCPv6 server.
> > I think you are requesting breaking of DHCP definition RFCs. I see
> > nothing wrong with IPv6 assigned to MAC address. I think it is wrong, if
> > there are existing leases for the same address with different IAID.
> 
> The whole point of this patch is to make MAC --> IPv6 address assigning
> working. It means that IPv6 address must be leased to MAC address if
> assigning is based on MAC address and not on DUID/IAID.
> 
> If user set in configure file that for MAC address AB:CD:EF:AB:CD:EF
> must be assigned IPv6 address FD::1 then user would expect that host
> with address AB:CD:EF:AB:CD:EF would get IPv6 address FD::1.
> 
> Why host get different address, then why such option is even provided?
> 
> User already express by this configuration that he is interested in such
> setup even if it does not have to be compliant with standards.
> 
> Some people are saying that assigning IPv6 address based on MAC address
> is already violation of DHCPv6 RFC.
> 
> Also dnsmasq provides support for leasing one IPv4 address to more MAC
> addresses. This is often used when computer has both ethernet and wifi
> interfaces and only one is used at the same time. dnsmasq then lease
> IPv4 address to the last MAC address which asked for it. This feature
> also violates DHCPv4 standard, but it is there as it is useful for lot
> of people.
> 
> So why should be similar useful feature problematic for IPv6 when it is
> already provided for IPv4 in dnsmasq?
> 
> 
> Anyway, if violation of DHCPv6 RFC standard with this setup of leasing
> IPv6 address to MAC address statically is problematic, what about adding
> a new option which enables this behavior?
> 

Provide PATCH v3  and see what happens

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

2020-07-23 Thread Pali Rohár

So finally something relevant to this patch...

On Wednesday 22 July 2020 23:48:19 Petr Menšík wrote:
> On 7/22/20 3:44 PM, Pali Rohár wrote:
> > I do not see any benefit why to complicate things just because "IPv6
> > addresses are many". I do not see nothing wrong on simple setup where
> > device has one IPv6 address assigned by DHCPv6 server.
> I think you are requesting breaking of DHCP definition RFCs. I see
> nothing wrong with IPv6 assigned to MAC address. I think it is wrong, if
> there are existing leases for the same address with different IAID.

The whole point of this patch is to make MAC --> IPv6 address assigning
working. It means that IPv6 address must be leased to MAC address if
assigning is based on MAC address and not on DUID/IAID.

If user set in configure file that for MAC address AB:CD:EF:AB:CD:EF
must be assigned IPv6 address FD::1 then user would expect that host
with address AB:CD:EF:AB:CD:EF would get IPv6 address FD::1.

Why host get different address, then why such option is even provided?

User already express by this configuration that he is interested in such
setup even if it does not have to be compliant with standards.

Some people are saying that assigning IPv6 address based on MAC address
is already violation of DHCPv6 RFC.

Also dnsmasq provides support for leasing one IPv4 address to more MAC
addresses. This is often used when computer has both ethernet and wifi
interfaces and only one is used at the same time. dnsmasq then lease
IPv4 address to the last MAC address which asked for it. This feature
also violates DHCPv4 standard, but it is there as it is useful for lot
of people.

So why should be similar useful feature problematic for IPv6 when it is
already provided for IPv4 in dnsmasq?

Anyway, if violation of DHCPv6 RFC standard with this setup of leasing
IPv6 address to MAC address statically is problematic, what about adding
a new option which enables this behavior?

-- 
Pali Rohár
pali.ro...@gmail.com

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

2020-07-22 Thread Petr Menšík



On 7/22/20 3:44 PM, Pali Rohár wrote:
> Hello Petr!
> 
> On Wednesday 22 July 2020 14:42:16 Petr Menšík wrote:
>> More below...
>>
>> On 7/22/20 9:40 AM, Pali Rohár wrote:
>>> Hello Petr!
>>>
>>> On Tuesday 21 July 2020 14:23:51 Petr Menšík wrote:
 I think more correct would be using the same DUID on both systems.
>>>
>>> Problem is that DUID generation is under control of operating system and
>>> during installation of operating system, every one generates its own. It
>>> is not under user control (at this stage of setup) or under "hw" control
>>> (like for MAC address in IPv4 where operating system read MAC address
>>> from HW).
>>>
>>> Also this is unsuitable in environment where MAC address should be
>>> assigned to network card "by law". Or in environment where must be 1:1
>>> mapping between assigned IPv4 and IPv6 address.
>>
>> Could you explain a situation, why 1:1 mapping is required? Why 1:4
>> mapping would not work?
> 
> What do you mean by 1:4 mapping? And why 4? That device would always
> have one IPv4 address and randomly chosen IPv6 address from 4 member
> set?
Because it would be likely enough for normal host, even if it uses PXE
on boot. Yes, it would have always one from those 4.
> 
> This looks like complication. The point of DHCPv6 is that I could assign
> one address, not random address from 4 member IPv6 set.
One from predefined set is not random address.
> 
> I really do not want to try 4 addresses until I figure out which one is
> working. This is insane.
Are you typing IPv6 addresses? How? What commands use them? Try DNS. It
has support for multiple addresses on single name. Sane software would
try all of them until it succeeds.
> 
>> They are different protocols. IPv6 supports
>> multiple addresses from the start. Because they make several maintenance
>> actions a lot simpler. Why do you insist there must be only one address?
> 
> And why I have to use multiple IPv6 addresses? I want to have service on
> specific/chosen IPv6 address. Not random.
How often do your machines change running operating system, with IAID
change? Excluding changes during netboot.
> 
>> You can use SLAAC for MAC generated addresses and they would be the same
>> regardless running OS.
> 
> SLAAC cannot be used anymore for this purpose as operating systems do
> not use MAC address for generating SLAAC address. Both Windows systems
> and NetworkManager systems generates randomized SLAAC address by
> default. IIRC Android is doing it too.
Good. Maybe there is a reason behind it. If you used hardware address to
identify them instead of manually reserved IP address, it would work
also with them.
> 
>>>
>>> If I have to configure every one machine on network and every one
>>> operating system on that machine, then I do not have to use DHCPv6 and I
>>> would assign all addresses statically.
>>>
>>> The point of usage DHCPv6 here is ability to configure network
>>> automatically without need to re-configure network stack on operating
>>> system.
>> It is possible to configure them on network.
> 
> Well, as I said, if I had to configure network stack on every IPv6
> connected computer and on every operating system on that computer then I
> can set static IPv6 address. And do not see to deal with DUIDs and IADs.
> 
> The point of usage DHCPv6 is to automatize assignment of IPv6 addresses
> without need to do configuration of target systems. Like in IPv4 setup.
> 
> Moreover, it is not possible to configure DUIDs on every system. E.g.
> Intel's PXE implementation burned into PC ROM does not allow to set DUID
> or IAID in firmware/setup screen.
> 
>>  It is not possible to
>> ignore conflicting IDs. It would work well if host OS releases assigned
>> leases before shutdown.
> 
> Some OSes do not do it. Different closed source / burned systems
> (including PXE) even cannot be workarounded / fixed.
Openstack requested support for multiple IPv6 for one mac address. It
got merged, because it allows solving exactly this use case without
conflict with existing protocols. Unlike your proposal.

