Bug #6880
closedMultiple DHCP6 WAN connections leads to multiple dhcp6c clients
100%
Description
When configuring multiple interfaces as DHCP6, such as PPPoE DSL and Cable, multiple dhcp6c processes get started, one per interface. This leads to problems, as only the first started dhcp6c will work properly, as dhcp6c binds to *::546
This leads to the second started dhcp6c answers being picked up by the first started, which starts to emit the error message "unexpected interface (%d)" when the wrong dhcp6c receives a reply.
The fix is to run only one dhcp6c and have a combined config file. For example, I might have /var/etc/dhcp6c_wan.conf and /var/etc/dhcp6c_opt3.conf, which should be merged.
Two processes will be started:
/usr/local/sbin/dhcp6c -D -c dhcp6c_wan.conf -p /var/run/dhcp6c_em0.pid -f em0
/usr/local/sbin/dhcp6c -D -c dhcp6c_opt3.conf -p /var/run/dhcp6c_pppoe0.pid -f pppoe0
A working combined config looks like this
interface pppoe0 { send ia-na 0; # request stateful address send ia-pd 0; # request prefix delegation request domain-name-servers; request domain-name; script "/var/etc/dhcp6c_opt3_script.sh"; # we'd like some nameservers please }; id-assoc na 0 { }; id-assoc pd 0 { prefix ::/56 infinity; prefix-interface em3_vlan6 { sla-id 1; sla-len 8; }; prefix-interface em3_vlan5 { sla-id 2; sla-len 8; }; }; interface em0 { send ia-na 1; # request stateful address send ia-pd 1; # request prefix delegation request domain-name-servers; request domain-name; script "/var/etc/dhcp6c_wan_script.sh"; # we'd like some nameservers please }; id-assoc na 1 { }; id-assoc pd 1 { prefix-interface em3 { sla-id 0; sla-len 0; }; };
And the process would be launched like
/usr/local/sbin/dhcp6c -dD -c dhcp6c.conf -p /var/run/dhcp6c.pid -f em0 pppoe0
Related issues
Updated by Jim Pingle almost 8 years ago
- Status changed from New to Confirmed
- Assignee deleted (
Jim Pingle) - Target version set to Future
Confirmed. The daemon is binding to all interfaces, which prevents the second one from operating properly.
Changing the dhcp6c process to use a single config and instance will require significant work to implement for little gain. At this time, a single LAN cannot utilize prefixes from both WANs until other features such as #4881 are implemented. Therefore, at the moment having a second DHCPv6 WAN is of little use.
Updated by → luckman212 almost 8 years ago
I have a dual WAN 2.3.2-p1 system with only one of the WANs configured for DHCP6 (not PPPoE, just Ethernet) and I am hitting this issue too. Not sure if it's quite the same bug, but the end result of winding up with multiple instances of dhcp6c running (and losing v6 connectivity as a result) is the same.
Updated by Martin Wasley almost 8 years ago
Its not, it's a problem that appears from time to time and is quite intermittent. In 2.4b changes have been made which hopefully nai!s this issue of multiple fhcp6c clients.
Updated by → luckman212 almost 8 years ago
Ok great, I will definitely try 2.4b then. If you happen to know which commits are relevant to that fix I'd love to look at them.
Updated by Martin Wasley almost 8 years ago
If you update to the latest snapshot then you can try patch ID: cdb6c8ac8e65f98a2ac0fa469c963c055a5c522d
There are a couple of subsequent minor commits to that, but they are cosmetic and/or minor function call changes that do not affect the overall operation.
Try it and post back your results please.
Updated by → luckman212 almost 8 years ago
Thanks. I first checked out master and didn't find that commit... then drank some coffee & realized it's a PR still under review by Renato. Looks like it is ready to be merged. Will test shortly.
Updated by Renato Botelho almost 8 years ago
Luke Hamburg wrote:
Thanks. I first checked out master and didn't find that commit... then drank some coffee & realized it's a PR still under review by Renato. Looks like it is ready to be merged. Will test shortly.
PR has been merged, but there were a couple of minor problems there, fixed in 31677494e659768a12d134641bbd4453d2c0a03c
Updated by Daniel Helgenberger over 6 years ago
Luke Hamburg wrote:
Thanks. I first checked out master and didn't find that commit... then drank some coffee & realized it's a PR still under review by Renato. Looks like it is ready to be merged. Will test shortly.
The comments about this commit are a little bit confusing. This is issue is still not fixed, right? (Issue is open and I am facing the same issue). I'd like to open a pull request for this one if it is not already in the works.
