IPv6 Foun­da­tion Part 6: IPv6 DHCP (DHCPv6)

IPv6 Foundation Part 6 - IPv6 DHCP
How IPv6 DHCP works, how to con­fig­ure a DHCPv6 Serv­er on Cis­co and Lin­ux and a DHCP Client! Find your answers and more in the ulti­mate free IPv6 Mas­ter Class!

Table of Con­tents

About this course

So you are inter­est­ed in IPv6, which is absolute­ly great!

IPv6 is not only the future of net­work­ing, it is already here today! All the big play­ers on the Inter­net are already IPv6 enabled and it is now time for you to join the par­ty!

This course cov­ers all major aspects of the new Inter­net Pro­to­col and what changed, com­pared to IPv4. You will under­stand the fun­da­men­tals and be ahead of your peers that are still on the sink­ing ship of IPv4! As of today, there are no IPv4 address­es left and we have no oth­er option but to go ahead and deploy IPv6.

IPv6 Act Now

IPv6 Foun­da­tion Part 6: IPv6 DHCP (DHCPv6)

All about DHCPv6 and Dynam­ic Address Assign­ment

The Dynam­ic Host Con­fig­u­ra­tion Pro­to­col (DHCP) in Ver­sion 6 was cre­at­ed to sup­port auto­mat­ic IPv6 address­ing using DHCP, like it was com­mon with IPv4. Back in the day in the IPv4 World, we did not have auto­mat­ic con­fig­u­ra­tion of address­es like we do with SLAAC now.

You have learned before, that there also was no pos­si­bil­i­ty to tell a client the router’s IP address (default gate­way) nor the address of the DNS servers.

All this can be done using our built-in ICMPv6 toolk­it, which I find absolute­ly great. For some imple­men­ta­tions and some net­works it might make sense to imple­ment anoth­er solu­tion: DHCPv6

DHCPv6 is the state­ful alter­na­tive to SLAAC. Remem­ber, the S in SLAAC comes from state­less. State­less means, the state is not record­ed, so the address gen­er­at­ed by a client is not essen­tial­ly known to the infra­struc­ture and is not essen­tial­ly the same every time. In large deploy­ments, engi­neers might want to do state­ful address assign­ment and keep record which client received which IPv6 address at which time. This can also help ful­fill strict secu­ri­ty require­ments in larg­er com­pa­nies.

To the res­cue comes DHCPv6!

DHCPv6 has been defined in many RFCs, the most recent one being RFC8415. It can pro­vide SLAAC hosts with addi­tion­al infor­ma­tion which is not com­mon­ly pro­vid­ed by SLAAC, such as DNS servers.

Yes, I told you before, DNS can be sup­plied inside a Router Adver­tise­ment mes­sage (RA). There is RFC6106 for announc­ing DNS servers with RA, but this was most­ly not imple­ment­ed by the net­work­ing ven­dors and thus could not be used in pro­duc­tion very well. RFC6106 was since obso­let­ed by a new RFC8106.

DHCPv6 also sup­ports IPv6 Pre­fix Del­e­ga­tion which is com­mon with DSL routers and some Inter­net ser­vice providers, to receive not only the pub­lic IP address (upstream pre­fix), but also a glob­al­ly rout­ed pre­fix for use in the local net­work (down­stream pre­fix) from the provider.

How DHCPv6 works

On a high-lev­el overview, DHCPv6 uses UDP Port 546 for the client and UDP Port 547 for the serv­er and fol­lows these sim­ple steps:

  • the DHCP Unique Iden­ti­fi­er (DUID) is sent by the client to request an address
  • the DHCPv6 serv­er checks the DUID with the DHCPv6 data­base for reser­va­tion or pool
  • the IPv6 address is announced by DHCP serv­er to the client

 

The detailed tech­ni­cal steps are:

  1. the DHCP client sends a solic­it from its Link-Local address to mul­ti­cast group ff02::1:2 (all DHCP servers)
  2. the DHCP serv­er replies with an adver­tise mes­sage from its Link-Local address to the Link-Local address of the client (remem­ber, both have to be link-local as the client has no oth­er address yet!)
  3. the DHCP client replies with a request mes­sage from its Link-Local address to mul­ti­cast group ff02::1:2 (all DHCP servers)
  4. the DHCP serv­er ends the com­mu­ni­ca­tion with the assign­ment of an address and reply­ing from its Link-Local address to the Link-Local address of the client

DHCPv6 Exam­ple #1: How to con­fig­ure a Cis­co DHCPv6 Serv­er & Client

Let’s do a lab togeth­er as an exam­ple how DHCPv6 works.

You can copy and paste the sam­ple con­fig­u­ra­tion to real hard­ware or vir­tu­al machines. Or, if you pre­fer, you can just read and not try out for your­self.

How to Con­fig­ure a Cis­co DHCPv6 Serv­er

! Cisco DHCPv6 Server
!
hostname R1
!
ipv6 unicast-routing
ipv6 cef
ipv6 dhcp pool test
  address prefix 2010:AA01:10::/64 lifetime infinite infinite
  dns-server AAAA:BBBB:10FE:100::15
  dns-server 2010:AA01::15
  domain-name example.com
!
!
!
interface G0/0/1
no ip address
duplex auto
speed auto
ipv6 address 2010:AA01:10::2/64
ipv6 dhcp server test rapid-commit
!
end

How to Con­fig­ure a Cis­co DHCPv6 Client

! Cisco DHCPv6 Client
!
hostname R2
!
ipv6 unicast-routing
ipv6 cef
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
ipv6 address dhcp rapid-commit
ipv6 enable
!
end

How to trou­bleshoot a Cis­co DHCPv6 Serv­er

Here are some exam­ple trou­bleshoot­ing com­mands you can use on Cis­co gear in regards to the DHCPv6 ser­vice:

