Discussion:
[Dnsmasq-discuss] "no available addresses" with DHCPv6 stateful config
j***@boniface.me
2018-11-18 03:52:12 UTC
Permalink
Hello list!

I'm running into an issue with a DHCPv6-only dnsmasq setup, on versions
2.76 and 2.79 from Debian. I'm trying to set a DHCPv6 range and use the
wide-dhcpv6-client to get my clients IPv6 addresses. Note that all IPv6
addresses use a fake prefix for anonymity.

I run dnsmasq with the following command (embedded in another daemon
normally, but run manually here for testing):

sudo /usr/sbin/dnsmasq \
--bogus-priv \
--no-hosts \
--dhcp-authoritative \
--filterwin2k \
--expand-hosts \
--domain=test \
--local=/test/ \
--log-facility=- \
--log-dhcp \
--keep-in-foreground \
--bind-interfaces \
--interface=br1002 \
--except-interface=lo \
--listen-address=2001:ffff:1111::1 \
--dhcp-range=::2,::ffff,constructor:br1002,24h

That `listen-address` is definitely bound to the server side:

6: br1002: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 8800 qdisc noqueue
state UP group default qlen 1000
link/ether xx:xx:xx:xx:xx:xx brd ff:ff:ff:ff:ff:ff
inet6 2001:ffff:1111::1/64 scope global
valid_lft forever preferred_lft forever

What's happening is my DHCPv6 requests come in fine, but the server
reports "no available addresses" even though I have what appears to be a
valid range of available addresses:

dnsmasq-dhcp[746253]: 12629722 available DHCP range: 2001:ffff:1111::2
-- 2001:ffff:1111::ffff
dnsmasq-dhcp[746253]: 12629722 client MAC address: 52:54:00:5c:f1:32
dnsmasq-dhcp[746253]: 12629722 DHCPSOLICIT(br1002)
00:01:00:01:23:7e:62:3a:52:54:00:5c:f1:31
dnsmasq-dhcp[746253]: 12629722 DHCPADVERTISE(br1002)
00:01:00:01:23:7e:62:3a:52:54:00:5c:f1:31 no addresses available
dnsmasq-dhcp[746253]: 12629722 tags: dhcpv6, br1002
dnsmasq-dhcp[746253]: 12629722 sent size: 14 option: 1 client-id
00:01:00:01:23:7e:62:3a:52:54:00:5c:f1:31
dnsmasq-dhcp[746253]: 12629722 sent size: 14 option: 2 server-id
00:01:00:01:23:83:8e:6b:52:54:00:14:c5:11
dnsmasq-dhcp[746253]: 12629722 sent size: 24 option: 13 status 2 no
addresses available
dnsmasq-dhcp[746253]: 626033 available DHCP range: 2001:ffff:1111::2 --
2001:ffff:1111::ffff
dnsmasq-dhcp[746253]: 626033 client MAC address: 52:54:00:5c:f1:32
dnsmasq-dhcp[746253]: 626033 DHCPREQUEST(br1002)
00:01:00:01:23:7e:62:3a:52:54:00:5c:f1:31
dnsmasq-dhcp[746253]: 626033 DHCPREPLY(br1002)
00:01:00:01:23:7e:62:3a:52:54:00:5c:f1:31 no addresses available
dnsmasq-dhcp[746253]: 626033 tags: dhcpv6, br1002
dnsmasq-dhcp[746253]: 626033 sent size: 14 option: 1 client-id
00:01:00:01:23:7e:62:3a:52:54:00:5c:f1:31
dnsmasq-dhcp[746253]: 626033 sent size: 14 option: 2 server-id
00:01:00:01:23:83:8e:6b:52:54:00:14:c5:11
dnsmasq-dhcp[746253]: 626033 sent size: 24 option: 13 status 2 no
addresses available
dnsmasq-dhcp[746253]: 626033 sent size: 16 option: 23 dns-server
2001:ffff:1111::1

From my understanding of the man page and the older thread "Using IPv6
DHCP"
(http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2012q3/006306.html),
this should be all I need to get a stateful DHCPv6 configuration. I've
also tried every combination of options I can come up with in the
`dhcp-range` config without success. Even if I set `static` mode and use
a `dhcp-host` option for my test host, I get the exact same "no
addresses available" message.

SLAAC works fine when I add `enable-ra`, and `ra-stateless` to
`dhcp-range`, but this configuration to hand out only IPv6 addresses
statefully never seems to work as described in that thread. The goal is
to have a fully stateful DHCPv6 server that IPv6-only clients can get
addresses from and, most importantly, update dnsmasq with their hostname
(hence why I'm not using SLAAC or `ra-stateless`). The very specific
binding config is due to me running a separate dnsmasq instance for each
of an arbitrary number of interfaces.

Can anyone offer any advice on what I might be doing wrong here?

