Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DHCPv6 server - Deny Unknown Clients ignored?

    Scheduled Pinned Locked Moved
    DHCP and DNS
    2
    4
    80
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      SteveITS Rebel Alliance
      last edited by

      If I set "Deny Unknown Clients" to "Allow known clients from only this interface, only DUIDs listed in static mappings on this interface will get an IP address within this scope/range" other DUIDs are assigned an IP. In DHCPv4 Server, other requests are correctly refused (though "Ignore Denied Clients" instead of reject doesn't seem to always work...). Am I missing something or does this not work correctly in DHCPv6?

      I'm using ISC DHCP on 24.03 but there are no changes in the release notes for DHCPv6 in 24.11.

      I am trying to automate IPv6 delegation so inbound routes are set up automatically, but need to limit what routers receive IPv6.

      Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
      When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
      Upvote ๐Ÿ‘ helpful posts!

      Bob.DigB 1 Reply Last reply Reply Quote 0
      • Bob.DigB
        Bob.Dig LAYER 8 @SteveITS
        last edited by Bob.Dig

        @SteveITS I did a quick test and here it does work like it should (Windows).
        Edit: Ops sry, I am using Kea on 24.11.

        S 2 Replies Last reply Reply Quote 0
        • S
          SteveITS Rebel Alliance @Bob.Dig
          last edited by

          @Bob-Dig Hmmm. ๐Ÿค” Not sure what would differ then. I can test again but would prefer to wait until the weekend, or maybe late at night.

          I can set it up statically but per my other thread that you responded to, the route for the delegated subnet (pointing to the internal router) is lost if the ISP router restarts, either in that router or in my "outside"/building router.

          Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
          When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
          Upvote ๐Ÿ‘ helpful posts!

          1 Reply Last reply Reply Quote 0
          • S
            SteveITS Rebel Alliance @Bob.Dig
            last edited by

            @Bob-Dig said in DHCPv6 server - Deny Unknown Clients ignored?:

            Ops sry, I am using Kea on 24.11.

            Hmm, I didn't see the edit. That may be the important point. On ISC I have tried again and what I see is weird:

            If I have it set to allow only known from this interface, and enter an incorrect DUID, no leases happen (during the time I had it running, a while).

            If I have it set the same but enter the correct DUID, the lease happens but a route isn't set up. Other leases to other routers DO incorrectly happen and routes may or may not be set up (comparing the leases page to the routes page).

            Now the last part might well be because it was running for an hour or so and not just a half hour but it seems like the other routers should have pulled leases at some point along the way. I have no control over those routers though.

            Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
            When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
            Upvote ๐Ÿ‘ helpful posts!

            1 Reply Last reply Reply Quote 0
            • S SteveITS referenced this topic
            • First post
              Last post