Dhcpd doing both IPv4 and IPv6?



  • In the "Services" menu, DHCP Server and DHCPv6 Server are separate pages, but in the dashboard, there's just a single line that indicates if dhcpd is running or not.

    Are just the settings separate, but a single DHCP server process handles both, or are there two dhcp servers?

    The reason I'm asking is, that for some reason none of my clients seem to get a DCHP IPv6 address. DHCP for IPv4 is disabled on pfSense, because that's provided by a server which doesn't do IPv6 DHCP, and dhcpd shows as running in Dashboard.

    Can I have one DHCP server serve IPv4, and another IPv6, or do they have to be the same host?


  • Rebel Alliance Developer Netgate

    It's the same daemon, invoked separately, once for 4, once for 6. You can use one, the other, both, or neither. Whatever you like.

    dhcpd  41231  0.0  0.6  8448  6248  ??  SNs  Wed08AM  0:27.01 /usr/local/sbin/dhcpd -user dhcpd -group _dhcp -chroot /var/dhcpd -cf /etc/dhcpd.conf -pf /var/run/dhcpd.pid em0
    dhcpd  43550  0.0  0.5  7680  5332  ??  SNs  Wed08AM  0:28.69 /usr/local/sbin/dhcpd -6 -user dhcpd -group _dhcp -chroot /var/dhcpd -cf /etc/dhcpdv6.conf -pf /var/run/dhcpdv6.pid em0



  • OK, thanks for the answer, then I have one problem, and pfSense may need some extra dashboard widget…

    My problem is, that despite DHCPv6 being configured and enabled on the LAN interface, it's not running, the only dhcpd I have running is the IPv4 one on my DMZ interface. That would explain why none of my machines end up accquiring IPv6 addresses, unless one can't have more than one machine per network segment acting as DHCP servers, even if one serves IPv4 and the other IPv6 addresses.

    As far as pfSense: if on 3 interfaces I could have up to 6 instances of dhcpd running, then the simple entry in the Service Status widget on the dashboard isn't really enough. Which one of the instances is up, which is down? Which do I stop/restart with that single line item? This would need a multi-line treatment which shows interface and IP version such that one knows the state of the affairs without resorting to the shell and grep-ing for dhcp entries in the list of processes.


  • Rebel Alliance Developer Netgate

    The daemon only runs once for 4, once for 6, regardless of the number of interfaces.

    The dhcp logs would show why it's not running, or it could be a combination of your settings.

    IF you have RA on in "assisted" mode, you clients could be getting both a DHCPv6 and SLAAC address and preferring the SLAAC IP. Without seeing the logs and knowing more about your exact config it's hard to speculate about what's wrong.



  • OK, thanks for the info.
    Turns out, the log was totally useless, because there were no errors, dhcp would simply not even launch.
    I disabled the Router Advertisements, and things started running…
    So the immediate problem is solved.

    I still think it would be useful to have two lines for dhcpd in the dashboard, because when one out of two dhcpd runs, it just shows up as running, leaving the user clueless about the fact that only one protocol is being served.

    Ronald


  • Rebel Alliance Developer Netgate

    Well if it tried to run, there would have been logs. If it was set not to run by some combination of DHCP and RA settings, then it wouldn't have run. (That's why I mentioned needing to know exactly how you had it set).

    The way our service control code works, it only looks at the executable name, which since this is the same for both, I'm not sure there is a way to separate the two without changing significant portions of the service control code.



  • @jimp:

    Well if it tried to run, there would have been logs. If it was set not to run by some combination of DHCP and RA settings, then it wouldn't have run. (That's why I mentioned needing to know exactly how you had it set).

    Well, any setting other than "disabled" for RA causes the issue, which is why I think it might be related to this issue here: http://forum.pfsense.org/index.php/topic,50221.0.html

    @jimp:

    The way our service control code works, it only looks at the executable name, which since this is the same for both, I'm not sure there is a way to separate the two without changing significant portions of the service control code.

    How does BSD report process names? By how they were invoked? Maybe then one could do hardlinks or symlinks as dhcpd4 and dhcpd6 that point to the same dhcpd executable, but are invoked by their aliases.



  • For DHCPv6 you need to set the RA mode to managed or assisted, and enable the DHCPv6 server specifically.

    You can also run the DHCPv6 server on another host.



  • @jimp:

    The way our service control code works, it only looks at the executable name, which since this is the same for both, I'm not sure there is a way to separate the two without changing significant portions of the service control code.

    I tested it: a hardlink to an executable will report the name of the hardlink in ps
    So we could make a hardlink from dhcpd to dhcpd6 and then simply use dhcpd for IPv4 and execute the hardlink dhcpd6 for the IPv6, and the two would/could show up separately in the dashboard.



  • we start dhcpd with both -4 and -6, so we should be able differentiate between the 2. That and we have 2 PID files too.



  • @databeestje:

    we start dhcpd with both -4 and -6, so we should be able differentiate between the 2. That and we have 2 PID files too.

    I know that, just thought because:

    @jimp:

    The way our service control code works, it only looks at the executable name, which since this is the same for both, I'm not sure there is a way to separate the two without changing significant portions of the service control code.

    So by using a hardlink, the service control code wouldn't need to change, that was all. Otherwise, sure, if the service control code is parsing the options passed to the executable it can be done without that trick.


Locked