And its use case included PXE boot. May I ask why does PXE boot require
static IP address? Why it needs the same address as the OS later? Is it
even important? Why?
> 
> And still this does not work if you disconnected ethernet cable before
> doing OS shutdown and connecting if after new bootup.
> 
>>  If they are still leased, they should not be
>> assigned to conflicting ids. Is it possible to make sure they release
>> the lease on shutdown/reboot?
> 
> In case of network disconnect such thing is not obviously possible.
> 
> And expecting that there is no network disconnect during leased IPv6
> address is wrong.>
> Moreover, in static MAC <--> IPv6 setup I expect that IPv6 address is
> assigned (leased) to MAC address. Otherwise, what other use case could
> be for static MAC <--> IPv6 configuration setup?
It works, but only if there is not already active lease.
> 
>>>
 There is already another option to make this working.

Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

2020-07-22 Thread Pali Rohár

Hello Petr!

On Wednesday 22 July 2020 14:42:16 Petr Menšík wrote:
> More below...
> 
> On 7/22/20 9:40 AM, Pali Rohár wrote:
> > Hello Petr!
> > 
> > On Tuesday 21 July 2020 14:23:51 Petr Menšík wrote:
> >> I think more correct would be using the same DUID on both systems.
> > 
> > Problem is that DUID generation is under control of operating system and
> > during installation of operating system, every one generates its own. It
> > is not under user control (at this stage of setup) or under "hw" control
> > (like for MAC address in IPv4 where operating system read MAC address
> > from HW).
> > 
> > Also this is unsuitable in environment where MAC address should be
> > assigned to network card "by law". Or in environment where must be 1:1
> > mapping between assigned IPv4 and IPv6 address.
> 
> Could you explain a situation, why 1:1 mapping is required? Why 1:4
> mapping would not work?

What do you mean by 1:4 mapping? And why 4? That device would always
have one IPv4 address and randomly chosen IPv6 address from 4 member
set?

This looks like complication. The point of DHCPv6 is that I could assign
one address, not random address from 4 member IPv6 set.

I really do not want to try 4 addresses until I figure out which one is
working. This is insane.

> They are different protocols. IPv6 supports
> multiple addresses from the start. Because they make several maintenance
> actions a lot simpler. Why do you insist there must be only one address?

And why I have to use multiple IPv6 addresses? I want to have service on
specific/chosen IPv6 address. Not random.

> You can use SLAAC for MAC generated addresses and they would be the same
> regardless running OS.

SLAAC cannot be used anymore for this purpose as operating systems do
not use MAC address for generating SLAAC address. Both Windows systems
and NetworkManager systems generates randomized SLAAC address by
default. IIRC Android is doing it too.

> > 
> > If I have to configure every one machine on network and every one
> > operating system on that machine, then I do not have to use DHCPv6 and I
> > would assign all addresses statically.
> > 
> > The point of usage DHCPv6 here is ability to configure network
> > automatically without need to re-configure network stack on operating
> > system.
> It is possible to configure them on network.

Well, as I said, if I had to configure network stack on every IPv6
connected computer and on every operating system on that computer then I
can set static IPv6 address. And do not see to deal with DUIDs and IADs.

The point of usage DHCPv6 is to automatize assignment of IPv6 addresses
without need to do configuration of target systems. Like in IPv4 setup.

Moreover, it is not possible to configure DUIDs on every system. E.g.
Intel's PXE implementation burned into PC ROM does not allow to set DUID
or IAID in firmware/setup screen.

> It is not possible to
> ignore conflicting IDs. It would work well if host OS releases assigned
> leases before shutdown.

Some OSes do not do it. Different closed source / burned systems
(including PXE) even cannot be workarounded / fixed.

And still this does not work if you disconnected ethernet cable before
doing OS shutdown and connecting if after new bootup.

> If they are still leased, they should not be
> assigned to conflicting ids. Is it possible to make sure they release
> the lease on shutdown/reboot?

In case of network disconnect such thing is not obviously possible.

And expecting that there is no network disconnect during leased IPv6
address is wrong.

Moreover, in static MAC <--> IPv6 setup I expect that IPv6 address is
assigned (leased) to MAC address. Otherwise, what other use case could
be for static MAC <--> IPv6 configuration setup?

