dhcpcd-discuss

Home Other Lists Thread Index Date Index Search
Thread Prev Thread Next Date Prev Date Next Thread Index Date Index

Re: Dynamic IPv6 Prefix Delegation

Roy Marples

Wed Aug 06 19:45:49 2014
On 2014-08-06 20:29, Timo Rothenpieler wrote:

After adding the following to my config:

authprotocol token
authtoken 1 fritz forever 1234567890

I get:

dhcpcd[4774]: enp2s0: DHCP messge too big
dhcpcd[4774]: enp2s0: authentication now required
dhcpcd[4774]: enp2s0: soliciting a DHCPv6 lease
dhcpcd[4774]: enp2s0: dhcp6_updateauth: No such process
dhcpcd[4774]: enp2s0: DHCP messge too big
dhcpcd[4774]: enp2s0: DHCP lease expired
dhcpcd[4774]: enp2s0: soliciting a DHCP lease
dhcpcd[4774]: enp2s0: DHCP messge too big
dhcpcd[4774]: enp2s0: DHCP messge too big
dhcpcd[4774]: enp2s0: DHCP messge too big
dhcpcd[4774]: timed out
dhcpcd[4774]: exited


That looks like a bug, I'll investigate tomorrow if time permits.


With authprotocol delayed i get a bunch of:

dhcpcd[5315]: enp2s0: no authentication from 192.168.178.1
dhcpcd[5315]: enp2s0: no authentication from fe80::a96:d7ff:fe07:e6a
...
dhcpcd[5315]: timed out
dhcpcd[5315]: exited


There aren't a lot of examples about these options around the net(I
haven't found a single one), and i'm not sure if i simply used them
wrong, or the FritzBox.

The FritzBox is a proprietary closed source router, i can't configure
the DHCP server on it more than ticking a checkbox which enables or
disables IA_PD, so it's very possible it simply doesn't support
authentication.


OK, so your initial setup was in-fact correct.
With no authentication set, dhcpcd should include the RECONF_ACCEPT option in the Option Request. The Fritz! box should send this option back with a token in the ADVERTISEMENT which dhcpcd will then use to authenticate Reconfigure messages.
You can use wireshark to verify this, email me offline a wireshark dump if you don't understand how to read it. I'd appreciate it anyway so I can confirm the error is with the Fritz! box. It's not the first time they've not followed the RFC's either ..... 


Is there a way to just force dhcpcd to ignore the need for
authentication, like for example with the "noauthrequired" option?


For reconfigure, no because of the MUST in the RFC.
dhcpcd never goes against a MUST.
If I did provide this option, it would be a new one, noreconfauthrequired or similar as the noauthrequired option is when you configure authentication on your laptop and home network but then move to a public network. This doesn't fit the above model we're talking about. 

Thanks

Roy
References:
Dynamic IPv6 Prefix DelegationTimo Rothenpieler
Re: Dynamic IPv6 Prefix DelegationRoy Marples
Re: Dynamic IPv6 Prefix DelegationTimo Rothenpieler
Archive administrator: postmaster@marples.name