Category Archives: IPV6

Linux DHCP IPV6 Host Server

I will do a very basic walkthrough of how to setup a Linux server to act as DHCP6 server for your network. Before we begin, we need to understand a few things that are different from IPV4. First thing is we cannot send a gateway with DHCP6.
Second we can only send IP address and DNS servers with DHCP6. So to accomplish both, we use radvd along with DHCP, the former sends the gateway, the latter sends the IP address and DNS servers to client. I will assume here you know how to install radvd and dhcp in linux so I won’t get into linux server administration. In order to be DHCPV6 stateful so we can assign addresses, both M and O Flags need to be set to 1 in radvd advertisement so clients know to go get the IP address from DHCP6 server. So for radvd our objective is simply to set advertisements on, and set the M and O flags bits.

My /etc/radvd.conf contains following:

interface br0
{
    AdvSendAdvert on;
    AdvManagedFlag on;
    AdvOtherConfigFlag on;
};

This is all you need. We are advertising, and setting the M and O bits here. Now radvd will send our clients our link-local gateway and tell them to go get their IPV6 information from DHCP. This is probably the most confusing part about this setup, there is NO way to send our real IPV6 gateway, clients only get the LINK-LOCAL gateway and from that must be able to get out to the internet. AGAIN I WILL REPEAT, they get your “Link-Local” gateway ie: “fe80::226:5aff:fe6b:ca8d”, not your real “2001:aaaa:bbbb::1” gateway. This is a limitation of the protocal, but it is not a big deal, we can still forward clients out a link-local gateway.

Ok now clients have our routers link-local gateway, now we can setup our dhcpd6.conf, and perhaps assign some static IPV6 addresses to some dhcp clients to since we like to know who is who. Only issue with IPV6 and static addresses is we can no longer use MAC Address, we need to use DUID of the client. This is also problematic since DUID is the same for all ethernet cards on each host. To solve that problem you can look into using DHCPv6 IAID, but since we only have 1 ethernet per client, we will only focus on DUID. Let us assume
we have a 2001:aaaa:bbbb::/48 to assign to clients.

Let us look at the bottom of my /etc/dhcp/dhcpd6.conf:

authoritative;

subnet6 2001:aaaa:bbbb::/48 {
  #lets range last octet from decimal 1000-65535 which in hex is : 3e8-ffff
  range6 2001:aaaa:bbbb::3e8 2001:aaaa:bbbb::ffff;
  option dhcp6.name-servers 2001:aaaa:bbbb::3,2001:aaaa:bbbb::4;
  option dhcp6.domain-search "sunsaturn.com";
} 

#you get this by typing "ipconfig /all" on windows machine and look for "DHCPv6 Client DUID"
#just separate with : instead of -        
host dandesktop { #unfortunately, same client-id for each ethernet card in same host, so only 1 will get an IPV6 address here
  host-identifier option dhcp6.client-id 00:01:00:01:1B:67:B6:C3:58:5B:39:45:07:90;
  fixed-address6 2001:aaaa:bbbb::5;
} 
host laptop { #unfortunately, same client-id for each ethernet card in same host, so only 1 will get an IPV6 address here
  host-identifier option dhcp6.client-id 00:01:00:01:1A:F5:AF:22:48:5B:39:3A:06:38;
  fixed-address6 2001:aaaa:bbbb::17; 
} 

So what I started doing was a standard catchall block, setting DNS servers and IPV6 addresses for clients I did not assign statically giving them an IPV6 address in range 2001:aaaa:bbbb::3e8 – 2001:aaaa:bbbb::ffff.

Then I assign 2 static IPV6 addresses to my desktop and my laptop. I ran “ipconfig /all” on the two Windows 8.1 machines and collected their DUID’s. Then used a search and replace program on the DUID to change all “-” characters with “:” characters to match format in the dhcpd6.conf file.