Updated by Tony Martino about 6 years ago
Daniel Helgenberger wrote:
Luke Hamburg wrote:
Thanks. I first checked out master and didn't find that commit... then drank some coffee & realized it's a PR still under review by Renato. Looks like it is ready to be merged. Will test shortly.
The comments about this commit are a little bit confusing. This is issue is still not fixed, right? (Issue is open and I am facing the same issue). I'd like to open a pull request for this one if it is not already in the works.
This is not fixed. I just posted about it in the community forum (https://forum.netgate.com/topic/133538/with-multiple-ipv6-wan-connections-dhcp6c-broken) and then found this report.
Renato, do you have an update on this? Any way I can help get this fixed?
Updated by Zachary Hill about 6 years ago
In a similar vein, but a bit different: it's also important to be able to have multiple id-assoc pd n
stanzas for even a single interface. I'm aware it's a bit unorthodox, but it's supported by the daemon, and it's necessary in my network as I have AT&T UVerse residential ISP with an NVG589 router/gateway that doesn't properly support me requesting my whole /60 (or anything larger than /64) in one go, I have to separately send multiple /64 PD requests.
A working config for me looks like this: (generated by a functional setup on my EdgeRouter X, though I've been unsuccessful in adapting it on pfSense, something about being unable to apply the address to the desired interface)
interface eth0 {
send ia-na 0;
request domain-name-servers, domain-name;
send rapid-commit;
send ia-pd 0;
send ia-pd 1;
script "/opt/vyatta/sbin/ubnt-dhcp6c-script";
};
id-assoc na 0 {};
id-assoc pd 0 {
prefix ::/64 infinity;
prefix-interface eth1 {
sla-id 0;
sla-len 0;
};
};
id-assoc pd 1 {
prefix ::/64 infinity;
prefix-interface eth2 {
sla-id 0;
sla-len 0;
};
};
I'm not sure the currently planned fix will also cover my use-case (which I assume isn't unique) but I just wanted to add a bit of info to the conversation. I can open up another issue if this would be considered separate or unrelated.
Updated by Moritz Hartwig almost 6 years ago
I have the same issue.
Is there still some work on this bug?
Thanks!
Updated by Holger Glemser over 5 years ago
What's the status here? I'm waiting for the fix, too.
Jim Pingle wrote:
Changing the dhcp6c process to use a single config and instance will require significant work to implement for little gain. At this time, a single LAN cannot utilize prefixes from both WANs until other features such as #4881 are implemented. Therefore, at the moment having a second DHCPv6 WAN is of little use.
I cannot agree with the "of little use" part. I have multiple (V)LANs and want to distribute them between my two WANs, i.e. have some configured to track WAN1 and some to track WAN2 which is easily configurable in the UI in the "Track IPv6 Interface" section of the interface configuration. However, this bug causes this not to work.
Updated by Car F over 4 years ago
I have the same problem with 2.4.5-p1. Still no fix?
Updated by Kris Phillips almost 4 years ago
Confirmation that issue is still present in 2.4.5p1.
Log messages:
dhcp6c 4633 Sending Solicit
dhcp6c 38399 unexpected interface (1)
Updated by Caleb Carges almost 4 years ago
Just ran into this and #4881 now that our backup ISP also has native v6. Looks like I'll have to work around it by hand for now when in a pinch, by setting that interface to DHCPv6 and configuring NPt specifically when the backup is needed.
Updated by Tobias Meyer almost 4 years ago
We too see this issue. Two upstream DHCP6 lines. The confusing thing is, this works somehow, but with intermittent problems. The order in which the pppoe connection and the cable line are started seem to make a difference.
Updated by Car F over 3 years ago
Issue is getting worse with 2.5.1-RC. This is unacceptable!
Updated by Flole Systems over 3 years ago
I am using this dirty fix (plus a manually generated config file specified for both interfaces in the Webinterfaces), my interfaces are hardcoded in the patch (eth10 and eth11):
--- /etc/inc/interfaces.inc
+++ /etc/inc/interfaces.inc
@@ -3904,8 +3904,8 @@
function find_dhcp6c_process($interface) {
global $g;
- if ($interface && isvalidpid("{$g['varrun_path']}/dhcp6c_{$interface}.pid")) {
- $pid = trim(file_get_contents("{$g['varrun_path']}/dhcp6c_{$interface}.pid"), " \n");
+ if ($interface && isvalidpid("{$g['varrun_path']}/dhcp6c.pid")) {
+ $pid = trim(file_get_contents("{$g['varrun_path']}/dhcp6c.pid"), " \n");
} else {
return(false);
}
@@ -3966,8 +3966,8 @@
$i++;
}
/* Clear the RTSOLD script created lock & tidy up */
- unlink_if_exists("/tmp/dhcp6c_{$interface}_lock");
- unlink_if_exists("{$g['varrun_path']}/dhcp6c_{$interface}.pid"); // just in case!