Show Cis­co DHCPv6 Address Pools
R1# show ipv6 dhcp pool
DHCPv6 pool: test
  Address allocation prefix: 2010:AA01:10::/64 valid 4294967295 preferred 4294967295 (1 in use, 0 conflicts)
  DNS server: AAAA:BBBB:10FE:100::15
  DNS server: 2010:AA01::15
  Domain name: example.com
  Active clients: 1
Show Cis­co DHCPv6 Serv­er Bind­ings (Allo­ca­tions)
R2# show ipv6 dhcp binding
Client: FE80::C801:88FF:FEAC:1C
DUID: 00030001CA0188AC0000
Username : unassigned
IA NA: IA ID 0x00040001, T1 43200, T2 69120
Address: 2010:AA01:10:0:
         D16D:EC61:EDCB:8BD1
     preferred lifetime INFINITY, , valid lifetime INFINITY,
Show Cis­co DHCPv6 Client Sta­tus (Inter­faces)
R2# show ipv6 dhcp interface
FastEthernet1/0 is in client mode
Prefix State is IDLE
Address State is OPEN
Renew for address will be sent in 11:17:16
List of known servers:
Reachable via address: FE80::C800:88FF:FEAC:1C
DUID: 00030001CA0088AC0000
Preference: 0
Configuration parameters:
IA NA: IA ID 0x00040001, T1 43200, T2 69120
Address: 2010:AA01:10:0:D16D:EC61:
  EDCB:8BD1/128
  preferred lifetime INFINITY, valid lifetime INFINITY
DNS server: AAAA:BBBB:10FE:100::15
DNS server: 2010:AA01::15
Domain name: example.com
Information refresh time: 0
Prefix Rapid-Commit: disabled
Address Rapid-Commit: enabled

DHCPv6 Exam­ple #2: How to con­fig­ure a Lin­ux DHCPv6 Serv­er using ISC dhcpd

One of the most com­mon DHCPv6 imple­men­ta­tions is still the ISC dhcpd serv­er that runs on UNIX and Lin­ux and sup­ports IPv6 since ver­sion 4. You can try these exam­ple con­fig­u­ra­tions on a vir­tu­al machine our your own host.

How to Con­fig­ure a UNIX/Linux DHCPv6 Serv­er

Serv­er ISC dhcpd6:

First edit the con­fig­u­ra­tion file in /etc/dhcp/dhcpd6.conf:

default-lease-time 600;
max-lease-time 7200; 
log-facility local7; 
subnet6 2001:db8:0:1::/64 {
        # Range for clients
        range6 2001:db8:0:1::129 2001:db8:0:1::254;

 

        # Range for clients request­ing a tem­po­rary address
        range6 2001:db8:0:1::/64 tem­po­rary;

        # Addi­tion­al options
        option dhcp6.name-servers fec0:0:0:1::1;
        option dhcp6.domain-search “domain.example”;

        # Pre­fix range for del­e­ga­tion to sub-routers
        prefix6 2001:db8:0:100:: 2001:db8:0:f00:: /56;

        # Exam­ple for a fixed host address

        host spe­cial­client {
host-iden­ti­fi­er option dhcp6.client-id 00:01:00:01:4a:
1f:ba:e3:60:b9:1f:01:23:45;

        fixed-address6 2001:db8:0:1::127;
    } 
}

And then restart the dhcpd6 dae­mon using the init sys­tem of your Lin­ux dis­tri­b­u­tion.

How to Con­fig­ure a Debian GNU/Linux DHCPv6 Client

Your con­fig­u­ra­tion is in the file /etc/network/interfaces:

auto eth0
iface eth0 inet6 dhcp

Now restart your net­work­ing stack and check out your brand new IPv6 con­nec­tiv­i­ty!

How to Con­fig­ure IPv6 SLAAC on UNIX/Linux

For State­less Address Auto­con­fig­u­ra­tion (SLAAC) you just need to put this one line into your net­work­ing con­fig­u­ra­tion at /etc/network/interfaces:

iface eth0 inet6 auto

Same here — please restart your net­work­ing stack now and enjoy your brand new IPv6!

Thank You

Thank you for attend­ing the Orig­i­nal IPv6 Foun­da­tion Mas­ter Class! You can book­mark this site to use it as a quick ref­er­ence in case you need to re-read some­thing and you can share this page to social media and your friends and col­leagues. Stay tuned to this blog for more in-depth sto­ries like this one.

Rec­om­mend­ed Resources for addi­tion­al read­ing

Apart from the links through­out this course I rec­om­mend the fol­low­ing resources for addi­tion­al infor­ma­tion:

  1. The Inter­net Soci­ety (ISOC) IPv6 Por­tal
  2. Test your IPv6 con­nec­tiv­i­ty on test-ipv6.com
  3. The offi­cial IANA list of assigned IPv6 address space is very inter­est­ing
  4. The Google IPv6 deploy­ment sta­tis­tics
  5. The RIPE NCC IPv6 work­ing group and mail­ing list

Book rec­om­men­da­tions on IPv6

I can rec­om­mend the fol­low­ing 3 books (Ama­zon refer­ral links) which I enjoyed read­ing:

This con­cludes IPv6 Foun­da­tion Part 6: IPv6 DHCP (DHCPv6) of the orig­i­nal IPv6 Foun­da­tion Mas­ter Class.

Pre­vi­ous Part: IPv6 Foun­da­tion Part 5: IPv6 Con­fig­u­ra­tion, EUI-64, SLAAC & Dual Stack

Next Part: IPv6 Foun­da­tion Part 7: IPv6 on Win­dows

Share this post

Share on pocket
Share on reddit
Share on facebook
Share on twitter
Share on linkedin
Share on xing