Project

General

Profile

Bug #6880

Multiple DHCP6 WAN connections leads to multiple dhcp6c clients

Added by Roy Hooper almost 3 years ago. Updated 7 months ago.

Status:
Confirmed
Priority:
Normal
Category:
DHCP (IPv6)
Target version:
Start date:
10/28/2016
Due date:
% Done:

0%

Estimated time:
Affected Version:
2.3.2
Affected Architecture:
All

Description

When configuring multiple interfaces as DHCP6, such as PPPoE DSL and Cable, multiple dhcp6c processes get started, one per interface. This leads to problems, as only the first started dhcp6c will work properly, as dhcp6c binds to *::546

This leads to the second started dhcp6c answers being picked up by the first started, which starts to emit the error message "unexpected interface (%d)" when the wrong dhcp6c receives a reply.

The fix is to run only one dhcp6c and have a combined config file. For example, I might have /var/etc/dhcp6c_wan.conf and /var/etc/dhcp6c_opt3.conf, which should be merged.
Two processes will be started:
/usr/local/sbin/dhcp6c -D -c dhcp6c_wan.conf -p /var/run/dhcp6c_em0.pid -f em0
/usr/local/sbin/dhcp6c -D -c dhcp6c_opt3.conf -p /var/run/dhcp6c_pppoe0.pid -f pppoe0

A working combined config looks like this

interface pppoe0 {
    send ia-na 0;   # request stateful address
    send ia-pd 0;   # request prefix delegation
    request domain-name-servers;
    request domain-name;
    script "/var/etc/dhcp6c_opt3_script.sh"; # we'd like some nameservers please
};
id-assoc na 0 { };
id-assoc pd 0 {
    prefix ::/56 infinity;
    prefix-interface em3_vlan6 {
        sla-id 1;
        sla-len 8;
    };
    prefix-interface em3_vlan5 {
        sla-id 2;
        sla-len 8;
    };
};

interface em0 {
    send ia-na 1;   # request stateful address
    send ia-pd 1;   # request prefix delegation
    request domain-name-servers;
    request domain-name;
    script "/var/etc/dhcp6c_wan_script.sh"; # we'd like some nameservers please
};
id-assoc na 1 { };
id-assoc pd 1 {
    prefix-interface em3 {
        sla-id 0;
        sla-len 0;
    };
};

And the process would be launched like
/usr/local/sbin/dhcp6c -dD -c dhcp6c.conf -p /var/run/dhcp6c.pid -f em0 pppoe0

History

#1 Updated by Jim Thompson almost 3 years ago

  • Assignee set to Jim Pingle

#2 Updated by Jim Pingle almost 3 years ago

  • Status changed from New to Confirmed
  • Assignee deleted (Jim Pingle)
  • Target version set to Future

Confirmed. The daemon is binding to all interfaces, which prevents the second one from operating properly.

Changing the dhcp6c process to use a single config and instance will require significant work to implement for little gain. At this time, a single LAN cannot utilize prefixes from both WANs until other features such as #4881 are implemented. Therefore, at the moment having a second DHCPv6 WAN is of little use.

#3 Updated by Jim Thompson almost 3 years ago

  • Assignee set to Renato Botelho

#4 Updated by Luke Hamburg over 2 years ago

I have a dual WAN 2.3.2-p1 system with only one of the WANs configured for DHCP6 (not PPPoE, just Ethernet) and I am hitting this issue too. Not sure if it's quite the same bug, but the end result of winding up with multiple instances of dhcp6c running (and losing v6 connectivity as a result) is the same.

#5 Updated by Martin Wasley over 2 years ago

Its not, it's a problem that appears from time to time and is quite intermittent. In 2.4b changes have been made which hopefully nai!s this issue of multiple fhcp6c clients.

#6 Updated by Luke Hamburg over 2 years ago

Ok great, I will definitely try 2.4b then. If you happen to know which commits are relevant to that fix I'd love to look at them.

#7 Updated by Martin Wasley over 2 years ago

If you update to the latest snapshot then you can try patch ID: cdb6c8ac8e65f98a2ac0fa469c963c055a5c522d

There are a couple of subsequent minor commits to that, but they are cosmetic and/or minor function call changes that do not affect the overall operation.