> > 
> >> There is already another option to make this working. It is possible
> >> assigning IPv6 prefix or multiple addresses. dhcp-host can provide
> >> multiple addresses to single mac
> > 
> > Assigning IPv6 address based on mac address is broken as I pointed in
> > this patch. So such setup would not work.
> > 
> > Anyway, my point is not to assign multiple addresses to single MAC
> > address, but rather to ensure that for one MAC address would be assigned
> > always only one specific MAC address. And not more.
> But you need dnsmasq to ignore conflicts between addresses. While
> existing solution allows to predefine addresses to static host entry. It
> would always gen one of those addresses in case of conflict. It seems
> more elegant and more correct fix to me. You haven't stated why do you
> need just a single address for conflicting DUID.

Just to note that dnsmasq assign address to IAID, not to DUID.

Same problem happens if you even configure *same* DUID on both Windows
and Linux systems on particular computer and on of them does not release
its IAID (e.g. because network disconnect).

Anyway, there cannot be any conflict which you described. MAC addresses
on local network are unique (I do not have DHCPv6 relays).

I did

Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

2020-07-22 Thread Petr Menšík

Btw, found windows allows releasing of leases to be configured from DHCP
server. I doubt similar option is accepted on ISC DHCP client.
NetworkManager probably does not implement such thing.

This should help you avoiding conflicts between multiple instances in a
different way. Never used it, not sure whether it does work.

Some customization might be necessary on Linux distribution.

1.
https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-dhcpe/4cde5ceb-4fc1-4f9a-82e9-13f6b38d930c

On 7/22/20 9:40 AM, Pali Rohár wrote:
> Hello Petr!
> 
> On Tuesday 21 July 2020 14:23:51 Petr Menšík wrote:
>> I think more correct would be using the same DUID on both systems.
> 
> Problem is that DUID generation is under control of operating system and
> during installation of operating system, every one generates its own. It
> is not under user control (at this stage of setup) or under "hw" control
> (like for MAC address in IPv4 where operating system read MAC address
> from HW).
> 
> Also this is unsuitable in environment where MAC address should be
> assigned to network card "by law". Or in environment where must be 1:1
> mapping between assigned IPv4 and IPv6 address.
> 
> If I have to configure every one machine on network and every one
> operating system on that machine, then I do not have to use DHCPv6 and I
> would assign all addresses statically.
> 
> The point of usage DHCPv6 here is ability to configure network
> automatically without need to re-configure network stack on operating
> system.
> 
>> There is already another option to make this working. It is possible
>> assigning IPv6 prefix or multiple addresses. dhcp-host can provide
>> multiple addresses to single mac
> 
> Assigning IPv6 address based on mac address is broken as I pointed in
> this patch. So such setup would not work.
> 
> Anyway, my point is not to assign multiple addresses to single MAC
> address, but rather to ensure that for one MAC address would be assigned
> always only one specific MAC address. And not more.
> 
>> which works with different DUID quite
>> well. It still has different addresses, but with the same base.
>>
>> taken from manual page:
>> --dhcp-host=laptop,[1234:50/126]
>>
>> Why isn't this sufficient?
>>
>> On 5/26/20 10:52 AM, Pali Rohár wrote:
>>> On Thursday 21 May 2020 16:22:03 Geert Stappers wrote:
 On Sun, May 03, 2020 at 01:23:15PM +0200, Pali Rohár wrote:
> Currently IPv6 addresses are assigned to tuple (IAID, DUID). When system
> changes IAID/DUID then old assigned IPv6 address cannot be reused, even
> when in config file was DHCPv6 assignment based on MAC address (and not on
> DUID).
>
> IAID/DUID is changed when rebooting from one operating system to another;
> or after reinstalling system. In reality it is normal that DUID of some
> machine is changed, so people rather assign also IPv6 addresses based on
> MAC address.
>
> So assigning IPv6 based on MAC address in dnsmasq is currently semi-broken

 How to reproduce that  semi-brokenness?
>>>
>>> Take computer with Windows/Linux dual boot systems.
>>>
>>> Configure MAC-based static IPv6 entry for that computer in dnsmasq and
>>> set big enough lease time (e.g. day or more).
>>>
>>> Boot computer into Windows and wait until dnsmasq assign it IPv6
>>> address. It should match MAC-based entry in dnsmasq. Then reboot
>>> computer into Linux system and again wait until it got assigned IPv6
>>> address.
>>>
>>> Normally it should get again same IPv6 address as it was assigned on
>>> Windows, due to MAC-based static IPv6 entry in dnsmasq.
>>>
>>> But in reality that static entry is ignored by dnsmasq and rather some
>>> "random" address is assigned.
>>>
>>> So assigning IPv6 addresses based on static MAC address in dnsmasq is
>>> broken.
>>>
>>> You can reproduce it not only with Windows/Linux, but with any two
>>> DHCPv6 clients which use different IAID/DUID. E.g. PXE DHCPv6 client
>>> (for network booting) and Linux DHCPv6 client.
>>>
>>> dnsmasq without this patch refuse to assign MAC-based IPv6 static
>>> address to computer with that MAC address, if that IPv6 address is still
>>> leased to DHCPv6 client with different IAID.
>>>
>>> In my above example/reproducer, IPv6 address was leased to Windows
>>> DHCPv6 client and therefore dnsmasq refused to assign it to Linux DHCPv6
>>> client, which in most cases have different IAID. Even both clients
>>> (Windows and Linux) are on the same computer with same MAC address,
>>> which matches MAC address in dnsmasq configuration file.
>>>
>>> That is why I called IPv6 address assignment according to MAC address as
>>> "semi-brokenness".
>>>
  
> This patch tries to fix it and honors IPv6 config rules with MAC address,
> to always assign particular IPv6 address to specific MAC address (when
> configured). And ignores the fact if IAID/DUID was changed.
>
> Normally IPv6 address should be assigned by IAID/DUID (which also state
> DHCPv6

Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

2020-07-22 Thread Petr Menšík

More below...

