[Kea-users] [EXTERNAL] Re: DHCPv6 not working o PVE LAN
Xiao, Yu (CCI-Atlanta)
yu.xiao at cox.com
Thu Feb 15 17:48:36 UTC 2024
Hi Darren,
Thank you very much for the example, I followed your example, move the interface configuration ahead of the pools configuration, after that, it worked! And I put the configuration back to original and it still works. Previously, when I restarted kea service, it just gave me error. I compared the configurations and there’s no difference. It’s strange but I am glad I am able to get the IPv6 addresses for my clients. Thank you vey much for all your help!
Best Regards,
Yu
From: Kea-users <kea-users-bounces at lists.isc.org> on behalf of Xiao, Yu (CCI-Atlanta) via Kea-users <kea-users at lists.isc.org>
Date: Wednesday, February 14, 2024 at 8:44 AM
To: Kea user's list <kea-users at lists.isc.org>
Cc: Xiao, Yu (CCI-Atlanta) <yu.xiao at cox.com>
Subject: Re: [Kea-users] [EXTERNAL] Re: DHCPv6 not working o PVE LAN
Thank you, Darren! Let me try it.
Best Regards,
Yu
From: Kea-users <kea-users-bounces at lists.isc.org> on behalf of Darren Ankney <darren.ankney at gmail.com>
Date: Wednesday, February 14, 2024 at 7:16 AM
To: Kea user's list <kea-users at lists.isc.org>
Subject: Re: [Kea-users] [EXTERNAL] Re: DHCPv6 not working o PVE LAN
Hi Yu,
This simple configuration:
{
"Dhcp6": {
"subnet6": [
{
"subnet": "fd74:5656:15e2:10::/64",
"id": 1,
"interface": "ens256",
"pools": [
{
"pool": "fd74:5656:15e2:10::200 - fd74:5656:15e2:10::9999"
}
]
}
]
}
}
runs just fine on my test server. No syntax error. Can you provide
the syntax error you received?
Thank you,
Darren Ankney
On Tue, Feb 13, 2024 at 2:40 PM Xiao, Yu (CCI-Atlanta) <yu.xiao at cox.com> wrote:
>
> So I re-read the 9.2.18 IPv6 Subnet Selection section again, it mentioned specifically how to configure for LAN lease, but it mentioned the interface parameter, however, during my test, this parameter is not working and I have to use the parameter “interface-id” in order to make the kea process running. I am wondering if there’s a documentation bug here and something else is preventing the LAN DHCP use.
>
>
>
> I am wondering if anyone from ISC can help explain this further, thank you!
>
>
>
> “
>
> the DHCPv6 server must be able to operate while only using link-local addresses. Therefore, an optional interface parameter is available within a subnet definition to designate that a given subnet is local, i.e. reachable directly over the specified interface. For example, a server that is intended to serve a local subnet over eth0 may be configured as follows:
>
> "Dhcp6": {
>
> "subnet6": [
>
> {
>
> "id": 1,
>
> "subnet": "2001:db8:beef::/48",
>
> "pools": [
>
> {
>
> "pool": "2001:db8:beef::/48"
>
> }
>
> ],
>
> "interface": "eth0"
>
> }
>
> ],
>
> ...
>
> }
>
>
>
> “
>
>
>
>
>
> Best Regards,
>
> Yu
>
>
>
>
>
> From: Kea-users <kea-users-bounces at lists.isc.org> on behalf of Xiao, Yu (CCI-Atlanta) via Kea-users <kea-users at lists.isc.org>
> Date: Tuesday, February 13, 2024 at 1:44 PM
> To: Darren Ankney <darren.ankney at gmail.com>, Kea user's list <kea-users at lists.isc.org>
> Cc: Xiao, Yu (CCI-Atlanta) <yu.xiao at cox.com>
> Subject: Re: [Kea-users] [EXTERNAL] Re: DHCPv6 not working o PVE LAN
>
> Hi Darren,
>
>
>
> Thank you for your kind advice! I have configured ens18 having the ipv6 as 2001:db8:1::1/64 and changed the configuration file as below to add the interface IP. But still having the same error.
