IPv6 prefix assignment problem
Bill Shirley
bill at c3po.polymerindustries.biz
Fri Jan 26 11:02:31 UTC 2018
The class name in the allow statement should be in double-quotes:
# ------------------
pool6 {
allow members of "Microsoft";
range6 2603:xxxx:yyyy:zzzz:4:50f7:: 2603:xxxx:yyyy:zzzz:4:50f7::ff;
}
# ------------------
This works on dhcp-server-4.3.2-8.fc22.x86_64
Bill
On 1/26/2018 4:32 AM, Peter Balsianok wrote:
> Thank you for the answer :).
>
> I have tried to make some restriction. Here is my approach:
>
> class "N-005-BA-OLT-02"
> {
> match if substring (option dhcp6.interface-id, 0, 15) = "N-005-BA-OLT-02";
> }
>
> #06/06/2017 zoznam komplet subnetov nie len pre SK region
> #---------------------------------------------------------------------------------------------
> subnet6 2a01:c840:0070:0140::/64 {
> prefix6 2A01:C846:140:: 2A01:C846:17F:F000:: /56;
> # N-005-BA-OLT-02
> option dhcp6.aftr-name 61:61:66:74:72:32:2e:61:75:72:6f:2e:6f:72:61:6e:67:65:2e:73:6b ;
> # aaftr2.auro.orange.sk <http://aaftr2.auro.orange.sk>
> option dhcp6.name-servers 2a01:c840:110:c000::10 , 2a01:c840:130:c000::10 ;
> allow members of N-005-BA-OLT-02;
> deny all clients;
> }
>
> I was unable to run dhcp sevrer.
>
>
> Then i checked source code:
> /* allow-deny-keyword :== BOOTP
> | BOOTING
> | DYNAMIC_BOOTP
> | UNKNOWN_CLIENTS */
>
> Currect version doesnt support "allow members of ..." :(.
>
> Any idea?
>
>
>
> On Fri, Jan 26, 2018 at 1:24 AM, Bill Shirley <bill at c3po.polymerindustries.biz <mailto:bill at c3po.polymerindustries.biz>> wrote:
>
> As I see it, you have no restrictions on either subnet so DHCP is
> free to allocate from either one.
>
> Bill
>
>
>
> On 1/25/2018 10:22 AM, Peter Balsianok wrote:
>> Hi,
>>
>> We have following configuration for ISC DHCPv6:
>>
>> omapi-port 8913;
>> ddns-update-style none;
>> ping-check off;
>> authoritative;
>> default-lease-time 604800;
>> max-lease-time 604800;
>> log-facility local3;
>> preferred-lifetime 259200;
>> option dhcp6.info-refresh-time 129600;
>> option dhcp6.aftr-name code 64 = string;
>>
>> deny duplicates;
>> one-lease-per-client on;
>>
>> #dhcp01
>> subnet6 2a01:c840:110:8004::229/128 {
>> }
>> subnet6 2a01:c840:110:8004::230/128 {
>> }
>> subnet6 2a01:c840:110:8004::228/128 {
>> }
>> #dhcp02
>> subnet6 2a01:c840:130:8004::20/128 {
>> }
>> subnet6 2a01:c840:130:8004::21/128 {
>> }
>> subnet6 2a01:c840:130:8004::19/128 {
>> }
>>
>> #testovaci subnet 1
>> subnet6 2a01:c840:50:5000::/62 {
>> prefix6 2a01:c840:0050:2000:: 2a01:c840:0050:2300:: /56;
>> #prefix6 2a01:c840:0050:2400:: 2a01:c840:0050:2700:: /56; #dedicated for static assigement
>> # Additional options
>> # aftr je aftr2.auro.orange.sk <http://aftr2.auro.orange.sk>
>> option dhcp6.aftr-name 05:61:66:74:72:32:04:61:75:72:6f:06:6f:72:61:6e:67:65:02:73:6b:00;
>> option dhcp6.name-servers 2a01:c840:130:c000::10, 2a01:c840:110:c000::10;
>> }
>>
>> #test subnet2
>> subnet6 2a01:c840:0070:0140::/64 {
>> prefix6 2A01:C846:140:: 2A01:C846:17F:F000:: /56;
>> # N-005-BA-OLT-02
>> option dhcp6.aftr-name 61:61:66:74:72:32:2e:61:75:72:6f:2e:6f:72:61:6e:67:65:2e:73:6b ;
>> # aaftr2.auro.orange.sk <http://aaftr2.auro.orange.sk>
>> option dhcp6.name-servers 2a01:c840:110:c000::10 , 2a01:c840:130:c000::10 ;
>> }
>>
>> I am testing following scenarion:
>> - two relay agent exists (one for subnet1 and second from subnet 2)
>> - i try to migrate device from subnet2 into subnet1. I suppose that i will get another prefix delegation. But as you can
>> see in the debug messages, it doesnt work.
>>
>> Could you help me please? Thx
>>
>>
>>
>> Here are log messages:
>> 20180125155309 dhcp01 dhcpd-zk-inet: Internet Systems Consortium DHCP Server 4.3.6
>> 20180125155309 dhcp01 dhcpd-zk-inet: Copyright 2004-2017 Internet Systems Consortium.
>> 20180125155309 dhcp01 dhcpd-zk-inet: All rights reserved.
>> 20180125155309 dhcp01 dhcpd-zk-inet: For info, please visit https://www.isc.org/software/dhcp/
>> <https://www.isc.org/software/dhcp/>
>> 20180125155309 dhcp01 dhcpd-zk-inet: Wrote 0 deleted host decls to leases file.
