IPv6 strange DHCP behaviour (multiple VLAN)



  • Hi,
    I am having a curious issue and I have been fighting with this for almost a full day until I decided to give up and ask for help.
    I have a pfSense physical machine with IPv6 tunneling to HE.
    The configuration is the same for each VLAN (I have a /48 range which is split on each VLAN to a /64).
    When I connect to two VLANs I am getting the correct address from DHCP. When I am connecting from another VLAN (and really, I swear I have the same configurations) I am not getting an address.

    This is the result on the client on the good VLAN:

    Options[4] = {
      IA_NA (3) Length 40:  IA_NA IAID=0 T1=0 T2=0 Options[1] = {
        IAADDR (5) Length 24:  IAADDR 2001:xxx:xxxx:20::d:88c0 Preferred 4073 Valid=6773
      }  CLIENTID (1) Length 14: DUID LLT HW 1 Time 551030748 Addr a0:99:9b:00:0a:27
      SERVERID (2) Length 14: DUID LLT HW 1 Time 647803393 Addr 00:0d:b9:56:8d:e1
      DNS_SERVERS (23) Length 16: 2001:xxx:xxxx:20::1
    }
    

    This instead is the result on the client on the bad VLAN:

    DHCPv6 ADVERTISE (2) Transaction ID 0x4b6ca6 Length 108
    Options[5] = {
      SERVERID (2) Length 10: DUID LL HW 1 Addr dc:a6:32:40:9b:9d
      CLIENTID (1) Length 14: DUID LLT HW 1 Time 551030748 Addr a0:99:9b:00:0a:27
      <unknown> (82) Length 4:  Data 00 00 00 3c
      DNS_SERVERS (23) Length 16: fdcb:f24:701a::1
      IA_NA (3) Length 40:  IA_NA IAID=0 T1=21600 T2=34560 Options[1] = {
        IAADDR (5) Length 24:  IAADDR fdcb:f24:701a::3fb Preferred 43200 Valid=43200
      }}
    

    Checking in the DHCP log in pfSense I have the following for the good VLAN:
    Please note that everything is upside down :-) The timeline goes from the bottom to the top.

    Jul 11 19:31:21	dhcpd		Sending Reply to fe80::1030:4604:3e13:4c17 port 546
    Jul 11 19:31:21	dhcpd		Reusing lease for: 2001:xxx:xxxx:20::d:88c0, age 427 secs < 25%, sending shortened lifetimes - preferred: 4073, valid 6773
    Jul 11 19:31:21	dhcpd		Reply NA: address 2001:xxx:xxxx:20::d:88c0 to client with duid 00:01:00:01:20:d8:0f:dc:a0:99:9b:00:0a:27 iaid = 0 valid for 7200 seconds
    Jul 11 19:31:21	dhcpd		Request message from fe80::1030:4604:3e13:4c17 port 546, transaction ID 0x7EA85900
    Jul 11 19:31:20	dhcpd		Sending Advertise to fe80::1030:4604:3e13:4c17 port 546
    Jul 11 19:31:20	dhcpd		Advertise NA: address 2001:xxx:xxxx:20::d:88c0 to client with duid 00:01:00:01:20:d8:0f:dc:a0:99:9b:00:0a:27 iaid = 0 valid for 7200 seconds
    Jul 11 19:31:20	dhcpd		Solicit message from fe80::1030:4604:3e13:4c17 port 546, transaction ID 0x16DBB800
    

    and this for the bad VLAN:

    Jul 11 19:31:40	dhcpd		Discarding Request from fe80::1030:4604:3e13:4c17; not our server identifier (CLIENTID 00:01:00:01:20:d8:0f:dc:a0:99:9b:00:0a:27, SERVERID 00:03:00:01:dc:a6:32:40:9b:9d, server DUID 00:01:00:01:26:9c:b2:01:00:0d:b9:56:8d:e1)
    Jul 11 19:31:40	dhcpd		Request message from fe80::1030:4604:3e13:4c17 port 546, transaction ID 0x8F696900
    Jul 11 19:31:39	dhcpd		Sending Advertise to fe80::1030:4604:3e13:4c17 port 546
    Jul 11 19:31:39	dhcpd		Advertise NA: address 2001:xxx:xxxx:40::d:88c0 to client with duid 00:01:00:01:20:d8:0f:dc:a0:99:9b:00:0a:27 iaid = 0 valid for 7200 seconds
    Jul 11 19:31:39	dhcpd		Picking pool address 2001:xxx:xxxxx:40::d:88c0
    Jul 11 19:31:39	dhcpd		Solicit message from fe80::1030:4604:3e13:4c17 port 546, transaction ID 0xA66C4B00
    

    Any idea?
    Thanks a lot,
    Franc



  • @franzli

    Any chance you have a TP-Link managed switch?



  • @JKnott

    It’s a Cisco SG250. But the same behaviour happens via WiFi on the same VLANs



  • @franzli

    I have an SG200-08. Try packet capture on the VLANs to see what's happening with DHCP. It may offer some clues.



  • It seems that I have found the issue...
    By analyzing the tcpdump, I have noticed that there was another ip that was answering to the request of the dhcp.
    The problem is that I didn't know what it was. It was in the ndp table of my computer, it was in the neighbour list of the switch.
    At the end it was a stupid raspberry that was advertising itself as router. Disconnected, everything works like a charm.
    Thanks for the help anyway. Case closed!


Log in to reply