DHCP6 and DNS issues



  • Client NIC is Auto get config from PFsense.




  • 2




  • ok, so the router advertisements are set to "unmanaged" so clients will never fetch a address via dhcp6.

    You need to set the mode to "assisted" or "managed".



  • @databeestje:

    ok, so the router advertisements are set to "unmanaged" so clients will never fetch a address via dhcp6.

    You need to set the mode to "assisted" or "managed".

    OK. I will change.

    IF I want to use 2001:470:f178:369 subnet to client, How I do setup?
    Could you give Demonstration examples?

    Subnet 2001:470:f178:0:0:0:0:0
    Subnet mask 48 bits
    Available range 2001:470:f178:0:0:0:0:1 - 2001:470:f178:ffff:ffff:ffff:ffff:ffff
    Range
    Prefix Delegation Range



  • android can't get ipv6 address from DHCPv6.

    windows7 NIC can get ipv6 address from DHCPv6.

    what's wrong ?



  • Rebel Alliance Developer Netgate

    Android has no dhcp6 client. It can only do autoconf.



  • I will LAN ipv6 range change from /48 to /64,then the Android get ipv6 address.


  • Rebel Alliance Developer Netgate

    If you need multiple IPs (multiple IPv4 or multiple IPv6) then DHCP isn't really the right solution. You should really be hardcoding IPs on servers, especially mail servers, as you'll have to ensure they have proper forward/reverse DNS.



  • I have do reverse DNS.  but I need setup static ipv6 address for  other client and server. just like ipv4.


  • Rebel Alliance Developer Netgate

    If you just need one IP of each type for each server, DHCP works fine.



  • Now DHCPv6 all not work.

    show system logs:

    Jan 6 06:04:10 dnsmasq[14544]: read /etc/hosts - 3 addresses
    Jan 6 06:04:11 dhcpd: Internet Systems Consortium DHCP Server 4.2.3
    Jan 6 06:04:11 dhcpd: Copyright 2004-2011 Internet Systems Consortium.
    Jan 6 06:04:11 dhcpd: All rights reserved.
    Jan 6 06:04:11 dhcpd: For info, please visit https://www.isc.org/software/dhcp/
    Jan 6 06:04:11 php: /services_dhcpv6.php: Shutting down Router Advertisment daemon cleanly
    Jan 6 06:04:11 rtadvd[20796]: <getconfig>inet_pton failed for
    Jan 6 06:04:11 rtadvd[20796]: <getconfig>inet_pton failed for
    Jan 6 06:04:20 rtadvd[17470]: poll() failed: Invalid argument
    Jan 6 06:04:20 rtadvd[17470]: poll() failed: Invalid argument

    Last 50 DHCP service log entries
    Jan 6 06:09:12 dhcpd: Internet Systems Consortium DHCP Server 4.2.3
    Jan 6 06:09:12 dhcpd: Copyright 2004-2011 Internet Systems Consortium.
    Jan 6 06:09:12 dhcpd: All rights reserved.
    Jan 6 06:09:12 dhcpd: For info, please visit https://www.isc.org/software/dhcp/
    Jan 6 06:09:12 dhcpd: Wrote 0 deleted host decls to leases file.
    Jan 6 06:09:12 dhcpd: Wrote 0 new dynamic host decls to leases file.
    Jan 6 06:09:12 dhcpd: Wrote 3 leases to leases file.
    Jan 6 06:09:12 dhcpd: Listening on BPF/re0/00:e0:4c:1e:b3:f4/192.168.101.0/24
    Jan 6 06:09:12 dhcpd: Sending on BPF/re0/00:e0:4c:1e:b3:f4/192.168.101.0/24
    Jan 6 06:09:12 dhcpd: Sending on Socket/fallback/fallback-net
    Jan 6 06:09:13 dhcpd: Internet Systems Consortium DHCP Server 4.2.3
    Jan 6 06:09:13 dhcpd: Copyright 2004-2011 Internet Systems Consortium.
    Jan 6 06:09:13 dhcpd: All rights reserved.
    Jan 6 06:09:13 dhcpd: For info, please visit https://www.isc.org/software/dhcp/
    Jan 6 06:09:13 dhcpd: Wrote 0 leases to leases file.
    Jan 6 06:09:13 dhcpd: Bound to *:547
    Jan 6 06:09:13 dhcpd: Listening on Socket/10/re0/2001:470:67:33::/64
    Jan 6 06:09:13 dhcpd: Sending on Socket/10/re0/2001:470:67:33::/64




