1. Forum
  2. Usenet
  3. LINUX.DEBIAN.MAINT.IPV6

  • static lease is ignored

    From Andrea Borgia@21:1/5 to All on Sat Aug 17 11:50:02 2019
    Hi.

    I have two "testing" installations with corresponding static lease in
    the router; in its logs I see the lease gets requested and granted.

    Problem is, both systems do not adopt that address but they have:
    - a /128 (different from the lease, unknown origin) marked "scope global noprefixroute"
    - a /64 marked "scope global temporary dynamic"
    - another /64 marked "scope global mngtmpaddr noprefixroute"
    - a link-local address

    The end result is name resolution fails and systems are only reachable
    via ipv4 fallback. Privacy-wise the system is already preferring the PE address, which is good.

    How I find out the origin of that /128 and, most important, the reason
    why the lease is ignored? Both systems are using type 4 DUID, though it probably doesn't matter as long as the router has a matching entry.

    Thanks,
    Andrea.

    P.S.: this is a spin-off from an earlier post on OpenWRT's forum: https://forum.openwrt.org/t/stale-dhcpv6-leases-under-network-dhcp-and-dns/42535/7

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Chris Bell@21:1/5 to All on Sun Aug 18 13:40:01 2019
    On Saturday, 17 August 2019 11:45:47 BST Andrea Borgia wrote:
    Hi.

    I have two "testing" installations with corresponding static lease in
    the router; in its logs I see the lease gets requested and granted.

    Problem is, both systems do not adopt that address but they have:
    - a /128 (different from the lease, unknown origin) marked "scope global noprefixroute"
    - a /64 marked "scope global temporary dynamic"
    - another /64 marked "scope global mngtmpaddr noprefixroute"
    - a link-local address

    The end result is name resolution fails and systems are only reachable
    via ipv4 fallback. Privacy-wise the system is already preferring the PE address, which is good.

    How I find out the origin of that /128 and, most important, the reason
    why the lease is ignored? Both systems are using type 4 DUID, though it probably doesn't matter as long as the router has a matching entry.

    Thanks,
    Andrea.

    P.S.: this is a spin-off from an earlier post on OpenWRT's forum: https://forum.openwrt.org/t/stale-dhcpv6-leases-under-network-dhcp-and-dns/4 2535/7
    DHCP was originally designed for IPv4, and some servers do not provide a comparable IPv6 service. To add to the confusion, mobile devices often work best (or only!) with IPv6 Router Advertisement, RA, provided by routers and gateways. This caused a headache for Microsoft when they decided to make their own headquarters IPv6 only, but Microsoft had not even attempted to design a system compatible with RA.
    RA is able to inform devices which address ranges should be used where, while all devices should be able to decide which address to use when attempting to access any other device. Each device should compare the destination address with all their own alternatives and choose the one with the greatest number of shared leading binary digits. I also run BIND9 as a local reference for DHCP servers, with configurations for all network names and "ARPA" reverse lookups. All local routing is done to box_name.network_name.
    It has taken time, and I am still learning. If you decide to try Shorewall(6) then all network names must be no greater than 3 characters, and not begin
    with a numeral.

    --
    Chris Bell
    Website http://chrisbell.org.uk

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Andrea Borgia@21:1/5 to All on Sun Aug 18 20:30:01 2019
    Il 18/08/19 13:23, Chris Bell ha scritto:


    It has taken time, and I am still learning. If you decide to try Shorewall(6) then all network names must be no greater than 3 characters, and not begin with a numeral.

    I'm running OpenWRT and I do not anticipate changing it anytime soon:
    changing the whole setup without a valid reason would just be adding complication to complication and I'm already a master at that without
    external help ;)

    Especially since in my own network there is at least one host, a raspi, behaving just as expected: requesting the lease, getting it and then
    actually using it.

    I'd like to understand how the current Debian "testing" goes about
    acquiring an IPV6 address to get to the bottom of this, in other words.

    Andrea.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Andrea Borgia@21:1/5 to All on Mon Aug 19 00:20:01 2019
    Il 18/08/19 20:23, Andrea Borgia ha scritto:

    I'd like to understand how the current Debian "testing" goes about
    acquiring an IPV6 address to get to the bottom of this, in other words.

    (public) note to self: it works MUCH better when a dhcpv6 "solicit"
    message is quickly followed by a "request". If anything, say a firewall,
    were to block the reply to "solicit", fat chance that it'll ever work!

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)