Thanks,
Joshua M. Boniface
Simon Kelley
2018-11-20 21:00:50 UTC
Permalink
This does seem odd. Would it be possible to capture the DHCP packets,
using wireshark or tcpdump? Send the dump directly to me if you don't
want to post it in public.

I'm not sure what the status of the WIDE client is - it's not common.
Maybe worth trying the ISC client instead, for quick fix. I can't see an
obvious problem with your config.



Cheers,

Simon.
Post by j***@boniface.me
sudo /usr/sbin/dnsmasq \
  --bogus-priv \
  --no-hosts \
  --dhcp-authoritative \
  --filterwin2k \
  --expand-hosts \
  --domain=test \
  --local=/test/ \
  --log-facility=- \
  --log-dhcp \
  --keep-in-foreground \
  --bind-interfaces \
  --interface=br1002 \
  --except-interface=lo \
  --listen-address=2001:ffff:1111::1 \
  --dhcp-range=::2,::ffff,constructor:br1002,24h
6: br1002: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 8800 qdisc noqueue
state UP group default qlen 1000
    link/ether xx:xx:xx:xx:xx:xx brd ff:ff:ff:ff:ff:ff
    inet6 2001:ffff:1111::1/64 scope global
       valid_lft forever preferred_lft forever
What's happening is my DHCPv6 requests come in fine, but the server
reports "no available addresses" even though I have what appears to be a
dnsmasq-dhcp[746253]: 12629722 available DHCP range: 2001:ffff:1111::2
-- 2001:ffff:1111::ffff
dnsmasq-dhcp[746253]: 12629722 client MAC address: 52:54:00:5c:f1:32
dnsmasq-dhcp[746253]: 12629722 DHCPSOLICIT(br1002)
00:01:00:01:23:7e:62:3a:52:54:00:5c:f1:31
dnsmasq-dhcp[746253]: 12629722 DHCPADVERTISE(br1002)
00:01:00:01:23:7e:62:3a:52:54:00:5c:f1:31 no addresses available
dnsmasq-dhcp[746253]: 12629722 tags: dhcpv6, br1002
dnsmasq-dhcp[746253]: 12629722 sent size: 14 option:  1 client-id 
00:01:00:01:23:7e:62:3a:52:54:00:5c:f1:31
dnsmasq-dhcp[746253]: 12629722 sent size: 14 option:  2 server-id 
00:01:00:01:23:83:8e:6b:52:54:00:14:c5:11
dnsmasq-dhcp[746253]: 12629722 sent size: 24 option: 13 status  2 no
addresses available
dnsmasq-dhcp[746253]: 626033 available DHCP range: 2001:ffff:1111::2 --
2001:ffff:1111::ffff
dnsmasq-dhcp[746253]: 626033 client MAC address: 52:54:00:5c:f1:32
dnsmasq-dhcp[746253]: 626033 DHCPREQUEST(br1002)
00:01:00:01:23:7e:62:3a:52:54:00:5c:f1:31
dnsmasq-dhcp[746253]: 626033 DHCPREPLY(br1002)
00:01:00:01:23:7e:62:3a:52:54:00:5c:f1:31 no addresses available
dnsmasq-dhcp[746253]: 626033 tags: dhcpv6, br1002
dnsmasq-dhcp[746253]: 626033 sent size: 14 option:  1 client-id 
00:01:00:01:23:7e:62:3a:52:54:00:5c:f1:31
dnsmasq-dhcp[746253]: 626033 sent size: 14 option:  2 server-id 
00:01:00:01:23:83:8e:6b:52:54:00:14:c5:11
dnsmasq-dhcp[746253]: 626033 sent size: 24 option: 13 status  2 no
addresses available
dnsmasq-dhcp[746253]: 626033 sent size: 16 option: 23 dns-server 
2001:ffff:1111::1
From my understanding of the man page and the older thread "Using IPv6
DHCP"
(http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2012q3/006306.html),
this should be all I need to get a stateful DHCPv6 configuration. I've
also tried every combination of options I can come up with in the
`dhcp-range` config without success. Even if I set `static` mode and use
a `dhcp-host` option for my test host, I get the exact same "no
addresses available" message.
SLAAC works fine when I add `enable-ra`, and `ra-stateless` to
`dhcp-range`, but this configuration to hand out only IPv6 addresses
statefully never seems to work as described in that thread. The goal is
to have a fully stateful DHCPv6 server that IPv6-only clients can get
addresses from and, most importantly, update dnsmasq with their hostname
(hence why I'm not using SLAAC or `ra-stateless`). The very specific
binding config is due to me running a separate dnsmasq instance for each
of an arbitrary number of interfaces.
Can anyone offer any advice on what I might be doing wrong here?
Thanks,
Joshua M. Boniface
_______________________________________________
Dnsmasq-discuss mailing list
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Joshua M. Boniface
2018-11-21 00:29:28 UTC
Permalink
Thanks a lot Simon, it does seem to be a WIDE issue - the DHCPv6 transaction works perfectly fine with the ISC client. I wasn't using WIDE for any particular reason over ISC, just an old habit/name recognition from years past, so I'm happy to move to what works best!

