Exploring dhcpy6d, a DHCP server for IPv6 networks

Not Just Addresses

Advertising a Server

Before clients on a LAN segment even start trying to obtain their addresses and configurations via DHCPv6, they first need to know that a DHCPv6 server available on their network. A client that activates its IPv6 configuration first sends a router solicitation. The client then receives a response from the router (or routers). An Unmanaged flag in the prefix of the response (router advertisement) prompts the client to build its own address from the prefix (using the EUI-64, 64-bit extended unique identifier method [8] or a random method for anonymous addresses).

If the flag is set to Managed, the DHCPv6 process initiates. The router on the network on which dhcpy6d is running needs to use this Managed flag in its advertisements. The project website suggests the following configuration for the widespread radvd (Linux IPv6 router advertisement daemon) [9]:

interface eth0 {
AdvSendAdvert on;
AdvManagedFlag on;

Radvd should not announce the prefix explicitly.

The dhcpy6d.conf file

Dhcpy6d maps the described logic in two configuration files: dhcpy6d.conf and client.conf. The client.conf file contains the entries for the clients, although a relational database will do fine.

The dhcpy6d.conf file is divided into sections with names in square brackets. The [dhcpy6d] block collects the general configuration parameters. Listing 1 shows the dhcpy6d.conf file used in our lab. Line 2 specifies the interface on which the service operates. Multiple space-separated entries are possible.

Listing 1


01 [dhcpy6d]
02 interface = eth1
04 store_config = file
05 store_file_config = ./client.conf
07 store_volatile = sqlite
08 store_sqlite_volatile = ./volatile.sqlite
10 log = on
11 log_file = ./dhcpy6d.log
13 really_do_it = yes
15 dns_update = yes
16 dns_update_nameserver = 2001:db8:5::1
17 dns_rndc_key = rndc-key
18 dns_rndc_secret = FmZGJuHr/4+LkuxBc628Qg==
19 dns_use_client_hostname = no
20 domain_search_list = lmtest
22 [address_default]
23 category = mac
24 pattern = 2001:db8:1::$mac$
26 [address_special]
27 category = mac
28 pattern = 2001:db8::$mac$
29 dns_update = yes
30 dns_zone = lmtest
31 dns_rev_zone = 8.b.d.
33 [class_special]
34 addresses = special
35 nameserver = 2001:db8:5::1

Lines 4 and 5 determine where the client definitions reside and define their format as text files (file). If you specify none for store_volatile, you will prevent dhcpy6d from processing individual clients. In addition to file, sqlite and mysql are also possible. Lines 10 and 11 specify where the service should write its logfile. If you were to set the log_console parameter to on, dhcpy6d would log directly to stdout. Line 13 is very important; you mustn't forget to switch the service on.

The block in lines 15 to 19 dictates the parameters for entering the clients in a name server. The last parameter specifies that the hostname sent by the client is not used, but a hostname from the client.conf file is used instead. Unfortunately, you can only globally specify the list of DNS domains in which a client should search, rather than specifying the class.

The [address_default] block specifies a network block to which dhcpy6d appends the MAC address. In addition to the mac category, other options are also possible:

  • range, to specify a from-to range.
  • id, to allocate an ID in the client definition.
  • random, to use a random number.

The second address block in lines 26 to 31 determines that a DNS update should take place, and the forward and reverse zones are specified. The entry in line 34 must match the name of the address range – several ranges are also possible. The only parameter this class expects is the name server's IPv6 address.

The client.conf File

The client.conf file contains each client's data; Listing 2 provides an example with only one client. The identifier is in the square brackets. Dhcpy6d uses the hostname for the entry in DNS. The MAC address is used to identify the client; you can also specify multiple addresses.

Listing 2


01 [testclient]
02 hostname = v6client
03 mac = 02:01:02:03:04:09
04 address = 2001:db8::5555
05 class = special

The parameter in line 4 contains an address that the client receives in addition to the address from the template in the address range. Finally, the last line allocates the client to its class. Instead of the MAC, the system administrator may also use one or more DUIDs with the DUID parameter.

After modifying both configuration files for your own setup and with dhcpy6d running on the router, type ifconfig on the client; if the output is similar to Listing 3, you can start to celebrate your success.

Listing 3

ifconfig Shows the IPv6 Assignment

eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
      inet6 2001:db8::201:203:409  prefixlen 64  scopeid 0x0<global>
      inet6 2001:db8::5555  prefixlen 64  scopeid 0x0<global>
      inet6 fe80::1:2ff:fe03:409  prefixlen 64  scopeid 0x20<link>
      ether 02:01:02:03:04:09  txqueuelen 1000  (Ethernet)

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Autoconfiguring IPv6 Clients

    Most clients on a network need both an address and some environmental information such as a name server or a web proxy. This article investigates whether a recent operating system on an IPv6-only LAN can handle this.

  • Migrating your network to IPv6
    Abraham Lincoln once said, "Give me six hours to chop down a tree and I will spend the first four sharpening the axe." The transition to IPv6 is a big step for many organizations. Careful planning and a systematic approach are critical to a successful migration.
  • Setting up and managing IPv6 on Windows Server 2016
    Windows Server 2016 automatically prefers IPv6 addresses, if available, but the manual configuration steps differ from IPv4 and necessitate new tools. Here's how to approach IPv6 in your daily admin work.
  • Neglected IPv6 Features

    IPv6 is establishing itself in everyday IT life, and all modern operating systems from Windows, through Mac OS X, to Linux have it on board; but if you let IPv6 introduce itself into your environment, you could be in for some unpleasant surprises.

  • IPv6 security on IPv4-only networks
    Even though corporations are looking to move to IPv6, in some situations networks still rely exclusively on IPv4. We discuss ways to minimize delays and unsatisfactory behavior in mixed IPv4/IPv6 IT environments.
comments powered by Disqus