lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 17 Jun 2014 17:34:31 -0500
From:	Dan Williams <dcbw@...hat.com>
To:	Ben Greear <greearb@...delatech.com>
Cc:	netdev <netdev@...r.kernel.org>
Subject: Re: How is IPv6 dhcp supposed to work?

On Tue, 2014-06-17 at 14:41 -0700, Ben Greear wrote:
> I'm trying to understand how DHCP for ipv6 is supposed to work.
> 
> I am able to get a global-scope address and prefix from
> dhclient, but dhclient is not providing a gateway address.

That's because it doesn't; DHCPv6 isn't supposed to be used standalone
for global IPv6 connectivity.  That's what router advertisements are
for.  The normal flow is this:

1) your router advertisement provides your prefix, prefix length (eg
subnet mask), and default gateway/router

2) your prefix gets combined with your local Interface Identifier (often
your MAC address or a hashed version of your MAC, or delivered via PPP,
or hashed InfiniBand port GUID, or GRE tunnel address, etc) to provide
your global IPv6 address.  See
net/ipv6/addrconf.c::ipv6_generate_eui64().

3) the RA can also provide search domains, DNS servers, routes, MTU,
etc.

4) if there's anything else your administrator really wants to use DHCP
for (NTP servers, etc) then they set the M (Managed) or O (Other Config)
bits in the router advertisement.

5) In both cases, that requests that the client run DHCPv6; in M mode
you do get a lease from the DHCP server and that address becomes
preferred, in the O case no lease is obtained but other options can be
delivered

6) In all cases, the default gateways (and their respective priorities)
are always delivered by Router Advertisements; there can be multiple
default gateways in the broadcast domain for redundancy, and the network
administrator sets their relative priority.

> I see the dhclient interface doing a Router Solicitation, but
> I don't see any answers.
> 
> Are we supposed to run radvd or something like that as well?

Yes.  If you're not using static addressing, then you must run radvd to
deliver router advertisements to your network.  See 'man radvd.conf' for
more information on configuring the additional options that DHCP used to
be used for (RDNSS, DNSSL, AdvLinkMTU, route, etc).

> Or is there some other automated magic that is supposed to
> find the default gateway?

Router Advertisements via radvd.  You probably want to evaluate whether
you really need DHCPv6 at all, since RA can deliver most of the options
that people use DHCP for.

Dan

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