On 7/22/20 9:40 AM, Pali Rohár wrote:
> Hello Petr!
> 
> On Tuesday 21 July 2020 14:23:51 Petr Menšík wrote:
>> I think more correct would be using the same DUID on both systems.
> 
> Problem is that DUID generation is under control of operating system and
> during installation of operating system, every one generates its own. It
> is not under user control (at this stage of setup) or under "hw" control
> (like for MAC address in IPv4 where operating system read MAC address
> from HW).
> 
> Also this is unsuitable in environment where MAC address should be
> assigned to network card "by law". Or in environment where must be 1:1
> mapping between assigned IPv4 and IPv6 address.

Could you explain a situation, why 1:1 mapping is required? Why 1:4
mapping would not work? They are different protocols. IPv6 supports
multiple addresses from the start. Because they make several maintenance
actions a lot simpler. Why do you insist there must be only one address?

You can use SLAAC for MAC generated addresses and they would be the same
regardless running OS.
> 
> If I have to configure every one machine on network and every one
> operating system on that machine, then I do not have to use DHCPv6 and I
> would assign all addresses statically.
> 
> The point of usage DHCPv6 here is ability to configure network
> automatically without need to re-configure network stack on operating
> system.
It is possible to configure them on network. It is not possible to
ignore conflicting IDs. It would work well if host OS releases assigned
leases before shutdown. If they are still leased, they should not be
assigned to conflicting ids. Is it possible to make sure they release
the lease on shutdown/reboot?
> 
>> There is already another option to make this working. It is possible
>> assigning IPv6 prefix or multiple addresses. dhcp-host can provide
>> multiple addresses to single mac
> 
> Assigning IPv6 address based on mac address is broken as I pointed in
> this patch. So such setup would not work.
> 
> Anyway, my point is not to assign multiple addresses to single MAC
> address, but rather to ensure that for one MAC address would be assigned
> always only one specific MAC address. And not more.
But you need dnsmasq to ignore conflicts between addresses. While
existing solution allows to predefine addresses to static host entry. It
would always gen one of those addresses in case of conflict. It seems
more elegant and more correct fix to me. You haven't stated why do you
need just a single address for conflicting DUID.

There are plenty of IPv6 addresses available. Why does single host need
exactly one? Especially if DNS can be synchronized and contains valid
records?
> 
>> which works with different DUID quite
>> well. It still has different addresses, but with the same base.
>>
>> taken from manual page:
>> --dhcp-host=laptop,[1234:50/126]
>>
>> Why isn't this sufficient?
>>
>> On 5/26/20 10:52 AM, Pali Rohár wrote:
>>> On Thursday 21 May 2020 16:22:03 Geert Stappers wrote:
 On Sun, May 03, 2020 at 01:23:15PM +0200, Pali Rohár wrote:
> Currently IPv6 addresses are assigned to tuple (IAID, DUID). When system
> changes IAID/DUID then old assigned IPv6 address cannot be reused, even
> when in config file was DHCPv6 assignment based on MAC address (and not on
> DUID).
>
> IAID/DUID is changed when rebooting from one operating system to another;
> or after reinstalling system. In reality it is normal that DUID of some
> machine is changed, so people rather assign also IPv6 addresses based on
> MAC address.
>
> So assigning IPv6 based on MAC address in dnsmasq is currently semi-broken

 How to reproduce that  semi-brokenness?
>>>
>>> Take computer with Windows/Linux dual boot systems.
>>>
>>> Configure MAC-based static IPv6 entry for that computer in dnsmasq and
>>> set big enough lease time (e.g. day or more).
>>>
>>> Boot computer into Windows and wait until dnsmasq assign it IPv6
>>> address. It should match MAC-based entry in dnsmasq. Then reboot
>>> computer into Linux system and again wait until it got assigned IPv6
>>> address.
>>>
>>> Normally it should get again same IPv6 address as it was assigned on
>>> Windows, due to MAC-based static IPv6 entry in dnsmasq.
>>>
>>> But in reality that static entry is ignored by dnsmasq and rather some
>>> "random" address is assigned.
>>>
>>> So assigning IPv6 addresses based on static MAC address in dnsmasq is
>>> broken.
>>>
>>> You can reproduce it not only with Windows/Linux, but with any two
>>> DHCPv6 clients which use different IAID/DUID. E.g. PXE DHCPv6 client
>>> (for network booting) and Linux DHCPv6 client.
>>>
>>> dnsmasq without this patch refuse to assign MAC-based IPv6 static
>>> address to computer with that MAC address, if that IPv6 address is still
>>> leased to DHCPv6 client with different IAID.
>>>
>>> In my above example/reproducer, IPv6 address was leased to Windows
>>> DHCPv6 client and

Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

2020-07-22 Thread Pali Rohár

Hello Petr!

On Tuesday 21 July 2020 14:23:51 Petr Menšík wrote:
> I think more correct would be using the same DUID on both systems.

Problem is that DUID generation is under control of operating system and
during installation of operating system, every one generates its own. It
is not under user control (at this stage of setup) or under "hw" control
(like for MAC address in IPv4 where operating system read MAC address
from HW).

Also this is unsuitable in environment where MAC address should be
assigned to network card "by law". Or in environment where must be 1:1
mapping between assigned IPv4 and IPv6 address.

If I have to configure every one machine on network and every one
operating system on that machine, then I do not have to use DHCPv6 and I
would assign all addresses statically.

The point of usage DHCPv6 here is ability to configure network
automatically without need to re-configure network stack on operating
system.

> There is already another option to make this working. It is possible
> assigning IPv6 prefix or multiple addresses. dhcp-host can provide
> multiple addresses to single mac

Assigning IPv6 address based on mac address is broken as I pointed in
this patch. So such setup would not work.

Anyway, my point is not to assign multiple addresses to single MAC
address, but rather to ensure that for one MAC address would be assigned
always only one specific MAC address. And not more.

