ipv6 dhcp server not handing out addresses

robert at spotswood-computer.net robert at spotswood-computer.net
Thu Nov 16 16:47:04 UTC 2017 

I can see the solicits in the dhcp server logs, so I think that's
definitive that they are reaching the server. The advertises should show
up there too, but just in case I'm wrong, I ran wireshark on the server.
Saw the solicits as expected, but 0 advertises.

>
>
> On 16/11/2017 17:05, robert at spotswood-computer.net wrote:
>> I've trying to retire an old Debian server (v7 Wheezy). I've new one
>> built
>> (really a VM) and installed (v9 - Stretch). One by one, I'm moving the
>> services over. Going well, until I hit the IPv6 dhcp server. The ipv4
>> dhcp
>> server went smooth.
>>
>> The old server is running isc-dhcp-server 4.2.2, while the new server is
>> running isc-dhcp-server 4.3.5.
>>
>> I copied the configuration file, but not the lease database from old
>> server. Then I stopped the old ipv6 (and ipv4) dhcp servers and started
>> the new ones. The ipv6 dhcp server starts, and is listening, but it is
>> not
>> handing out addresses. I tested with two Windows machine: ipconfig
>> /release6 then ipconfig /renew6. Both machines had an ipv6 address from
>> the old dhcp server, so it's not a client problem, and can renew said
>> address.
>>
>> Out of frustration, I copied the old database to the new server and
>> restarted. Still not working.
>>
>> I finally fired up wireshark on the client, and the problem seems to be
>> there are no advertise reply to the solicit from the client, which does
>> show up in the dhcpd logs. So the server sees the request, but doesn't
>> answer it.
>>
>> I checked the ip6tables and everything is accept, so it's not a firewall
>> issue. Any ideas?
> You may want to try Wireshark on the server to see if the request
> actually gets there.
> Could be an issue with switches along the way. I had an issue with a
> switch that was set to prevent DDOS attacks and blocked packets with
> identical source and destination ports. Removing that check made a lot
> of things work again.
>>
>> == config file ==
>> default-lease-time 6048;
>> max-lease-time 6048;
>> log-facility local7;
>> ddns-updates on;
>> ddns-update-style interim;
>> update-static-leases on;
>> authoritative;
>> #log-facility debug;
>>
>> subnet6 fd00:220:0:1::/64 {
>> 	#Range for clients
>> 	range6 fd00:220:0:1::601 fd00:220:0:1::800;
>> 	#Additional options
>> 	option dhcp6.name-servers fd00:220:0:1::40, fd00:220:0:1::50;
>> 	option dhcp6.domain-search "redacted.name";
>> }
>>
> --
> Best regards
>
> Sten Carlsen
>

More information about the dhcp-users mailing list