    </getconfig></getconfig>



  • Last 50 DHCP service log entries
    Jan 6 06:09:12 dhcpd: Sending on BPF/re0/00:e0:4c:1e:b3:f4/192.168.101.0/24
    Jan 6 06:09:12 dhcpd: Sending on Socket/fallback/fallback-net
    Jan 6 06:09:13 dhcpd: Internet Systems Consortium DHCP Server 4.2.3
    Jan 6 06:09:13 dhcpd: Copyright 2004-2011 Internet Systems Consortium.
    Jan 6 06:09:13 dhcpd: All rights reserved.
    Jan 6 06:09:13 dhcpd: For info, please visit https://www.isc.org/software/dhcp/
    Jan 6 06:09:13 dhcpd: Wrote 0 leases to leases file.
    Jan 6 06:09:13 dhcpd: Bound to *:547
    Jan 6 06:09:13 dhcpd: Listening on Socket/10/re0/2001:470:67:22::/64
    Jan 6 06:09:13 dhcpd: Sending on Socket/10/re0/2001:470:67:22::/64
    Jan 6 06:10:00 dhcpd: DHCPINFORM from 192.168.101.100 via re0
    Jan 6 06:10:00 dhcpd: DHCPACK to 192.168.101.100 (00:27:19:a9:1:26) via re0
    Jan 6 06:11:59 dhcpd: DHCPINFORM from 192.168.101.100 via re0
    Jan 6 06:11:59 dhcpd: DHCPACK to 192.168.101.100 (00:27:19:a9:1:26) via re0
    Jan 6 06:14:23 dhcpd: DHCPINFORM from 192.168.101.100 via re0
    Jan 6 06:14:23 dhcpd: DHCPACK to 192.168.101.100 (00:27:19:a9:1:26) via re0
    Jan 6 06:19:01 dhcpd: Internet Systems Consortium DHCP Server 4.2.3
    Jan 6 06:19:01 dhcpd: Copyright 2004-2011 Internet Systems Consortium.
    Jan 6 06:19:01 dhcpd: All rights reserved.
    Jan 6 06:19:01 dhcpd: For info, please visit https://www.isc.org/software/dhcp/
    Jan 6 06:19:01 dhcpd: Wrote 0 deleted host decls to leases file.
    Jan 6 06:19:01 dhcpd: Wrote 0 new dynamic host decls to leases file.
    Jan 6 06:19:01 dhcpd: Wrote 3 leases to leases file.
    Jan 6 06:19:01 dhcpd: Listening on BPF/re0/00:e0:4c:1e:3:f4/192.168.101.0/24
    Jan 6 06:19:01 dhcpd: Sending on BPF/re0/00:e0:4c:1e:3:f4/192.168.101.0/24
    Jan 6 06:19:01 dhcpd: Sending on Socket/fallback/fallback-net
    Jan 6 06:19:02 dhcpd: Internet Systems Consortium DHCP Server 4.2.3
    Jan 6 06:19:02 dhcpd: Copyright 2004-2011 Internet Systems Consortium.
    Jan 6 06:19:02 dhcpd: All rights reserved.
    Jan 6 06:19:02 dhcpd: For info, please visit https://www.isc.org/software/dhcp/
    Jan 6 06:19:02 dhcpd: Wrote 0 leases to leases file.
    Jan 6 06:19:02 dhcpd: Bound to *:547
    Jan 6 06:19:02 dhcpd: Listening on Socket/10/re0/2001:470:67:22::/64
    Jan 6 06:19:02 dhcpd: Sending on Socket/10/re0/2001:470:67:22::/64
    Jan 6 06:19:25 dhcpd: DHCPREQUEST for 192.168.101.3 from 00:25:86:9:72:d3 via re0
    Jan 6 06:19:25 dhcpd: DHCPACK on 192.168.101.3 to 00:25:86:9b:72:d3 via re0
    Jan 6 06:19:28 dhcpd: DHCPREQUEST for 192.168.101.5 from 00:30:67:e0:8:a4 via re0
    Jan 6 06:19:28 dhcpd: DHCPACK on 192.168.101.5 to 00:30:67:e0:88:a4 via re0
    Jan 6 06:19:33 dhcpd: DHCPREQUEST for 192.168.101.100 from 00:27:19:a9:1:26 via re0
    Jan 6 06:19:33 dhcpd: DHCPACK on 192.168.101.100 to 00:27:19:a9:1:26 via re0
    Jan 6 06:19:36 dhcpd: DHCPINFORM from 192.168.101.100 via re0
    Jan 6 06:19:36 dhcpd: DHCPACK to 192.168.101.100 (00:27:19:a9:1:26) via re0
    Jan 6 06:22:27 dhcpd: DHCPINFORM from 192.168.101.100 via re0
    Jan 6 06:22:27 dhcpd: DHCPACK to 192.168.101.100 (00:27:19:a9:1:26) via re0
    Jan 6 06:25:06 dhcpd: DHCPREQUEST for 192.168.101.100 from 00:27:19:a9:19:26 via re0
    Jan 6 06:25:06 dhcpd: DHCPACK on 192.168.101.100 to 00:27:19:a9:1:26 via re0
    Jan 6 06:25:11 dhcpd: DHCPINFORM from 192.168.101.100 via re0
    Jan 6 06:25:11 dhcpd: DHCPACK to 192.168.101.100 (00:27:19:a9:1:26) via re0
    Jan 6 06:26:29 dhcpd: DHCPINFORM from 192.168.101.100 via re0
    Jan 6 06:26:29 dhcpd: DHCPACK to 192.168.101.100 (00:27:19:a9:1:26) via re0