> which works with different DUID quite
> well. It still has different addresses, but with the same base.
> 
> taken from manual page:
> --dhcp-host=laptop,[1234:50/126]
> 
> Why isn't this sufficient?
> 
> On 5/26/20 10:52 AM, Pali Rohár wrote:
> > On Thursday 21 May 2020 16:22:03 Geert Stappers wrote:
> >> On Sun, May 03, 2020 at 01:23:15PM +0200, Pali Rohár wrote:
> >>> Currently IPv6 addresses are assigned to tuple (IAID, DUID). When system
> >>> changes IAID/DUID then old assigned IPv6 address cannot be reused, even
> >>> when in config file was DHCPv6 assignment based on MAC address (and not on
> >>> DUID).
> >>>
> >>> IAID/DUID is changed when rebooting from one operating system to another;
> >>> or after reinstalling system. In reality it is normal that DUID of some
> >>> machine is changed, so people rather assign also IPv6 addresses based on
> >>> MAC address.
> >>>
> >>> So assigning IPv6 based on MAC address in dnsmasq is currently semi-broken
> >>
> >> How to reproduce that  semi-brokenness?
> > 
> > Take computer with Windows/Linux dual boot systems.
> > 
> > Configure MAC-based static IPv6 entry for that computer in dnsmasq and
> > set big enough lease time (e.g. day or more).
> > 
> > Boot computer into Windows and wait until dnsmasq assign it IPv6
> > address. It should match MAC-based entry in dnsmasq. Then reboot
> > computer into Linux system and again wait until it got assigned IPv6
> > address.
> > 
> > Normally it should get again same IPv6 address as it was assigned on
> > Windows, due to MAC-based static IPv6 entry in dnsmasq.
> > 
> > But in reality that static entry is ignored by dnsmasq and rather some
> > "random" address is assigned.
> > 
> > So assigning IPv6 addresses based on static MAC address in dnsmasq is
> > broken.
> > 
> > You can reproduce it not only with Windows/Linux, but with any two
> > DHCPv6 clients which use different IAID/DUID. E.g. PXE DHCPv6 client
> > (for network booting) and Linux DHCPv6 client.
> > 
> > dnsmasq without this patch refuse to assign MAC-based IPv6 static
> > address to computer with that MAC address, if that IPv6 address is still
> > leased to DHCPv6 client with different IAID.
> > 
> > In my above example/reproducer, IPv6 address was leased to Windows
> > DHCPv6 client and therefore dnsmasq refused to assign it to Linux DHCPv6
> > client, which in most cases have different IAID. Even both clients
> > (Windows and Linux) are on the same computer with same MAC address,
> > which matches MAC address in dnsmasq configuration file.
> > 
> > That is why I called IPv6 address assignment according to MAC address as
> > "semi-brokenness".
> > 
> >>  
> >>> This patch tries to fix it and honors IPv6 config rules with MAC address,
> >>> to always assign particular IPv6 address to specific MAC address (when
> >>> configured). And ignores the fact if IAID/DUID was changed.
> >>>
> >>> Normally IPv6 address should be assigned by IAID/DUID (which also state
> >>> DHCPv6 RFCs), but dnsmasq has already some support for assigning IPv6
> >>> address based on MAC address, when users configured in config file.
> >>>
> >>> So this patch just tries to fix above problem for user configuration with
> >>> MAC addresses. It does not change assignment based on DUID.
> >>> ---
> >>>
> >>> This is my original patch rebased on top of current git master branch.
> >>
> >> Acknowledge
> >>
> >>
> >>> Previous email with this patch probably dropped into spambox
> >>> and was not processed.
> >>
> >>  (unspoken words +
> >>   
> >>

Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

2020-07-21 Thread Petr Menšík

I think more correct would be using the same DUID on both systems.

There is already another option to make this working. It is possible
assigning IPv6 prefix or multiple addresses. dhcp-host can provide
multiple addresses to single mac, which works with different DUID quite
well. It still has different addresses, but with the same base.

taken from manual page:
--dhcp-host=laptop,[1234:50/126]

Why isn't this sufficient?