>> 20180125155309 dhcp01 dhcpd-zk-inet: Wrote 0 new dynamic host decls to leases file.
>> 20180125155309 dhcp01 dhcpd-zk-inet: Wrote 0 NA, 0 TA, 1 PD leases to lease file.
>> 20180125155309 dhcp01 dhcpd-zk-inet: Bound to *:547
>> 20180125155309 dhcp01 dhcpd-zk-inet: Listening on Socket/5/zk-inet0/2a01:c840:110:8004::228/128
>> 20180125155309 dhcp01 dhcpd-zk-inet: Sending on Socket/5/zk-inet0/2a01:c840:110:8004::228/128
>> 20180125155309 dhcp01 dhcpd-zk-inet: Server starting service.
>> 20180125155311 dhcp01 dhcpd-zk-inet: Relay-forward message from 2a01:c840:70:140::1 port 547, link address
>> 2a01:c840:70:140::1, peer address fe80::427d:fff:fe99:4727
>> 20180125155311 dhcp01 dhcpd-zk-inet: Picking pool prefix 2a01:c846:17f:f000::/56
>> 20180125155311 dhcp01 dhcpd-zk-inet: Advertise PD: address 2a01:c846:17f:f000::/56 to client with duid
>> 00:03:00:01:40:7d:0f:99:47:27 iaid = 0 valid for 604800 seconds
>> 20180125155311 dhcp01 dhcpd-zk-inet: Sending Relay-reply to 2a01:c840:70:140::1 port 547
>> 20180125155312 dhcp01 dhcpd-zk-inet: Relay-forward message from 2a01:c840:70:140::1 port 547, link address
>> 2a01:c840:70:140::1, peer address fe80::427d:fff:fe99:4727
>> 20180125155312 dhcp01 dhcpd-zk-inet: Reply PD: address 2a01:c846:17f:f000::/56 to client with duid
>> 00:03:00:01:40:7d:0f:99:47:27 iaid = 0 valid for 604800 seconds
>> 20180125155312 dhcp01 dhcpd-zk-inet: Sending Relay-reply to 2a01:c840:70:140::1 port 547
>> 20180125160001 dhcp01 dhcpd-zk-inet: Relay-forward message from 2a01:c840:70:140::1 port 547, link address
>> 2a01:c840:70:140::1, peer address fe80::427d:fff:fe99:4727
>> 20180125160001 dhcp01 dhcpd-zk-inet: Advertise PD: address 2a01:c846:17f:f000::/56 to client with duid
>> 00:03:00:01:40:7d:0f:99:47:27 iaid = 0 valid for 604800 seconds
>> 20180125160001 dhcp01 dhcpd-zk-inet: Sending Relay-reply to 2a01:c840:70:140::1 port 547
>> 20180125160002 dhcp01 dhcpd-zk-inet: Relay-forward message from 2a01:c840:70:140::1 port 547, link address
>> 2a01:c840:70:140::1, peer address fe80::427d:fff:fe99:4727
>> 20180125160002 dhcp01 dhcpd-zk-inet: Reply PD: address 2a01:c846:17f:f000::/56 to client with duid
>> 00:03:00:01:40:7d:0f:99:47:27 iaid = 0 valid for 604800 seconds
>> 20180125160002 dhcp01 dhcpd-zk-inet: Sending Relay-reply to 2a01:c840:70:140::1 port 547
>> 20180125160129 dhcp01 dhcpd-zk-inet: Relay-forward message from 2a01:c840:50:5001::1 port 547, link address
>> 2a01:c840:50:5001::1, peer address fe80::427d:fff:fe99:4727
>> 20180125160129 dhcp01 dhcpd-zk-inet: Advertise PD: address 2a01:c846:17f:f000::/56 to client with duid
>> 00:03:00:01:40:7d:0f:99:47:27 iaid = 0 valid for 604800 seconds
>> 20180125160129 dhcp01 dhcpd-zk-inet: Sending Relay-reply to 2a01:c840:50:5001::1 port 547
>> 20180125160130 dhcp01 dhcpd-zk-inet: Relay-forward message from 2a01:c840:50:5001::1 port 547, link address
>> 2a01:c840:50:5001::1, peer address fe80::427d:fff:fe99:4727
>> 20180125160130 dhcp01 dhcpd-zk-inet: Reply PD: address 2a01:c846:17f:f000::/56 to client with duid
>> 00:03:00:01:40:7d:0f:99:47:27 iaid = 0 valid for 604800 seconds
>> 20180125160130 dhcp01 dhcpd-zk-inet: Sending Relay-reply to 2a01:c840:50:5001::1 port 547
>>
>>
>>
>> _______________________________________________
>> dhcp-users mailing list
>> dhcp-users at lists.isc.org <mailto:dhcp-users at lists.isc.org>
>> https://lists.isc.org/mailman/listinfo/dhcp-users <https://lists.isc.org/mailman/listinfo/dhcp-users>
>
>
> _______________________________________________
> dhcp-users mailing list
> dhcp-users at lists.isc.org <mailto:dhcp-users at lists.isc.org>
> https://lists.isc.org/mailman/listinfo/dhcp-users <https://lists.isc.org/mailman/listinfo/dhcp-users>
>
>
>
>
> _______________________________________________
> dhcp-users mailing list
> dhcp-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20180126/012f2a0c/attachment-0001.html>
More information about the dhcp-users
mailing list