wiki:DHCP4o6-Use

How to use DHCP4o6

How to experiment with DHCPv4-over-DHCPv6 (https://tools.ietf.org/html/rfc7341) with ISC DHCP client and server, and Kea server implementations.

Short Description

I use two Linux virtual machines under VMware Fusion:

  • Ubuntu 15.04 32 bit desktop for the client
  • Fedora 22 64 bit desktop for servers

Both VMs have two Ethernets, the first connected to the Internet (shared with the host), the second is a virtual bridge interconnecting VMs, no auto configuration (e.g., NetworkManager?) must try to manage this second Ethernet.

ISC DHCP installation

The 4o6 branch is rt35711b (please ask if you'd like to get it). As it is a git branch, it is not provided with the associated/required bind9 sources. These bind9 sources must be taken from the previous release, DHCP 4.3.2, not 4.3.3. This distribution is available from the ISC FTP site (not from the Web site as far as I know), please untar it and copy the bind directory.

The configuration is:

./configure --enable-dhcpv4o6

ISC DHCP must be installed on the client and may be installed on the server. Note if (DHCPv6) relays are wanted the relay function (when is 4o6 transparent) is supported only by ISC DHCP.

Kea installation

The 4o6 branch is fd4o6 (it is supposed to be a private branch but it is available from the Kea git server). There is no particular configuration flags (no #ifdef for 4o6 in the experimental code).

Client setup

The client runs a DHCPv6 client and a DHCPv4 client on the second Ethernet eth1. They are launched by from the client directory by:

./dhclient -d -v -6 -4o6 6767 -lf leases6 -pf pid6 eth1

and

./dhclient -d -v -4 -4o6 6767 -lf leases4 -pf pid4 eth1

Note the lease files must be created before, and if the DHCPv4 client can be launched from the DHCPv6 client when it acquires an address for experiments it is easier to manually run them in dedicated terminal windows (anyway the 2 clients communicate through the 6767/6768 UDP so one may start or stop any client as one'd like).

Server setup

The IPv6 firewall must be disabled. I recommend to check first if the two VMs can communicate in IPv6 (direct IPv4 will be never used) using link-local addresses if they are directly connected (i.e., there is no DHCPv6 relay/IPv6 routers). Note I found a dnsmasq process which bound the DHCPv4 service port so please check (e.g., using lsof).

The server VM must get both IPv4 and IPv6 addresses. On my Fedora the second interface is named eno33554984, the commands are:

ip addr add 10.10.10.1/24 dev eno33554984

and

ip -6 addr add 2001:db8:1:1::1/64 dev eno33554984

Note that in theory the IPv4 address is not required but:

  • there are some DHCPv4 clients which refused response with no or invalid server-id
  • server-id selection in Kea is arguable (cf ticket #4063)
  • this definitely avoids silly can't find a subnet to configure or similar messages

Both ISC DHCP and Kea use 2 processes to manage DHCPv4-over-DHCPv6, one in charge of DHCPv6, the other in charge of DHCPv4. They communicate via UDP in a compatible way.

ISC DHCP DHCPv6 server

My configuration file dhcpd.conf6 is:

# DHCPv6 conf

authoritative;

default-lease-time 3600;
max-lease-time 7200;

option dhcp6.dhcp4-o-dhcp6-server 2001:db8:1:1::1;

subnet6 2001:db8:1:1::/64 {
        range6 2001:db8:1:1::1:0/112;
}

The server is launched from the server directory by:

./dhcpd -f -d -6 -4o6 6767 -cf ./dhcpd.conf6 -lf ./leases6 -pf ./pid6 eno33554984

Of course the lease file (leases6) must be created before.

Please note the option which is required for 4o6.

ISC DHCP DHCPv4 server

My configuration file dhcpd.conf4 is:

# DHCPv4o6 conf

authoritative;

default-lease-time 3600;
max-lease-time 7200;

shared-network "eno33554984" {
        subnet6 2001:db8:1:1::/64 { }
        subnet 10.10.10.0 netmask 255.255.255.0 {
               range 10.10.10.100 10.10.10.199;
       }
}

The server is launched from the server directory by:

./dhcpd -f -d -4 -4o6 6767 -cf ./dhcpd.conf4 -lf ./leases4 -pf ./pid4 eno33554984

Of course the lease file (leases4) must be created before.

Please note the shared-network which is used to match DHCPv4 and DHCPv6 subnets.

Kea DHCP DHCPv6 server

My configuration file kea.conf6 is:

{

# DHCPv6 conf
"Dhcp6":
{
  "interfaces-config": {
    "interfaces": [ "eno33554984/2001:db8:1:1::1" ]
  },

  "lease-database": {
    "type": "memfile",
    "name": "leases6"
  },

  "preferred-lifetime": 3000,
  "valid-lifetime": 4000,
  "renew-timer": 1000,
  "rebind-timer": 2000,

  "subnet6": [
   {   "subnet": "2001:db8:1:1::/64",
       "interface": "eno33554984",
       "pools": [ { "pool": "2001:db8:1:1::1:0/112" } ] }
   ],

  "dhcp4o6-port": 6767,

  "option-data": [
   {  "name": "dhcp4o6-server-addr",
      "code": 88,
      "space": "dhcp6",
      "csv-format": true,
      "data": "2001:db8:1:1::1" }
   ]
},

"Logging":
{
  "loggers": [
    {
      "name": "kea-dhcp6",
      "output_options": [
          {
            "output": "/tmp/kea-dhcp6.log"
          }
      ],
      "severity": "DEBUG",
      "debuglevel": 0
    }
  ]
}

}

Please note the unicast address for the interface and option which are required for 4o6

Kea DHCPv4 server

My configuration file kea.conf6 is:

{

# DHCPv4 conf
"Dhcp4":
{
  "interfaces-config": {
    "interfaces": [ "eno33554984" ]
  },

  "lease-database": {
    "type": "memfile",
    "name": "leases4"
  },

  "valid-lifetime": 4000,

  "subnet4": [
   {    "subnet": "10.10.10.0/24",
        "interface": "eno33554984",
        "id": 10,
        "pools": [ { "pool": "10.10.10.100 - 10.10.10.199" } ] }
  ],

  "subnet6": [
   {   "subnet": "2001:db8:1:1::/64",
       "interface": "eno33554984",
       "id": 10 }
   ],

  "dhcp4o6-port": 6767

},

"Logging":
{
  "loggers": [
    {
      "name": "kea-dhcp4",
      "output_options": [
          {
            "output": "/tmp/kea-dhcp4.log"
          }
      ],
      "severity": "DEBUG",
      "debuglevel": 0
    }
  ]
}

}

Please note subnet id's which are used to match DHCPv4 and DHCPv6 subnets.

Tests

I ran these tests (in order):

  • pings using link-local addresses from server and client (i.e., checking IPv6 connectivity)
  • DHCPv6 client can get an IPv6 address assigned (requires a DHCPv6 server)
  • 4o6 client can get an IPv4 address assigned using ISC DHCP servers
  • 4o6 client can get an IPv4 address assigned using Kea v6 and ISC DHCP v4 servers
  • 4o6 client can get an IPv4 address assigned using Kea servers

No tested: ISC DHCP v6 and Kea v4 servers, DHCPv6 relay(s).

Last modified 2 years ago Last modified on Oct 9, 2015, 12:23:12 PM