Try it and post back your results please.

#8 Updated by Luke Hamburg over 2 years ago

Thanks. I first checked out master and didn't find that commit... then drank some coffee & realized it's a PR still under review by Renato. Looks like it is ready to be merged. Will test shortly.

#9 Updated by Renato Botelho over 2 years ago

Luke Hamburg wrote:

Thanks. I first checked out master and didn't find that commit... then drank some coffee & realized it's a PR still under review by Renato. Looks like it is ready to be merged. Will test shortly.

PR has been merged, but there were a couple of minor problems there, fixed in 31677494e659768a12d134641bbd4453d2c0a03c

#10 Updated by Daniel Helgenberger over 1 year ago

Luke Hamburg wrote:

Thanks. I first checked out master and didn't find that commit... then drank some coffee & realized it's a PR still under review by Renato. Looks like it is ready to be merged. Will test shortly.

The comments about this commit are a little bit confusing. This is issue is still not fixed, right? (Issue is open and I am facing the same issue). I'd like to open a pull request for this one if it is not already in the works.

#11 Updated by Tony Martino about 1 year ago

Daniel Helgenberger wrote:

Luke Hamburg wrote:

Thanks. I first checked out master and didn't find that commit... then drank some coffee & realized it's a PR still under review by Renato. Looks like it is ready to be merged. Will test shortly.

The comments about this commit are a little bit confusing. This is issue is still not fixed, right? (Issue is open and I am facing the same issue). I'd like to open a pull request for this one if it is not already in the works.

This is not fixed. I just posted about it in the community forum (https://forum.netgate.com/topic/133538/with-multiple-ipv6-wan-connections-dhcp6c-broken) and then found this report.

Renato, do you have an update on this? Any way I can help get this fixed?

#12 Updated by Zachary Hill about 1 year ago

In a similar vein, but a bit different: it's also important to be able to have multiple id-assoc pd n stanzas for even a single interface. I'm aware it's a bit unorthodox, but it's supported by the daemon, and it's necessary in my network as I have AT&T UVerse residential ISP with an NVG589 router/gateway that doesn't properly support me requesting my whole /60 (or anything larger than /64) in one go, I have to separately send multiple /64 PD requests.

A working config for me looks like this: (generated by a functional setup on my EdgeRouter X, though I've been unsuccessful in adapting it on pfSense, something about being unable to apply the address to the desired interface)

interface eth0 {
        send ia-na 0;
        request domain-name-servers, domain-name;
        send rapid-commit;
        send ia-pd 0;
        send ia-pd 1;
        script "/opt/vyatta/sbin/ubnt-dhcp6c-script";
};

id-assoc na 0 {};

id-assoc pd 0 {
        prefix ::/64 infinity;
        prefix-interface eth1 {
                sla-id 0;
                sla-len 0;
        };
};

id-assoc pd 1 {
        prefix ::/64 infinity;
        prefix-interface eth2 {
                sla-id 0;
                sla-len 0;
        };
};

I'm not sure the currently planned fix will also cover my use-case (which I assume isn't unique) but I just wanted to add a bit of info to the conversation. I can open up another issue if this would be considered separate or unrelated.

#13 Updated by Moritz Hartwig 11 months ago

I have the same issue.
Is there still some work on this bug?
Thanks!

#14 Updated by Holger Glemser 7 months ago

What's the status here? I'm waiting for the fix, too.

Jim Pingle wrote:

Changing the dhcp6c process to use a single config and instance will require significant work to implement for little gain. At this time, a single LAN cannot utilize prefixes from both WANs until other features such as #4881 are implemented. Therefore, at the moment having a second DHCPv6 WAN is of little use.

I cannot agree with the "of little use" part. I have multiple (V)LANs and want to distribute them between my two WANs, i.e. have some configured to track WAN1 and some to track WAN2 which is easily configurable in the UI in the "Track IPv6 Interface" section of the interface configuration. However, this bug causes this not to work.

Also available in: Atom PDF