Thanks,
Joshua M. Boniface
Post by Simon Kelley
This does seem odd. Would it be possible to capture the DHCP packets,
using wireshark or tcpdump? Send the dump directly to me if you don't
want to post it in public.
I'm not sure what the status of the WIDE client is - it's not common.
Maybe worth trying the ISC client instead, for quick fix. I can't see an
obvious problem with your config.
Cheers,
Simon.
Post by j***@boniface.me
sudo /usr/sbin/dnsmasq \
  --bogus-priv \
  --no-hosts \
  --dhcp-authoritative \
  --filterwin2k \
  --expand-hosts \
  --domain=test \
  --local=/test/ \
  --log-facility=- \
  --log-dhcp \
  --keep-in-foreground \
  --bind-interfaces \
  --interface=br1002 \
  --except-interface=lo \
  --listen-address=2001:ffff:1111::1 \
  --dhcp-range=::2,::ffff,constructor:br1002,24h
6: br1002: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 8800 qdisc noqueue
state UP group default qlen 1000
    link/ether xx:xx:xx:xx:xx:xx brd ff:ff:ff:ff:ff:ff
    inet6 2001:ffff:1111::1/64 scope global
       valid_lft forever preferred_lft forever
What's happening is my DHCPv6 requests come in fine, but the server
reports "no available addresses" even though I have what appears to be a
dnsmasq-dhcp[746253]: 12629722 available DHCP range: 2001:ffff:1111::2
-- 2001:ffff:1111::ffff
dnsmasq-dhcp[746253]: 12629722 client MAC address: 52:54:00:5c:f1:32
dnsmasq-dhcp[746253]: 12629722 DHCPSOLICIT(br1002)
00:01:00:01:23:7e:62:3a:52:54:00:5c:f1:31
dnsmasq-dhcp[746253]: 12629722 DHCPADVERTISE(br1002)
00:01:00:01:23:7e:62:3a:52:54:00:5c:f1:31 no addresses available
dnsmasq-dhcp[746253]: 12629722 tags: dhcpv6, br1002
dnsmasq-dhcp[746253]: 12629722 sent size: 14 option:  1 client-id 
00:01:00:01:23:7e:62:3a:52:54:00:5c:f1:31
dnsmasq-dhcp[746253]: 12629722 sent size: 14 option:  2 server-id 
00:01:00:01:23:83:8e:6b:52:54:00:14:c5:11
dnsmasq-dhcp[746253]: 12629722 sent size: 24 option: 13 status  2 no
addresses available
dnsmasq-dhcp[746253]: 626033 available DHCP range: 2001:ffff:1111::2 --
2001:ffff:1111::ffff
dnsmasq-dhcp[746253]: 626033 client MAC address: 52:54:00:5c:f1:32
dnsmasq-dhcp[746253]: 626033 DHCPREQUEST(br1002)
00:01:00:01:23:7e:62:3a:52:54:00:5c:f1:31
dnsmasq-dhcp[746253]: 626033 DHCPREPLY(br1002)
00:01:00:01:23:7e:62:3a:52:54:00:5c:f1:31 no addresses available
dnsmasq-dhcp[746253]: 626033 tags: dhcpv6, br1002
dnsmasq-dhcp[746253]: 626033 sent size: 14 option:  1 client-id 
00:01:00:01:23:7e:62:3a:52:54:00:5c:f1:31
dnsmasq-dhcp[746253]: 626033 sent size: 14 option:  2 server-id 
00:01:00:01:23:83:8e:6b:52:54:00:14:c5:11
dnsmasq-dhcp[746253]: 626033 sent size: 24 option: 13 status  2 no
addresses available
dnsmasq-dhcp[746253]: 626033 sent size: 16 option: 23 dns-server 
2001:ffff:1111::1
From my understanding of the man page and the older thread "Using IPv6
DHCP"
(http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2012q3/006306.html),
this should be all I need to get a stateful DHCPv6 configuration. I've
also tried every combination of options I can come up with in the
`dhcp-range` config without success. Even if I set `static` mode and use
a `dhcp-host` option for my test host, I get the exact same "no
addresses available" message.
SLAAC works fine when I add `enable-ra`, and `ra-stateless` to
`dhcp-range`, but this configuration to hand out only IPv6 addresses
statefully never seems to work as described in that thread. The goal is
to have a fully stateful DHCPv6 server that IPv6-only clients can get
addresses from and, most importantly, update dnsmasq with their hostname
(hence why I'm not using SLAAC or `ra-stateless`). The very specific
binding config is due to me running a separate dnsmasq instance for each
of an arbitrary number of interfaces.
Can anyone offer any advice on what I might be doing wrong here?
Thanks,
Joshua M. Boniface
_______________________________________________
Dnsmasq-discuss mailing list
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
_______________________________________________
Dnsmasq-discuss mailing list
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Loading...