>
>
>
> {
>
> # DHCPv6 configuration starts on the next line
>
> "Dhcp6": {
>
> # First we set up global values
>
> "valid-lifetime": 400,
>
> "renew-timer": 100,
>
> "rebind-timer": 200,
>
> "preferred-lifetime": 300,
>
> # Next we set up the interfaces to be used by the server.
>
> "interfaces-config": {
>
> "interfaces": [ "ens18/2001:db8:1::1" ]
>
> },
>
> # And we specify the type of lease database
>
> "lease-database": {
>
> "type": "memfile",
>
> "persist": true,
>
> "name": "/var/lib/kea/dhcp6.leases"
>
> },
>
> # Finally, we list the subnets from which we will be leasing addresses.
>
> "subnet6": [
>
> {
>
> "id": 1,
>
> "subnet": "2001:db8:1::/64",
>
> "pools": [
>
> {
>
> "pool": "2001:db8:1::1-2001:db8:1::ffff"
>
> }
>
> ],
>
> "interface-id": "ens18/2001:db8:1::1"
>
> }
>
> ]
>
> # DHCPv6 configuration ends with the next line
>
> }
>
> }
>
> Packet information:
>
>
>
> Frame 2: 174 bytes on wire (1392 bits), 174 bytes captured (1392 bits)
> Ethernet II, Src: 42:f1:11:7a:0d:e7 (42:f1:11:7a:0d:e7), Dst: c6:0b:eb:d1:72:98 (c6:0b:eb:d1:72:98)
> Internet Protocol Version 6, Src: fe80::40f1:11ff:fe7a:de7, Dst: fe80::c40b:ebff:fed1:7298
> User Datagram Protocol, Src Port: 547, Dst Port: 546
> DHCPv6
> Message type: Advertise (2)
> Transaction ID: 0x912c7c
> Client Identifier
> Option: Client Identifier (1)
> Length: 18
> DUID: 0004a33501e38515e1763e47e3b0c5f85510
> DUID Type: Universally Unique IDentifier (UUID) (4)
> UUID: a33501e38515e1763e47e3b0c5f85510
> Server Identifier
> Option: Server Identifier (2)
> Length: 14
> DUID: 000100012d55697d42f1117a0de7
> DUID Type: link-layer address plus time (1)
> Hardware type: Ethernet (1)
> DUID Time: Feb 6, 2024 17:04:45.000000000 EST
> Link-layer address: 42:f1:11:7a:0d:e7
> Link-layer address (Ethernet): 42:f1:11:7a:0d:e7 (42:f1:11:7a:0d:e7)
> Identity Association for Non-temporary Address
> Option: Identity Association for Non-temporary Address (3)
> Length: 64
> IAID: ca53095a
> T1: 0
> T2: 0
> Status code
> Option: Status code (13)
> Length: 48
> Status Code: NoAddrAvail (2)
> Status Message: Server could not select subnet for this client
>
>
>
>
>
> Best Regards,
>
> Yu
>
>
>
>
>
> From: Darren Ankney <darren.ankney at gmail.com>
> Date: Tuesday, February 13, 2024 at 5:30 AM
> To: Kea user's list <kea-users at lists.isc.org>
> Cc: Xiao, Yu (CCI-Atlanta) <yu.xiao at cox.com>
> Subject: [EXTERNAL] Re: [Kea-users] DHCPv6 not working o PVE LAN
>
> Hi Yu,
>
> Without looking too closely, I'd imagine that this subnet:
> 2001:db8:1::/64 does not exist in your network? Therefore there is no
> way for Kea to select this subnet? It doesn't look like your traffic
> was relayed, so your Kea server would need to find that subnet
> configured on a local interface on which it was listening. Try adding
> this subnet to the ens18 interface (this is just a guess, btw).