  • I've been following the exchanges in dhcp-users@lists.isc.org and dhcwg@ietf.org for months now.  The first one is how I found this thread.  Please do not try to use the MAC address as a unique identifier for DHCPv6.  You will fundamentally break pfSense if you do and it will fly in the face of everything that has gone into DHCPv6 thus far.  The correct method is, as suggested, DUID and IAID.  I have been running IPv6 on three subnets for several months using Server 2008 as the DHCPv6 server and pfSense as the router with both Windows and FreeBSD clients.  All computers are multihomed to at least two of these subnets with no hitches on the DHCPv6 end (I still have router advertisement issues, which I hope is where you decide to focus your attention).

    The only real reason that I can discern for why people seem to want to use the MAC as a unique identifier in DHCPv6 is for provisioning; they want to know the host with this IPv4 address has that IPv6 address (and vice versa).  But I still haven't seen a sufficient reason to break DHCPv6 as it currently stands to accomplish this.

    Incidentally, I gave an example of the syntax for IAID usage in the client configuration file in a much older post in this forum.  I've tested this, so I know it works.



  • now DHCPv6 have been stop work suddenly.  I have use /64 for LAN. I don't  know why it is stop work for all client .  ???

    How I find reason and fix it now? what's DHCP6 version in PF2.1 ? is it 4.2.3-P2 ?


  • Rebel Alliance Developer Netgate

    I split the other DUID+IAID and discussion into another topic since it wasn't directly related to your original trouble thread, we got off on a tangent there worthy of its own thread.

    Not sure what it would just stop, I haven't seen it do that before. Mine has been running for months with no problems.



  • I maybe have find the reason,when I do Only IPv6  loadbalance use gateway groups. IPv6 can't loadbalance and aggregation?


  • Rebel Alliance Developer Netgate

    I haven't tried load balancing, just failover. It should work fine, in theory, so long as your NPt entries are right. But none of that has anything to do with DHCP…



  • "As with IPv4 you need to use the Gateway Groups on your LAN firewall rules. Edit your LAN rules for IPv6 traffic and make them use the gateway group"

    when I setup  LAN rule choose use ipv6 groups with gataway in only for IPv6, then DHCP6 can not nornal work.








  • 1





  • Rebel Alliance Developer Netgate

    Should be fixed in tomorrow's snaps (one is building now that doesn't have the fix, the next one will)



  • @jimp:

    Should be fixed in tomorrow's snaps (one is building now that doesn't have the fix, the next one will)

    good. Please check and fix for  http://forum.pfsense.org/index.php/topic,47595.0.html


  • Rebel Alliance Developer Netgate

    Completely unrelated to this thread, and I don't work on that part. Keep issues in their own threads, please.


Log in to reply