On 5/26/20 10:52 AM, Pali Rohár wrote:
> On Thursday 21 May 2020 16:22:03 Geert Stappers wrote:
>> On Sun, May 03, 2020 at 01:23:15PM +0200, Pali Rohár wrote:
>>> Currently IPv6 addresses are assigned to tuple (IAID, DUID). When system
>>> changes IAID/DUID then old assigned IPv6 address cannot be reused, even
>>> when in config file was DHCPv6 assignment based on MAC address (and not on
>>> DUID).
>>>
>>> IAID/DUID is changed when rebooting from one operating system to another;
>>> or after reinstalling system. In reality it is normal that DUID of some
>>> machine is changed, so people rather assign also IPv6 addresses based on
>>> MAC address.
>>>
>>> So assigning IPv6 based on MAC address in dnsmasq is currently semi-broken
>>
>> How to reproduce that  semi-brokenness?
> 
> Take computer with Windows/Linux dual boot systems.
> 
> Configure MAC-based static IPv6 entry for that computer in dnsmasq and
> set big enough lease time (e.g. day or more).
> 
> Boot computer into Windows and wait until dnsmasq assign it IPv6
> address. It should match MAC-based entry in dnsmasq. Then reboot
> computer into Linux system and again wait until it got assigned IPv6
> address.
> 
> Normally it should get again same IPv6 address as it was assigned on
> Windows, due to MAC-based static IPv6 entry in dnsmasq.
> 
> But in reality that static entry is ignored by dnsmasq and rather some
> "random" address is assigned.
> 
> So assigning IPv6 addresses based on static MAC address in dnsmasq is
> broken.
> 
> You can reproduce it not only with Windows/Linux, but with any two
> DHCPv6 clients which use different IAID/DUID. E.g. PXE DHCPv6 client
> (for network booting) and Linux DHCPv6 client.
> 
> dnsmasq without this patch refuse to assign MAC-based IPv6 static
> address to computer with that MAC address, if that IPv6 address is still
> leased to DHCPv6 client with different IAID.
> 
> In my above example/reproducer, IPv6 address was leased to Windows
> DHCPv6 client and therefore dnsmasq refused to assign it to Linux DHCPv6
> client, which in most cases have different IAID. Even both clients
> (Windows and Linux) are on the same computer with same MAC address,
> which matches MAC address in dnsmasq configuration file.
> 
> That is why I called IPv6 address assignment according to MAC address as
> "semi-brokenness".
> 
>>  
>>> This patch tries to fix it and honors IPv6 config rules with MAC address,
>>> to always assign particular IPv6 address to specific MAC address (when
>>> configured). And ignores the fact if IAID/DUID was changed.
>>>
>>> Normally IPv6 address should be assigned by IAID/DUID (which also state
>>> DHCPv6 RFCs), but dnsmasq has already some support for assigning IPv6
>>> address based on MAC address, when users configured in config file.
>>>
>>> So this patch just tries to fix above problem for user configuration with
>>> MAC addresses. It does not change assignment based on DUID.
>>> ---
>>>
>>> This is my original patch rebased on top of current git master branch.
>>
>> Acknowledge
>>
>>
>>> Previous email with this patch probably dropped into spambox
>>> and was not processed.
>>
>>  (unspoken words +
>>   
>> http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2020q2/014018.html )
>>
>>
>>> So please let me know if now this email was correctly received.
>>  
>> Recieved the patch and was able to  `git am` it.
>> It did compile and passed the unittests.
>>
>> No further check was done.  Mostly because not facing the problem that
>> patch submitter has.  Probably some day I will, hence the above 'How to
>> reproduce that  semi-brokenness?'
>>
>>
>>>  src/rfc3315.c | 55 +++
>>>  1 file changed, 47 insertions(+), 8 deletions(-)
>>>
>>> diff --git a/src/rfc3315.c b/src/rfc3315.c
>>> index b3f0a0a..e588b13 100644
>>> --- a/src/rfc3315.c
>>> +++ b/src/rfc3315.c
>>  ... 142 lines of actual patch ...
>>
>>
>> Groeten
>> Geert Stappers
>> -- 
>> Silence is hard to parse
>>
>> ___
>> Dnsmasq-discuss mailing list
>> Dnsmasq-discuss@lists.thekelleys.org.uk
>> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
> 

-- 
Petr Menšík
Software Engineer
Red Hat, http://www.redhat.com/
email: pemen...@redhat.com
PGP: DFCF908DB7C87E8E529925BC4931CA5B6C9FC5CB


___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

2020-06-22 Thread Pali Rohár

On Tuesday 26 May 2020 10:52:05 Pali Rohár wrote:
> On Thursday 21 May 2020 16:22:03 Geert Stappers wrote:
> > On Sun, May 03, 2020 at 01:23:15PM +0200, Pali Rohár wrote:
> > > Currently IPv6 addresses are assigned to tuple (IAID, DUID). When system
> > > changes IAID/DUID then old assigned IPv6 address cannot be reused, even
> > > when in config file was DHCPv6 assignment based on MAC address (and not on
> > > DUID).
> > > 
> > > IAID/DUID is changed when rebooting from one operating system to another;
> > > or after reinstalling system. In reality it is normal that DUID of some
> > > machine is changed, so people rather assign also IPv6 addresses based on
> > > MAC address.
> > > 
> > > So assigning IPv6 based on MAC address in dnsmasq is currently 
> > > semi-broken.
> > 
> > How to reproduce that  semi-brokenness?
> 
> Take computer with Windows/Linux dual boot systems.
> 
> Configure MAC-based static IPv6 entry for that computer in dnsmasq and
> set big enough lease time (e.g. day or more).
> 
> Boot computer into Windows and wait until dnsmasq assign it IPv6
> address. It should match MAC-based entry in dnsmasq. Then reboot
> computer into Linux system and again wait until it got assigned IPv6
> address.
> 
> Normally it should get again same IPv6 address as it was assigned on
> Windows, due to MAC-based static IPv6 entry in dnsmasq.
> 
> But in reality that static entry is ignored by dnsmasq and rather some
> "random" address is assigned.
> 
> So assigning IPv6 addresses based on static MAC address in dnsmasq is
> broken.
> 
> You can reproduce it not only with Windows/Linux, but with any two
> DHCPv6 clients which use different IAID/DUID. E.g. PXE DHCPv6 client
> (for network booting) and Linux DHCPv6 client.
> 
> dnsmasq without this patch refuse to assign MAC-based IPv6 static
> address to computer with that MAC address, if that IPv6 address is still
> leased to DHCPv6 client with different IAID.
> 
> In my above example/reproducer, IPv6 address was leased to Windows
> DHCPv6 client and therefore dnsmasq refused to assign it to Linux DHCPv6
> client, which in most cases have different IAID. Even both clients
> (Windows and Linux) are on the same computer with same MAC address,
> which matches MAC address in dnsmasq configuration file.
> 
> That is why I called IPv6 address assignment according to MAC address as
> "semi-brokenness".
> 
> >  
> > > This patch tries to fix it and honors IPv6 config rules with MAC address,
> > > to always assign particular IPv6 address to specific MAC address (when
> > > configured). And ignores the fact if IAID/DUID was changed.
> > > 
> > > Normally IPv6 address should be assigned by IAID/DUID (which also state
> > > DHCPv6 RFCs), but dnsmasq has already some support for assigning IPv6
> > > address based on MAC address, when users configured in config file.
> > > 
> > > So this patch just tries to fix above problem for user configuration with
> > > MAC addresses. It does not change assignment based on DUID.
> > > ---
> > > 
> > > This is my original patch rebased on top of current git master branch.
> > 
> > Acknowledge
> > 
> > 
> > > Previous email with this patch probably dropped into spambox
> > > and was not processed.
> > 
> >  (unspoken words +
> >   
> > http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2020q2/014018.html 
> > )

I'm not sure if this is that case... because Simon reacted to other
patch emails.

This really looks like that patch email was dropped into spambox.

