DHCP, Dynamic DNS, and IPv6
David W. Hankins
David_Hankins at isc.org
Mon Sep 8 21:32:03 UTC 2008
On Mon, Sep 08, 2008 at 02:12:19PM -0700, Loren M. Lang wrote:
> Sorry, I'll try to state what I plan on doing more clearly. I am using
> IPv6 auto-configuration with one router sending out advertisements
> including an address prefix. I have been considering switching to
> DHCPv6 in order to do Dynamic DNS updates on client IPv6 addresses which
> I cannot do from IPv6 auto-configuration. RFC2462 states that there are
> two flags in the IPv6 Router Advertisements which specify whether
> clients should attempt a stateful configuration mechanism, such as
> DHCPv6, in addition to what is in the advertisement. The ManagedFlag,
> and OtherConfigFlag from the rfc correspond to the options
> AdvManagedFlag and AdvOtherConfigFlag in the radvd.conf configuration
> file and should (must?) be set if using DHCPv6. So the state-less
> advertisements from an IPv6 router actually tell clients whether or not
> to attempt a stateful protocol such as DHCP.
That is correct. The ManagedFlag indicates the client should enter
'stateful' DHCPv6 - the acquisition of IPv6 addresses and other DHCPv6
supplied resources (like FQDN's supplied by DDNS). The
OtherConfigFlag indicates 'stateless DHCPv6', which is approximately
equivalent to the DHCPv4 DHCPINFORM message; acquiring basic config
parameters with no state engine. There's also an A-flag which guides
whether or not the client should perform SLAAC on the advertised
prefix (assign its own address automatically).
However;
- There's an RS daemon that forks a DHCPv6 client every time the flags
toggle from 'off' to 'on'. So if you have two routers advertising,
with inconsistent bits set, you'll get a DHCPv6 client spawned on
every two advertisements.
- The RFCs were never clear on whether or not the client should
continue with stateless autoconfig addresses when the M bit was set,
so most (all?) clients seem to get addresses from both sources when
the A bit is set. So there doesn't seem to be a configuration that
lets you limit automatic addressing only to clients that have no
DHCPv6 support.
- I think there was some permissive language which suggests you could
run a DHCPv6 client independently of RA flags, so long as the client
sticks to the appropriate backoff timeouts.
- In addition, I seem to recall manufacturing your own address via
SLAAC even when the A-bit is zero is also permitted.
So it all comes down to "what do your clients do?"
--
Ash bugud-gul durbatuluk agh burzum-ishi krimpatul.
Why settle for the lesser evil? https://secure.isc.org/store/t-shirt/
--
David W. Hankins "If you don't do it right the first time,
Software Engineer you'll just have to do it again."
Internet Systems Consortium, Inc. -- Jack T. Hankins
More information about the dhcp-users
mailing list