[Kea-users] KEA sends valid-lifetime = 0

Darren Ankney darren.ankney at gmail.com
Fri Dec 2 14:35:32 UTC 2022 

https://www.rfc-editor.org/rfc/rfc3315#section-22.6

"In a message sent by a server to a client, the client MUST use the
values in the preferred and valid lifetime fields for the preferred
and valid lifetimes."

I believe that the server is telling the client to not use the address
with the 0 length lifetime and instead use the other address.  Have a
look at the client messages and see if both IPs are listed or perhaps
only the IP that the server is sending 0 for is listed in the IANA.

On Fri, Dec 2, 2022 at 9:27 AM Veronique Lefebure
<Veronique.Lefebure at cern.ch> wrote:
>
> For people who would encounter the same issue, see  https://gitlab.isc.org/isc-projects/kea/-/issues/2660
> ________________________________
> From: Kea-users <kea-users-bounces at lists.isc.org> on behalf of Veronique Lefebure <veronique.lefebure at cern.ch>
> Sent: Thursday, January 27, 2022 3:31 PM
> To: kea-users at lists.isc.org <kea-users at lists.isc.org>
> Subject: [Kea-users] KEA sends valid-lifetime = 0
>
>
> Hi,
>
> For the following query:
>
> 16:24:15.730401 IP6 (hlim 1, next-header UDP (17) payload length: 143)
> cs-lab11-kea.dhcpv6-client > ff02::1:2.dhcpv6-server:
> [bad udp cksum 0xc2bb -> 0xa8e1!]
> dhcp6 renew (xid=50bedb
> (client-ID type 4)
> (server-ID hwaddr/time type 1 time 692127779 00259074ca68)
> (option-request DNS-server DNS-search-list DNS-server DNS-search-list client-ID)
> (elapsed-time 0) (Client-FQDN)
> (IA_NA IAID:795336567 T1:3600 T2:5400(IA_ADDR xxxx::101:1 pltime:7200 vltime:7500))
> )
>
> I have observed a case where KEA dhcp6 returns the following:
>
> 16:24:16.359170 IP6 (hlim 64, next-header UDP (17) payload length: 171)
> gateway.dhcpv6-server > cs-lab11-kea.dhcpv6-client:
> [udp sum ok]
> dhcp6 reply (xid=50bedb
> (client-ID type 4)
> (server-ID hwaddr/time type 1 time 692127779 00259074ca68)
> (IA_NA IAID:795336567 T1:40 T2:100
> (IA_ADDR xxxx::101:1 pltime:120 vltime:120)
> (IA_ADDR xxxx::101:1 pltime:0 vltime:0))
> (DNS-search-list cern.ch.) (Client-FQDN))
>
> Where there are 2 IA_ADDR, the second one having a vltime of 0.
>
> Any idea how that can happen ?
>
> wireshark shows this:
>
> [...]
> Message type: Reply (7)
> Transaction ID: 0x52a6e8
> Client Identifier
> Server Identifier
> Identity Association for Non-temporary Address
> Option: Identity Association for Non-temporary Address (3)
> Length: 68
> xxx
> IAID: 2f67df77
> T1: 40
> T2: 100
> IA Address
> Option: IA Address (5)
> Length: 24
> Value: xxxx10100010000007800000078
> IPv6 address: 2001:1458:202:1d5::101:1 (xxxx::101:1)
> Preferred lifetime: 120
> Valid lifetime: 120
> IA Address
> Option: IA Address (5)
> Length: 24
> Value: xxxx10100010000000000000000
> IPv6 address: 2001:1458:202:1d5::101:1 (xxxx::101:1)
> Preferred lifetime: 0
> Valid lifetime: 0
> Domain Search List
> Fully Qualified Domain Name
>
> Thanks,
> Veronique
> --
> ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.
>
> To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.
>
> Kea-users mailing list
> Kea-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/kea-users

More information about the Kea-users mailing list