Simon, if you are reading this email / patch could you react if you have
received this email? Or if it was dropped into spambox?

> > 
> > > So please let me know if now this email was correctly received.
> >  
> > Recieved the patch and was able to  `git am` it.
> > It did compile and passed the unittests.
> > 
> > No further check was done.  Mostly because not facing the problem that
> > patch submitter has.  Probably some day I will, hence the above 'How to
> > reproduce that  semi-brokenness?'
> > 
> > 
> > >  src/rfc3315.c | 55 +++
> > >  1 file changed, 47 insertions(+), 8 deletions(-)
> > > 
> > > diff --git a/src/rfc3315.c b/src/rfc3315.c
> > > index b3f0a0a..e588b13 100644
> > > --- a/src/rfc3315.c
> > > +++ b/src/rfc3315.c
> >  ... 142 lines of actual patch ...
> > 
> > 
> > Groeten
> > Geert Stappers
> > -- 
> > Silence is hard to parse
> > 
> > ___
> > Dnsmasq-discuss mailing list
> > Dnsmasq-discuss@lists.thekelleys.org.uk
> > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
> 
> -- 
> Pali Rohár
> pali.ro...@gmail.com

-- 
Pali Rohár
pali.ro...@gmail.com

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

2020-05-26 Thread Pali Rohár

On Thursday 21 May 2020 16:22:03 Geert Stappers wrote:
> On Sun, May 03, 2020 at 01:23:15PM +0200, Pali Rohár wrote:
> > Currently IPv6 addresses are assigned to tuple (IAID, DUID). When system
> > changes IAID/DUID then old assigned IPv6 address cannot be reused, even
> > when in config file was DHCPv6 assignment based on MAC address (and not on
> > DUID).
> > 
> > IAID/DUID is changed when rebooting from one operating system to another;
> > or after reinstalling system. In reality it is normal that DUID of some
> > machine is changed, so people rather assign also IPv6 addresses based on
> > MAC address.
> > 
> > So assigning IPv6 based on MAC address in dnsmasq is currently semi-broken.
> 
> How to reproduce that  semi-brokenness?

Take computer with Windows/Linux dual boot systems.

Configure MAC-based static IPv6 entry for that computer in dnsmasq and
set big enough lease time (e.g. day or more).

Boot computer into Windows and wait until dnsmasq assign it IPv6
address. It should match MAC-based entry in dnsmasq. Then reboot
computer into Linux system and again wait until it got assigned IPv6
address.

Normally it should get again same IPv6 address as it was assigned on
Windows, due to MAC-based static IPv6 entry in dnsmasq.

But in reality that static entry is ignored by dnsmasq and rather some
"random" address is assigned.

So assigning IPv6 addresses based on static MAC address in dnsmasq is
broken.

You can reproduce it not only with Windows/Linux, but with any two
DHCPv6 clients which use different IAID/DUID. E.g. PXE DHCPv6 client
(for network booting) and Linux DHCPv6 client.

dnsmasq without this patch refuse to assign MAC-based IPv6 static
address to computer with that MAC address, if that IPv6 address is still
leased to DHCPv6 client with different IAID.

In my above example/reproducer, IPv6 address was leased to Windows
DHCPv6 client and therefore dnsmasq refused to assign it to Linux DHCPv6
client, which in most cases have different IAID. Even both clients
(Windows and Linux) are on the same computer with same MAC address,
which matches MAC address in dnsmasq configuration file.

That is why I called IPv6 address assignment according to MAC address as
"semi-brokenness".

>  
> > This patch tries to fix it and honors IPv6 config rules with MAC address,
> > to always assign particular IPv6 address to specific MAC address (when
> > configured). And ignores the fact if IAID/DUID was changed.
> > 
> > Normally IPv6 address should be assigned by IAID/DUID (which also state
> > DHCPv6 RFCs), but dnsmasq has already some support for assigning IPv6
> > address based on MAC address, when users configured in config file.
> > 
> > So this patch just tries to fix above problem for user configuration with
> > MAC addresses. It does not change assignment based on DUID.
> > ---
> > 
> > This is my original patch rebased on top of current git master branch.
> 
> Acknowledge
> 
> 
> > Previous email with this patch probably dropped into spambox
> > and was not processed.
> 
>  (unspoken words +
>   http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2020q2/014018.html 
> )
> 
> 
> > So please let me know if now this email was correctly received.
>  
> Recieved the patch and was able to  `git am` it.
> It did compile and passed the unittests.
> 
> No further check was done.  Mostly because not facing the problem that
> patch submitter has.  Probably some day I will, hence the above 'How to
> reproduce that  semi-brokenness?'
> 
> 
> >  src/rfc3315.c | 55 +++
> >  1 file changed, 47 insertions(+), 8 deletions(-)
> > 
> > diff --git a/src/rfc3315.c b/src/rfc3315.c
> > index b3f0a0a..e588b13 100644
> > --- a/src/rfc3315.c
> > +++ b/src/rfc3315.c
>  ... 142 lines of actual patch ...
> 
> 
> Groeten
> Geert Stappers
> -- 
> Silence is hard to parse
> 
> ___
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

-- 
Pali Rohár
pali.ro...@gmail.com

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

2020-05-21 Thread Geert Stappers

On Sun, May 03, 2020 at 01:23:15PM +0200, Pali Rohár wrote:
> Currently IPv6 addresses are assigned to tuple (IAID, DUID). When system
> changes IAID/DUID then old assigned IPv6 address cannot be reused, even
> when in config file was DHCPv6 assignment based on MAC address (and not on
> DUID).
> 
> IAID/DUID is changed when rebooting from one operating system to another;
> or after reinstalling system. In reality it is normal that DUID of some
> machine is changed, so people rather assign also IPv6 addresses based on
> MAC address.
> 
> So assigning IPv6 based on MAC address in dnsmasq is currently semi-broken.

How to reproduce that  semi-brokenness?