>
> Thank you,
> Darren Ankney
>
> On Mon, Feb 12, 2024 at 5:08 PM Xiao, Yu (CCI-Atlanta) via Kea-users
> <kea-users at lists.isc.org> wrote:
> >
> > Greetings,
> >
> >
> >
> > I am working on a home lab as concept design for DHCP ipv6. I have two Rocky 8 VMs under PVE, one is server which installed kea-dhcp6 and the other is the client. I used the dummy configuration in the Kea manual with a few changes on T1 and T2 but the same IP information. But I don’t see the client got any IPv6 from the server. I did the packets capture using tcpdump. I can see the solicit and advertise packets, but in the advertise packet, I see status message: Server could not select subnet for this client.
> >
> >
> >
> > I did Google and found previous discussions email from this mailer, so I added the interface-id configuration under “subnet6” section. But still, I see the same error message. I have opened the port for DHCPv6 on server side, also there’s IPv4 connectivity between the server and the client with static Ips.
> >
> >
> >
> > Can anyone provide some insights? Thank you all!
> >
> >
> >
> >
> >
> >
> >
> > Configuration:
> >
> > {
> >
> > # DHCPv6 configuration starts on the next line
> >
> > "Dhcp6": {
> >
> >
> >
> > # First we set up global values
> >
> > "valid-lifetime": 400,
> >
> > "renew-timer": 100,
> >
> > "rebind-timer": 200,
> >
> > "preferred-lifetime": 300,
> >
> >
> >
> > # Next we set up the interfaces to be used by the server.
> >
> > "interfaces-config": {
> >
> > "interfaces": [ "ens18" ]
> >
> > },
> >
> >
> >
> > # And we specify the type of lease database
> >
> > "lease-database": {
> >
> > "type": "memfile",
> >
> > "persist": true,
> >
> > "name": "/var/lib/kea/dhcp6.leases"
> >
> > },
> >
> >
> >
> > # Finally, we list the subnets from which we will be leasing addresses.
> >
> > "subnet6": [
> >
> > {
> >
> > "id": 1,
> >
> > "subnet": "2001:db8:1::/64",
> >
> > "pools": [
> >
> > {
> >
> > "pool": "2001:db8:1::1-2001:db8:1::ffff"
> >
> > }
> >
> > ],
> >
> > "interface-id": "ens18"
> >
> > }
> >
> > ]
> >
> > # DHCPv6 configuration ends with the next line
> >
> > }
> >
> >
> >
> > }
> >
> >
> >
> > Packets capture info:
> >
> > Frame 2: 174 bytes on wire (1392 bits), 174 bytes captured (1392 bits)
> >
> > Ethernet II, Src: 42:f1:11:7a:0d:e7 (42:f1:11:7a:0d:e7), Dst: c6:0b:eb:d1:72:98 (c6:0b:eb:d1:72:98)
> >
> > Internet Protocol Version 6, Src: fe80::40f1:11ff:fe7a:de7, Dst: fe80::c40b:ebff:fed1:7298
> >
> > User Datagram Protocol, Src Port: 547, Dst Port: 546
> >
> > DHCPv6
> >
> > Message type: Advertise (2)
> >
> > Transaction ID: 0x2f54ab
> >
> > Client Identifier
> >
> > Server Identifier
> >
> > Identity Association for Non-temporary Address
> >
> > Option: Identity Association for Non-temporary Address (3)
> >
> > Length: 64
> >
> > IAID: ca53095a
> >
> > T1: 0
> >
> > T2: 0
> >
> > Status code
> >
> > Option: Status code (13)
> >
> > Length: 48
> >
> > Status Code: NoAddrAvail (2)
> >
> > Status Message: Server could not select subnet for this client
> >
> >
> >
> >
> >
> >
> >
> >
> >
> > Best Regards,
> >
> > Yu
> >
> >
> >
> > --
> > ISC funds the development of this software with paid support subscriptions. Contact us at https://urldefense.com/v3/__https://www.isc.org/contact/__;!!Hit2Ag!0K9epNzn4CSRmiefT3IafyMmx5i-oIOnK8k2lv3vVeudBBPf90aLwcbxzsvzIxghTHpMNObCcnALoQUpa7LN$<https://urldefense.com/v3/__https:/www.isc.org/contact/__;!!Hit2Ag!0K9epNzn4CSRmiefT3IafyMmx5i-oIOnK8k2lv3vVeudBBPf90aLwcbxzsvzIxghTHpMNObCcnALoQUpa7LN$> for more information.