+ unlink_if_exists("/tmp/dhcp6c_lock");
+ unlink_if_exists("{$g['varrun_path']}/dhcp6c.pid"); // just in case!
}
function reset_dhcp6client_process($interface) {
@@ -3993,15 +3993,15 @@
* lock deleted.
*/
- if (!file_exists("/tmp/dhcp6c_{$interface}_lock")) {
+ if (!file_exists("/tmp/dhcp6c_lock")) {
kill_dhcp6client_process($interface, true);
/* Lock it to avoid multiple runs */
- touch("/tmp/dhcp6c_{$interface}_lock");
+ touch("/tmp/dhcp6c_lock");
mwexec("/usr/local/sbin/dhcp6c {$debugOption} " .
"{$noreleaseOption} " .
"-c {$g['varetc_path']}/dhcp6c_{$interface_name}.conf " .
- "-p {$g['varrun_path']}/dhcp6c_{$interface}.pid " .
- $interface);
+ "-p {$g['varrun_path']}/dhcp6c.pid " .
+ "eth10 eth11");
log_error(sprintf(gettext(
"Starting dhcp6 client for interface wan %s in DHCP6 without RA mode"),
$interface));
@@ -5021,7 +5021,6 @@
$dhcp6cscriptwithoutra .= "echo \$dreason > /tmp/{$wanif}_reason\n";
$dhcp6cscriptwithoutra .= "case \$REASON in\n";
$dhcp6cscriptwithoutra .= "REQUEST)\n";
- $dhcp6cscriptwithoutra .= "/bin/sleep 2\n";
$dhcp6cscriptwithoutra .= "/usr/sbin/rtsold -1 -p {$g['varrun_path']}/rtsold_{$wanif}.pid -M {$g['varetc_path']}/rtsold_{$wanif}_script.sh -O {$g['varetc_path']}/rtsold_{$wanif}_script.sh {$wanif}\n";
if ($debugOption == '-D') {
$dhcp6cscriptwithoutra .= "/usr/bin/logger -t dhcp6c \"dhcp6c REQUEST on {$wanif} - running rtsold\"\n";
@@ -5188,7 +5187,7 @@
*
* Taking the interface down or releasing will kill the client.
*/
- if (!file_exists("/tmp/dhcp6c_{$wanif}_lock"))
+ if (!file_exists("/tmp/dhcp6c_lock"))
{
/*
* If the interface is being brought up, wait for the
This may not work for everyone but for me it work's and that's whats important to me.
Updated by Viktor Gurov about 3 years ago
Updated by Flole Systems about 3 years ago
Has the fix been merged yet? What's the current status? Can we set the target version appropriately as there is now a PR pending so it should be merged soon-ish?
Updated by Jim Pingle almost 3 years ago
- Target version changed from Future to CE-Next
- Plus Target Version set to 22.05
Updated by Jim Pingle almost 3 years ago
- Status changed from Confirmed to Pull Request Review
Updated by Renato Botelho almost 3 years ago
- Assignee changed from Renato Botelho to Viktor Gurov
Updated by Viktor Gurov over 2 years ago
- Status changed from Pull Request Review to Feedback
- % Done changed from 0 to 100
Applied in changeset dd3d48af87c892a070210f0064e589157868e7c2.
Updated by Viktor Gurov over 2 years ago
- Related to Bug #12823: Multiple DHCP6 WAN connections PPPoE interface 'defached' status added
Updated by Jim Pingle over 2 years ago
- Target version changed from CE-Next to 2.7.0
Updated by Jim Pingle over 2 years ago
- Status changed from Feedback to Resolved
This looks excellent on the latest snapshot.
On 22.01 each interface has a separate configuration and only one of the interfaces obtains an address.
On 22.05 there is a single combined configuration file, both interfaces get an address, both have online/working gateways, I can ping upstream on both from the firewall itself and from delegated prefixes from both WANs.
Renato mentioned there may still be a lingering issue if both WANs are PPPoE but that can be handled in a separate Redmine issue for a future release. The multiple DHCP6 case appears to be working perfectly now.
Updated by Jim Pingle over 2 years ago
- Related to Bug #13253: ``dhcp6c`` is not restarted when applying settings when multiple WANs are configured for DHCP6 added
Updated by Jim Pingle over 2 years ago
- Has duplicate Bug #13353: DHCPv6 (still) doesn't work properly with multiple interfaces added