Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

T6648: dhcpv6-server: align stateless DHCPv6 options with stateful #3970

Merged
merged 1 commit into from
Aug 12, 2024
Merged

T6648: dhcpv6-server: align stateless DHCPv6 options with stateful #3970

merged 1 commit into from
Aug 12, 2024

Conversation

lucasec
Copy link
Contributor

@lucasec lucasec commented Aug 12, 2024

Change Summary

As we've expanded the number of DHCPv6 options supported at the subnet level, we've left out the ability to set these new options at the shared-network level under the common-options config key.

Under the old ISC implementation, common-options was originally added to support stateless clients (DHCPv6 INFORMATION-REQUEST message). However, with Kea (and seemingly the old ISC implementation), it seems to also be useful as a way to specify options once that should be shared among all (stateful) subnets in the network. Additionally, in Kea, it seems the daemon will try to "infer" a subnet for stateless requests (looking at the interface parameter), and return those options.

As such, for all intents and purposes we should support the same set of options at both levels. In addition, I am proposing using the same config syntax and losing the separate common-options name.

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Code style update (formatting, renaming)
  • Refactoring (no functional changes)
  • Migration from an old Vyatta component to vyos-1x, please link to related PR inside obsoleted component
  • Other (please describe):

Related Task(s)

https://vyos.dev/T6648

Related PR(s)

Component(s) name

service dhcpv6-server

Proposed changes

This PR update the DHCPv6 server config to use the same include, option-v6.xml.in, at the shared-network level that is currently used at the subnet level. A migration script is also included to rename existing instances of common-options in peoples' configs to option.

Old config:

     dhcpv6-server {
         shared-network-name LANv6 {
             common-options {
                 domain-search mydomain.com
                 info-refresh-time 86400
                 name-server fdcc:2200:a8ee:2355::1
             }
             subnet fdcc:2200:a8ee:2355::0/64 {
                 interface eth1
                 subnet-id 1
             }
         }
     }

New config:

     dhcpv6-server {
         shared-network-name LANv6 {
             option {
                 domain-search mydomain.com
                 info-refresh-time 86400
                 name-server fdcc:2200:a8ee:2355::1
             }
             subnet fdcc:2200:a8ee:2355::0/64 {
                 interface eth1
                 subnet-id 1
             }
         }
     }

With the new config, you can now add additional options such as sntp-server at the shared-network level.

How to test

For a refresher on stateless DHCPv6 configuration:

New config:

 interfaces {
     // ...
     ethernet eth1 {
         address 10.23.55.1/24
         address fdcc:2200:a8ee:2355::1/64
         description LAN
     }
 }
 service {
     dhcpv6-server {
         shared-network-name LANv6 {
             option {
                 domain-search mydomain.com
                 info-refresh-time 86400
                 name-server fdcc:2200:a8ee:2355::1
                 sntp-server fdcc:2200:a8ee:2355::1
             }
             subnet fdcc:2200:a8ee:2355::0/64 {
                 interface eth1
                 subnet-id 1
             }
         }
     }
     // ... (omitted: dns forwarding config, ntp config) ...
     router-advert {
         interface eth1 {
             name-server fdcc:2200:a8ee:2355::1
             other-config-flag
             prefix ::/64 {
             }
         }
     }
  }

Once configured, you should see supported clients obtain their search domains (and possibly an NTP configuration) by sending a DHCPv6 INFORMATION_REQUEST packet when they join the network. Keep in mind that Android clients do not support DHCPv6.

Smoketest result

Checklist:

  • I have read the CONTRIBUTING document
  • I have linked this PR to one or more Phabricator Task(s)
  • I have run the components SMOKETESTS if applicable
  • My commit headlines contain a valid Task id
  • My change requires a change to the documentation
  • I have updated the documentation accordingly

@lucasec lucasec requested a review from a team as a code owner August 12, 2024 02:35
@github-actions GitHub Actions
Copy link

github-actions bot commented Aug 12, 2024
edited
Loading

👍
No issues in PR Title / Commit Title

@github-actions GitHub Actions
Copy link

github-actions bot commented Aug 12, 2024
edited
Loading

✅ No issues found in unused-imports check.. Please refer the workflow run

@c-po c-po enabled auto-merge August 12, 2024 20:24
@c-po c-po merged commit a21b795 into vyos:current Aug 12, 2024
9 checks passed
@lucasec lucasec deleted the t6648 branch August 13, 2024 03:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@c-po c-po c-po approved these changes

@sarthurdev sarthurdev sarthurdev approved these changes

@dmbaturin dmbaturin Awaiting requested review from dmbaturin dmbaturin was automatically assigned from vyos/reviewers

@zdc zdc Awaiting requested review from zdc zdc was automatically assigned from vyos/reviewers

@jestabro jestabro Awaiting requested review from jestabro jestabro was automatically assigned from vyos/reviewers

@fett0 fett0 Awaiting requested review from fett0 fett0 was automatically assigned from vyos/reviewers

@nicolas-fort nicolas-fort Awaiting requested review from nicolas-fort nicolas-fort was automatically assigned from vyos/reviewers

Assignees

@lucasec lucasec

Labels
current
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@lucasec @sarthurdev @c-po