> >
> > To unsubscribe visit https://urldefense.com/v3/__https://lists.isc.org/mailman/listinfo/kea-users__;!!Hit2Ag!0K9epNzn4CSRmiefT3IafyMmx5i-oIOnK8k2lv3vVeudBBPf90aLwcbxzsvzIxghTHpMNObCcnALoX36mEC1$<https://urldefense.com/v3/__https:/lists.isc.org/mailman/listinfo/kea-users__;!!Hit2Ag!0K9epNzn4CSRmiefT3IafyMmx5i-oIOnK8k2lv3vVeudBBPf90aLwcbxzsvzIxghTHpMNObCcnALoX36mEC1$> .
> >
> > Kea-users mailing list
> > Kea-users at lists.isc.org
> > https://urldefense.com/v3/__https://lists.isc.org/mailman/listinfo/kea-users__;!!Hit2Ag!0K9epNzn4CSRmiefT3IafyMmx5i-oIOnK8k2lv3vVeudBBPf90aLwcbxzsvzIxghTHpMNObCcnALoX36mEC1$<https://urldefense.com/v3/__https:/lists.isc.org/mailman/listinfo/kea-users__;!!Hit2Ag!0K9epNzn4CSRmiefT3IafyMmx5i-oIOnK8k2lv3vVeudBBPf90aLwcbxzsvzIxghTHpMNObCcnALoX36mEC1$>
--
ISC funds the development of this software with paid support subscriptions. Contact us at https://urldefense.com/v3/__https://www.isc.org/contact/__;!!Hit2Ag!zkrmCsvrB-GgI06vZqwS-vkiJUWNyIWsV7bLyo43q9ZofxW4uD2iBZxEESSt-ra82s_bsrQ8vAX7G0klG9y_$<https://urldefense.com/v3/__https:/www.isc.org/contact/__;!!Hit2Ag!zkrmCsvrB-GgI06vZqwS-vkiJUWNyIWsV7bLyo43q9ZofxW4uD2iBZxEESSt-ra82s_bsrQ8vAX7G0klG9y_$> for more information.
To unsubscribe visit https://urldefense.com/v3/__https://lists.isc.org/mailman/listinfo/kea-users__;!!Hit2Ag!zkrmCsvrB-GgI06vZqwS-vkiJUWNyIWsV7bLyo43q9ZofxW4uD2iBZxEESSt-ra82s_bsrQ8vAX7G9xFm7DR$<https://urldefense.com/v3/__https:/lists.isc.org/mailman/listinfo/kea-users__;!!Hit2Ag!zkrmCsvrB-GgI06vZqwS-vkiJUWNyIWsV7bLyo43q9ZofxW4uD2iBZxEESSt-ra82s_bsrQ8vAX7G9xFm7DR$> .
Kea-users mailing list
Kea-users at lists.isc.org
https://urldefense.com/v3/__https://lists.isc.org/mailman/listinfo/kea-users__;!!Hit2Ag!zkrmCsvrB-GgI06vZqwS-vkiJUWNyIWsV7bLyo43q9ZofxW4uD2iBZxEESSt-ra82s_bsrQ8vAX7G9xFm7DR$<https://urldefense.com/v3/__https:/lists.isc.org/mailman/listinfo/kea-users__;!!Hit2Ag!zkrmCsvrB-GgI06vZqwS-vkiJUWNyIWsV7bLyo43q9ZofxW4uD2iBZxEESSt-ra82s_bsrQ8vAX7G9xFm7DR$>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/kea-users/attachments/20240215/3ead4c4d/attachment-0001.htm>
More information about the Kea-users
mailing list