[arch-projects] [netctl] Regarding commit fe5f0d6fe - "Restrict dhcpcd to IPv4"
The behaviour introduced by commit fe5f0d6fe is undesirable. To quote the manpage: "dhcpcd is also an implementation of an IPv6 Router Solicitor as specified in RFC 4861 and RFC 6106. dhcpcd can optionally handle address and route management itself, and will do so by default if Router Solicitation is disabled in the kernel. If dhcpcd is managing routes, dhcpcd sends Neighbor Solicitions to each advertising router periodically and will expire the ones that do not respond." What this doesn't mention is that it also reads DNS servers from Router Advertisements, which the kernel cannot do by itself. dhcpcd does not perform dhcpv6 as far as I know. IMO, we should remove the -4 flag from dhcpcd if IP6=stateless is set.
On Fri, Jun 14, 2013 at 6:45 PM, Thomas Bächler <thomas@archlinux.org> wrote:
The behaviour introduced by commit fe5f0d6fe is undesirable. To quote the manpage:
"dhcpcd is also an implementation of an IPv6 Router Solicitor as specified in RFC 4861 and RFC 6106. dhcpcd can optionally handle address and route management itself, and will do so by default if Router Solicitation is disabled in the kernel. If dhcpcd is managing routes, dhcpcd sends Neighbor Solicitions to each advertising router periodically and will expire the ones that do not respond."
What this doesn't mention is that it also reads DNS servers from Router Advertisements, which the kernel cannot do by itself. dhcpcd does not perform dhcpv6 as far as I know.
I'm not sure; it might do so nowadays. Does dhclient read DNS servers from RAs in IPv4 mode?
IMO, we should remove the -4 flag from dhcpcd if IP6=stateless is set.
The flag was added because in most situations leaving it out causes a timeout in acquiring an IPv6 lease. My initial thoughts: : If dhclient doesn't extract the addresses from RAs in IPv6 mode, we shouldn't expect dhcpcd to do so : If dhclient does, this might be a bug in dhcpcd - Jouke
Am 16.06.2013 10:35, schrieb Jouke Witteveen:
What this doesn't mention is that it also reads DNS servers from Router Advertisements, which the kernel cannot do by itself. dhcpcd does not perform dhcpv6 as far as I know.
I'm not sure; it might do so nowadays. Does dhclient read DNS servers from RAs in IPv4 mode?
I haven't check what dhclient does, but dhcpcd is definitely not a dhcpv6 client.
IMO, we should remove the -4 flag from dhcpcd if IP6=stateless is set.
The flag was added because in most situations leaving it out causes a timeout in acquiring an IPv6 lease.
My initial thoughts: : If dhclient doesn't extract the addresses from RAs in IPv6 mode, we shouldn't expect dhcpcd to do so : If dhclient does, this might be a bug in dhcpcd
dhclient != dhcpcd. dhclient has a complete dhcpv6 implementation, including prefix delegation, while dhcpcd is only a dhcp and ipv6 router solicitation client. My problem here is that the kernel cannot handle the extended information in RAs, like DNS. We need a client to do so and dhcpcd is the only one I know.
On Sun, Jun 16, 2013 at 10:55 AM, Thomas Bächler <thomas@archlinux.org> wrote:
Am 16.06.2013 10:35, schrieb Jouke Witteveen:
What this doesn't mention is that it also reads DNS servers from Router Advertisements, which the kernel cannot do by itself. dhcpcd does not perform dhcpv6 as far as I know.
I'm not sure; it might do so nowadays. Does dhclient read DNS servers from RAs in IPv4 mode?
I haven't check what dhclient does, but dhcpcd is definitely not a dhcpv6 client.
http://roy.marples.name/projects/dhcpcd/wiki/DhcpcdFeatures It says it is
IMO, we should remove the -4 flag from dhcpcd if IP6=stateless is set.
The flag was added because in most situations leaving it out causes a timeout in acquiring an IPv6 lease.
My initial thoughts: : If dhclient doesn't extract the addresses from RAs in IPv6 mode, we shouldn't expect dhcpcd to do so : If dhclient does, this might be a bug in dhcpcd
dhclient != dhcpcd. dhclient has a complete dhcpv6 implementation, including prefix delegation, while dhcpcd is only a dhcp and ipv6 router solicitation client.
