All graphics by The Gimp
Home IP Masq/NAT
Info & Apps 		IPv6 @ aRDyNet Linux Links aRDy Music Eggdrop Scripts Whoami

Various DHCPv6 Server and Client Configuration Examples

In my continuous efforts to implement and tweak IPv6 on my networks, I felt I should document some configurations of various things to ease implementation, and hopefully make it all easier to understand for those doing same.

The following is mostly linux and Windows 7 specific, and I'll note where other operating systems were used.

The two most used means of autoconfiguration of IPs are via RA (router advertisement), and dhcpv6.

With RA, a server daemon (radvd in linux, rtadvd in freebsd, Internet Connection Sharing in Windows) advertises a network prefix, typically a /64, a gateway, and optionally a DNS server (RDNSS, not widely supported and requires installation of a client daemon rdnssd in linux). Client machines autoconfigure their IPv6 addresses when they're initialized at bootup based on their MAC addresses and using EUI64.

With dhcpv6, dynamic or static addresses can be assigned to client machines, however due to the design of the dhcpv6 protocol, gateways cannot be assigned.

You must use RA if you intend to use dhcpv6. For example RA can be configured to advertise just the gateway, leaving IP and DNS server configuration to dhcpv6. Or just DNS servers.

Below is shown various configurations for radvd and ISC's dhcpd servers to achieve some of the above.

SIMPLE AUTOCONF VIA RA

This is an example of radvd.conf: 

#radvd.conf

interface eth1
{
    AdvSendAdvert on;
    AdvManagedFlag off;
    AdvOtherConfigFlag off;
    prefix 2001:db8:1:1::/64
  {
       AdvOnLink on;
       AdvAutonomous on;
  };
#RDNSS 2001:db8:1:1::200
#{
#        AdvRDNSSPreference 8;
        # AdvRDNSSOpen was removed from the final specification but
        ### may be used for experimental purposes.
        # AdvRDNSSOpen off;
#        AdvRDNSSLifetime 3600;
#};
};

This configuration advertises the prefix 2001:db8:1:1::/64 and enables LAN client machines to autoconf their IPs, and have a default gateway. I've commented out the RDNSS section, as has been mentioned already, its not widely supported. You MUST advertise a /64, nothing more, nothing less, else RA will fail to work.

eth1 is the LAN interface of the gateway/router machine (linux). It must have an IP configured on it from the /64 you're advertising. Its typical to use the ::1 address of the /64 for simplicity.

AdvSendAdvert on enables sending the advertisement. AdvManagedFlag off disables dhcpv6 client machines from getting an IP via dhcpv6. AdvOtherConfigFlag off disables other information that could be derived via dhcpv6. prefix 2001:db8:1:1::/64 defines the /64 you're advertising. AdvAutonomous on enables clients to autoconf. For more information regarding these, and other options, see the man page for radvd.conf.

BASIC DHCPV6 SERVER CONFIGURATION

This configuration is based on ISC's dhcpd, version 4.1.x ISC's dhcp server cannot run both IPv4 and IPv6 from a single server process. In order to run dhcpd in IPv6 mode, you need to add -6 argument. Its recommended to also use arguments to define the configuration file, and leases file. As far as I understand it, you cannot share the same configuration file as used by dhcpd in IPv4 mode. Example startup command: 

/usr/sbin/dhcpd -6 -cf /etc/dhcpd6.conf -lf /var/state/dhcp/dhcpd6.leases eth1

-6 enables IPv6 mode, -cf defines IPv6 configuration file, -lf defines the leases file.

Example dhcpd6.conf: 

# dhcpd6.conf

authoritative;
option dhcp6.name-servers 2001:db8:1:1::200;
option dhcp6.domain-search "internal.lan";

# Set this to `interim' when doing ddns updates
ddns-update-style none;

update-static-leases off;

# define a pool for dynamic addresses

shared-network LAN {
        subnet6 2001:db8:1:1::0/64 {
                range6 2001:db8:1:1::10 2001:db8:1:1::200;
        }
}

# Per host specific definitions

# Fixed address
host ws {
        host-identifier option dhcp6.client-id 00:01:00:06:4d:57:4b:d1:00:03:3a:d5:c7:04;
        fixed-address6 2001:db8:1:1::701;
}

# Dynamic address, and specifically assigned DNS server
host fbsdv6 {
        host-identifier option dhcp6.client-id 00:01:00:01:14:ed:66:c1:08:00:27:94:08:40;
        option dhcp6.name-servers 2001:db8:1:1::201;
}

More information can be obtained from the man pages dhcpd.conf and dhcp-options.

DYNAMIC DNS UPDATES WITH DHCPv6

So now you can get LAN client machines to get an address. How do you remember the address? You can add it to /etc/hosts and/or the Windows equiv, but this can get onerous. Static addresses can be managed this way, or in DNS, but still, if you have many machines, having to manually update hosts file or DNS gets old, fast. This is where dynamic dns comes in. ISC dhcpd has the ability to automatically update ISC bind nameserver when a client gets an IP via dhcpv6.

As mentioned before, you can run an RA daemon with dhcpd. The goal being to have dhcpv6 handle IP management, dns updating, dns server assigment, and any additional information you want handled by dhcpv6, and have RA set the default route only. To achieve this you need to change three options in radvd.conf: 

    AdvManagedFlag on;
    AdvOtherConfigFlag on;
    AdvAutonomous off;

Then you need to configure bind and dhcpd for dynamic dns updating. Documents detailing these configurations can be found on the web. http://www.ops.ietf.org/dns/dynupd/secure-ddns-howto.html is a great start point.

DHCPV6 CLIENT CONFIGURATIONS FOR DYNAMIC DNS UPDATES

ISC dhclient: 

    send fqdn.fqdn "your_hostname";
    send fqdn.encoded on;
    send fqdn.server-update on;

Dibbler-client: 

# Defaults for dibbler-client.
# installed at /etc/dibbler/client.conf by the maintainer scripts

# 8 (Debug) is most verbose. 7 (Info) is usually the best option
log-level 7

# To perform stateless (i.e. options only) configuration, uncomment
# this line below and remove any "ia" keywords from interface definitions
# stateless

iface eth0 {
# ask for address
    ia
option fqdn your_hostname
# ask for options
#   option dns-server
    option domain
#    option ntp-server
#    option time-zone
#    option sip-server
#    option sip-domain
#    option nis-server
#    option nis-domain
#    option nis+-server
#    option nis+-domain
}
NOTES

Based on my testing of various dhcpv6 clients, I'll point out default behaviours which impact dynamic dns updating.

Linux - none of the available dhcpv6 clients request an address, nor sends hostname. Linux distribution maintainers assume autoconf via RA, so default dhcpv6 client configurations seem to get dns server information only. Of course this can be changed but requires additional configuration. Tested clients: ISC dhclient, wide-dhcpv6, and dibbler-client.

Windows - In order to get Windows 7 to send its hostname for dynamic dns updating, one change was made: TCP/IP IPv6 properties, Advanced, DNS tab, near the bottom enable "Register this connection's addresses in DNS".

ACKNOWLEDGEMENTS

There were many documents I'd read, configurations tested, and contributions requested while writing this. I wish to thank all the folks that wrote their docs, and thanks specifically to Jon Bane for his help with my own configurations, testing, and input into the creation of this document.

I intend to keep this page up to date, if anyone wishes to contribute changes to existing or add new content, feel free to contact me
k r i t e k a t g m a i l d o t c o m

Page last updated on July 30, 2011, 03:46:37 PM