 
> This patch tries to fix it and honors IPv6 config rules with MAC address,
> to always assign particular IPv6 address to specific MAC address (when
> configured). And ignores the fact if IAID/DUID was changed.
> 
> Normally IPv6 address should be assigned by IAID/DUID (which also state
> DHCPv6 RFCs), but dnsmasq has already some support for assigning IPv6
> address based on MAC address, when users configured in config file.
> 
> So this patch just tries to fix above problem for user configuration with
> MAC addresses. It does not change assignment based on DUID.
> ---
> 
> This is my original patch rebased on top of current git master branch.

Acknowledge


> Previous email with this patch probably dropped into spambox
> and was not processed.

 (unspoken words +
  http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2020q2/014018.html )


> So please let me know if now this email was correctly received.
 
Recieved the patch and was able to  `git am` it.
It did compile and passed the unittests.

No further check was done.  Mostly because not facing the problem that
patch submitter has.  Probably some day I will, hence the above 'How to
reproduce that  semi-brokenness?'


>  src/rfc3315.c | 55 +++
>  1 file changed, 47 insertions(+), 8 deletions(-)
> 
> diff --git a/src/rfc3315.c b/src/rfc3315.c
> index b3f0a0a..e588b13 100644
> --- a/src/rfc3315.c
> +++ b/src/rfc3315.c
 ... 142 lines of actual patch ...


Groeten
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

[Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

2020-05-03 Thread Pali Rohár

Currently IPv6 addresses are assigned to tuple (IAID, DUID). When system
changes IAID/DUID then old assigned IPv6 address cannot be reused, even
when in config file was DHCPv6 assignment based on MAC address (and not on
DUID).

IAID/DUID is changed when rebooting from one operating system to another;
or after reinstalling system. In reality it is normal that DUID of some
machine is changed, so people rather assign also IPv6 addresses based on
MAC address.

So assigning IPv6 based on MAC address in dnsmasq is currently semi-broken.

This patch tries to fix it and honors IPv6 config rules with MAC address,
to always assign particular IPv6 address to specific MAC address (when
configured). And ignores the fact if IAID/DUID was changed.

Normally IPv6 address should be assigned by IAID/DUID (which also state
DHCPv6 RFCs), but dnsmasq has already some support for assigning IPv6
address based on MAC address, when users configured in config file.

So this patch just tries to fix above problem for user configuration with
MAC addresses. It does not change assignment based on DUID.
---

This is my original patch rebased on top of current git master branch.
Previous email with this patch probably dropped into spambox and was not
processed. So please let me know if now this email was correctly received.

---
 src/rfc3315.c | 55 +++
 1 file changed, 47 insertions(+), 8 deletions(-)

diff --git a/src/rfc3315.c b/src/rfc3315.c
index b3f0a0a..e588b13 100644
--- a/src/rfc3315.c
+++ b/src/rfc3315.c
@@ -48,7 +48,7 @@ static int build_ia(struct state *state, int *t1cntr);
 static void end_ia(int t1cntr, unsigned int min_time, int do_fuzz);
 static void mark_context_used(struct state *state, struct in6_addr *addr);
 static void mark_config_used(struct dhcp_context *context, struct in6_addr 
*addr);
-static int check_address(struct state *state, struct in6_addr *addr);
+static int check_address(struct state *state, struct dhcp_config *config, 
struct in6_addr *addr);
 static int config_valid(struct dhcp_config *config, struct dhcp_context 
*context, struct in6_addr *addr, struct state *state, time_t now);
 static struct addrlist *config_implies(struct dhcp_config *config, struct 
dhcp_context *context, struct in6_addr *addr);
 static void add_address(struct state *state, struct dhcp_context *context, 
unsigned int lease_time, void *ia_option, 
@@ -688,8 +688,13 @@ static int dhcp6_no_relay(struct state *state, int 
msg_type, void *inbuff, size_
  }
else if (!(c = address6_available(state->context, 
_addr, solicit_tags, plain_range)))
  continue; /* not an address we're allowed */
-   else if (!check_address(state, _addr))
+   else if (!check_address(state, config, _addr))
  continue; /* address leased elsewhere */
+   else if (state->mac_len && config &&
+config_has_mac(config, state->mac, state->mac_len, 
state->mac_type) &&
+match_netid(c->filter, solicit_tags, plain_range) 
&&
+!config_implies(config, c, _addr))
+ continue; /* another static address is configured */

/* add address to output packet */
add_address(state, c, lease_time, ia_option, _time, 
_addr, now);
@@ -701,7 +706,10 @@ static int dhcp6_no_relay(struct state *state, int 
msg_type, void *inbuff, size_

/* Suggest configured address(es) */
for (c = state->context; c; c = c->current) 
- if (!(c->flags & CONTEXT_CONF_USED) &&
+ if ((!(c->flags & CONTEXT_CONF_USED) ||
+  (state->mac_len && config &&
+   config_has_mac(config, state->mac, state->mac_len, 
state->mac_type)
+  )) &&
  match_netid(c->filter, solicit_tags, plain_range) &&
  config_valid(config, c, , state, now))
{
@@ -725,6 +733,11 @@ static int dhcp6_no_relay(struct state *state, int 
msg_type, void *inbuff, size_
req_addr = ltmp->addr6;
if ((c = address6_available(state->context, _addr, 
solicit_tags, plain_range)))
  {
+   if (state->mac_len && config &&
+   config_has_mac(config, state->mac, state->mac_len, 
state->mac_type) &&
+   match_netid(c->filter, solicit_tags, plain_range) &&
+   !config_implies(config, c, _addr))
+ continue; /* skip this lease because another static 
address is configured */
add_address(state, c, c->lease_time, NULL, _time, 
_addr, now);
mark_context_used(state, _addr);
get_context_tag(state, c);
@@ -859,7 +872,7 @@ static int dhcp6_no_relay(struct state *state, int 
msg_type, void

Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

[Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

21 matches

Site Navigation

Mail list logo

Footer information