My problem here is that the kernel cannot handle the extended information in RAs, like DNS. We need a client to do so and dhcpcd is the only one I know.
In that case, it would be nice if dhcpcd allowed more control over what it does do and what it doesn't. In IPv4-only configurations, I don't want dhcpcd to assign an IPv6 address. - Jouke
Am 16.06.2013 11:00, schrieb Jouke Witteveen:
On Sun, Jun 16, 2013 at 10:55 AM, Thomas Bächler <thomas@archlinux.org> wrote:
Am 16.06.2013 10:35, schrieb Jouke Witteveen:
What this doesn't mention is that it also reads DNS servers from Router Advertisements, which the kernel cannot do by itself. dhcpcd does not perform dhcpv6 as far as I know.
I'm not sure; it might do so nowadays. Does dhclient read DNS servers from RAs in IPv4 mode?
I haven't check what dhclient does, but dhcpcd is definitely not a dhcpv6 client.
http://roy.marples.name/projects/dhcpcd/wiki/DhcpcdFeatures
It says it is
That's interesting, I haven't seen the manpage refer to this at all. It lists the RFCs for everything it supports: DHCP, BOOTP, Router Solicitation - no mentions of dhcpv6. And then, there's the source code: dhcpcd-5.6.8/ipv6rs.c, line 819ff: if (rap->flags & (ND_RA_FLAG_MANAGED | ND_RA_FLAG_OTHER)) { if (new_data) syslog(LOG_WARNING, "%s: no support for DHCPv6 management", ifp->name); So, if your router advertises that dhcpv6 is available ("managed" or "other" flag), dhcpcd simply prints "no support for DHCPv6 management" to your syslog. If we keep our current approach, removing the -4 from dhcpcd in IP6=stateless mode (or even in all cases with IP6 != no) will only be useful.
In that case, it would be nice if dhcpcd allowed more control over what it does do and what it doesn't. In IPv4-only configurations, I don't want dhcpcd to assign an IPv6 address.
I think we should rethink our approach. In a non-static setup, why do we even want to configure ipv4 and ipv6 separately, when our dhcp clients can do it all combined? Sure, some people want to disable ipv4 or ipv6, but we can still allow that. Even explicitly configuring whether you want stateful or stateless configuration in IP6= doesn't serve much purpose: Once you get a Router Advertisement, it tells you whether stateful configuration is possible or even necessary. The user does not need to supply this information, as his network topology already knows - of course, you'd need a client that understands this information, which doesn't seem to be available *shrugs*.
Am 16.06.2013 11:20, schrieb Thomas Bächler:
Am 16.06.2013 11:00, schrieb Jouke Witteveen:
On Sun, Jun 16, 2013 at 10:55 AM, Thomas Bächler <thomas@archlinux.org> wrote:
Am 16.06.2013 10:35, schrieb Jouke Witteveen:
What this doesn't mention is that it also reads DNS servers from Router Advertisements, which the kernel cannot do by itself. dhcpcd does not perform dhcpv6 as far as I know.
I'm not sure; it might do so nowadays. Does dhclient read DNS servers from RAs in IPv4 mode?
I haven't check what dhclient does, but dhcpcd is definitely not a dhcpv6 client.
http://roy.marples.name/projects/dhcpcd/wiki/DhcpcdFeatures
It says it is
That's interesting, I haven't seen the manpage refer to this at all. It lists the RFCs for everything it supports: DHCP, BOOTP, Router Solicitation - no mentions of dhcpv6.
And then, there's the source code: dhcpcd-5.6.8/ipv6rs.c, line 819ff:
if (rap->flags & (ND_RA_FLAG_MANAGED | ND_RA_FLAG_OTHER)) { if (new_data) syslog(LOG_WARNING, "%s: no support for DHCPv6 management", ifp->name);
So, if your router advertises that dhcpv6 is available ("managed" or "other" flag), dhcpcd simply prints "no support for DHCPv6 management" to your syslog.
Oh, the git version seems to implement dhcpv6.
participants (2)
-
Jouke Witteveen
-
Thomas Bächler