Re: IPv6 duplicate address detection: 'dadfailed' flag not set when dhcpcd gets a duplicate v6 address
Roy Marples
Wed Nov 30 11:18:21 2016
Hi
On 29/11/2016 21:38, Shahid Mahmood wrote:
> Testing IPv6 duplicate address detection.
>
> A duplicate IPv6 is present on the network (say device B), configured
> statically with ip address 2001::200/64.
>
> Configure a dhcp server (saw dnsmasq), with only one IP in the range,
> 2001::200/64, same one that is used by device B.
>
> Device A: running dhcpcd, in ipv6 mode.
>
> Server/client complete the dhcpv6 transaction
> (Solicit/Advertise/Request/Reply)
>
> Client does not show any indication of IPv6 address on the interface:
> # ip -6 addr
> 2: eth0: <BROADCAST,MULTICAST,ALLMULTI,UP,LOWER_UP> mtu 1500 state UP
> qlen 1000
> inet6 fe80::xxxxxxxxxxxxxxxxx/64 scope link
> valid_lft forever preferred_lft forever
>
> dhcpcd syslog:
> Nov 29 21:29:15 dhcpcd-6.11.5 starting
> Nov 29 21:29:15 eth0: IPv6 kernel autoconf disabled
> Nov 29 21:29:15 forking to background
> Nov 29 21:29:15 forked to background, child pid 1478
> Nov 29 21:29:15 eth0: executing `dhcpcd-run-hooks' PREINIT
> Nov 29 21:29:15 eth0: executing `dhcpcd-run-hooks' CARRIER
> Nov 29 21:29:15 DUID 00:01:00:01:xxxxxxxxxxxxxxxxx
> Nov 29 21:29:15 eth0: IAID 54:9a:cd:3b
> Nov 29 21:29:15 eth0: reading lease `/var/run/dhcpcd-eth0.lease6'
> Nov 29 21:29:16 eth0: confirming prior DHCPv6 lease
> Nov 29 21:29:16 eth0: delaying CONFIRM6 (xid 0x282d94), next in 0.7 seconds
> Nov 29 21:29:16 eth0: broadcasting CONFIRM6 (xid 0x282d94), next in 1.0
> seconds
> Nov 29 21:29:16 eth0: REPLY6 received from xxxxxxxxxxxx
> Nov 29 21:29:16 eth0: adding address 2001::200/128
> Nov 29 21:29:16 eth0: pltime 3600 seconds, vltime 3600 seconds
> Nov 29 21:29:16 eth0: renew in 1800, rebind in 3150, expire in 3600 seconds
> Nov 29 21:29:16 eth0: writing lease `/var/run/dhcpcd-eth0.lease6'
> Nov 29 21:29:16 eth0: waiting for DHCPv6 DAD to complete
>
>
> If I attempt to configure the same address manually, things work as
> expected:
>
> # ip -6 addr
> 2: eth0: <BROADCAST,MULTICAST,ALLMULTI,UP,LOWER_UP> mtu 1500 state UP
> qlen 1000
> inet6 fe80::xxxxxxxxxxxxxx/64 scope link
> valid_lft forever preferred_lft forever
>
> # ip -6 addr add 2001::200/64 dev eth0
>
> # ip -6 addr
> 2: eth0: <BROADCAST,MULTICAST,ALLMULTI,UP,LOWER_UP> mtu 1500 state UP
> qlen 1000
> inet6 2001::200/64 scope global tentative dadfailed
> valid_lft forever preferred_lft forever
> inet6 fe80::xxxxxxxxxxxxxxxx/64 scope link
> valid_lft forever preferred_lft forever
>
> Am I missing something?
The address from DHCPv6 is always in the /128 range - ie a single host.
Any prefix information has to come from a 3rd party - manually added or
a Router Advert.
You manually added a /64. Try adding a /128.
What's worrying is that the 200/128 isn't on the interface and dhcpcd
didn't log it's removal at all.
It could be that the kernel (or something else) removed the 200/128
address once dad failed and dhcpcd missed it - that is most likely.
To be truthful, I've only done DaD testing recently with RA assigned
addresses and not DHCPv6 ones. I've also been working heavily on FreeBSD
and OpenBSD support issues, so I've not focused on Linux recently
either. I'll try and look into it over the next few days.
Roy
Archive administrator: postmaster@marples.name