DHCP6 Server missing IAID field for reservations
-
I have two devices that have both ethernet and wireless connectivity. One Mac, one Windows. Both use a single DUID, with a unique IAID for the wireless connection.
I'd like to be able to reserve their wireless DHCP6 connection, but there is no IAID field, so the reservation is rejected as being a duplicate DUID, which is true, but shouldn't break it with a unique IAID.
-
Creating duplicate DHCP reservations is not possible neither with IPv4, nor with IPv6. Not to mention that it's a bad idea. Just move on.
-
I'm doing today with IPv4.
The wired NIC and the wireless NIC have unique MAC addresses. In IPv4, the MAC address is the unique ID, so it works.In IPv6, it uses the DUID for a unique PC ID, and the IAID is used for unique NICs.
Not moving on. We have to push for parity on IPv6 support.
-
Yeah, good luck. Last time this was discussed it was not implemented in the ISC DHCP at all. https://forum.pfsense.org/index.php?topic=47793.0
(As for pushing, I'd rather push for sane design. This nonsense that gets duplicated when you distribute OS images but changes when you reinstall the machine and is impossible to preconfigure on the server is just giant BS.)
-
It appears Windows DHCPv6 supports IAID: https://technet.microsoft.com/en-us/library/jj590697.aspx
If you don't agree with what I'm trying to do, perhaps you can suggest a better design?
My goal is to quickly identify computers on my internal network when they access an external resource. I'm going for security, not privacy. (you can have either perfect security or perfect privacy, but not both).
So, I could go with rDNS and let the clients autoconfigure and dynamically register their names, but I don't own the IP range that is assigned to me, my ISP does.
I could go with static assignments, but that breaks the portability of the wireless connections on these devices.
I'm trying to use DHCPv6, but you're saying that pfSense just won't do what I'm trying to do, and I shouldn't bother pushing to get it to do so even though other DHCPv6 implementations can do it.
What is your solution?
-
I agree with JasonTracy.
In my environment, it is very common to have laptops with wired + wireless interfaces connected to the same network for good reasons. I think this is a common use case. With the current DHCP6 in pfSense (relying on DUID only), both interfaces get the same IPv6 address and that breaks all IPv6 connectivity.
What I'm missing in pfSense DHCP6 is the option to use the MAC address for identification instead of DUID, just like in IPv4 DHCP. Or to use DUID + IAID.
-
What I'm missing in pfSense DHCP6 is the option to use the MAC address for identification
No such thing exists for DHCP6.