Now after we start dhcpd, make sure it is running:

router:/etc/dhcp# ps aux|grep dhcpd6
dhcpd    19531  0.0  0.0  47252  2640 ?        Ss   May04   0:00 /usr/sbin/dhcpd -6 -user dhcpd -group dhcpd -cf /etc/dhcp/dhcpd6.conf
root     22152  0.0  0.0 105304   880 pts/1    S+   00:05   0:00 grep dhcpd6
router:/etc/dhcp# 

Now if all goes well from radvd, clients will get the link-local “fe80::226:5aff:fe6b:ca8d” gateway, run off and check UDP port 546 on IPV6 to get our settings from dhcpd6.conf file for an IP address and the DNS servers, and voila we are done! If you have issues with clients, please checkout my other how to on setting up a windows dhcp client.

Until Next Time,

Dan.

Windows 8.1 enable DHCP IPV6 Client

How to enable a windows 8/8.1 client for IPV6 DHCP server
Before we start, a common problem with IPV6 not working is you have all these different interfaces when you look at “ipconfig /all”. At one point I disabled all my vmware and virtualbox interfaces, then also realized windows had these teredo and isatap interfaces also interfering with client.

A good set of commands to run if your clients are getting IPV6 from your DHCP server and not someone else is following:

netsh int ipv6 isatap set state disabled
netsh int ipv6 6to4 set state disabled
netsh interface teredo set state disable

This should make sure we do not have any conflicting interfaces. Now if IPV6 client still not working, make sure following settings are enabled on client

1) We start a powershell with “elevated” administrator privileges.
2) We list all interfaces, to get the number of the interface we want to enable IPV6 on.
3) In my case for wifi on laptop it is number 4, so we take that and list the settings for the interface.
4) In my case settings are already applied but we set routerdiscovery=enable managedaddress=enable anyways.

This should make sure your client is configured to pull IPV6 address from an IPV6 DHCP server.

PS C:Windowssystem32> netsh interface ipv6 show interfaces

Idx     Met         MTU          State                Name
---  ----------  ----------  ------------  ---------------------------
  3           5        1500  disconnected  Ethernet
  1          50  4294967295  connected     Loopback Pseudo-Interface 1
  4          25        1500  connected     Wi-Fi
  6          40        1500  disconnected  Bluetooth Network Connection
  7           5        1500  disconnected  Local Area Connection* 3

PS C:Windowssystem32> netsh int ipv6 show int 4

Interface Wi-Fi Parameters
----------------------------------------------
IfLuid                             : wireless_0
IfIndex                            : 4
State                              : connected
Metric                             : 25
Link MTU                           : 1500 bytes
Reachable Time                     : 25000 ms
Base Reachable Time                : 30000 ms
Retransmission Interval            : 1000 ms
DAD Transmits                      : 1
Site Prefix Length                 : 64
Site Id                            : 1
Forwarding                         : disabled
Advertising                        : disabled
Neighbor Discovery                 : enabled
Neighbor Unreachability Detection  : enabled
Router Discovery                   : enabled
Managed Address Configuration      : enabled
Other Stateful Configuration       : enabled
Weak Host Sends                    : disabled
Weak Host Receives                 : disabled
Use Automatic Metric               : enabled
Ignore Default Routes              : disabled
Advertised Router Lifetime         : 1800 seconds
Advertise Default Route            : disabled
Current Hop Limit                  : 64
Force ARPND Wake up patterns       : disabled
Directed MAC Wake up patterns      : disabled
ECN capability                     : application

PS C:Windowssystem32> netsh interface ipv6 set int 4 routerdiscovery=enable managedaddress=enable
Ok.

PS C:Windowssystem32>

If you want to setup a DHCP server, see my how to on setting up a Linux DHCP server.

So to finish off your going to want to make sure you run following 2 commands to make sure windows has not cached
any lease times for DHCP.

ipconfig /release6
ipconfig /renew6

Another thing to note is things like VMware workstation will make “ipconfig /renew6” hang. It will not affect you getting your dhcp interface information, it will just hang on their vmnet1 and vmnet8 drivers. A solution there is, put all VM’s in bridge only mode, then on vmnet1 and vmnet8 you can just disable ipv6 under properties, and good to go.

Until Next Time,

Dan.