(DHCP) Configuring Dynamic Host Configuration

Technical Note
Configuring Dynamic Host Configuration
Protocol version 6 (DHCPv6)
A guide to configuring
DHCPv6 on your Allied
Telesyn router.
Introduction
DHCP6 is available from Software Release 2.6.1. A knowledge of IPv6 is assumed
throughout this document.
Dynamic Host Configuration Protocol for IPv6 (DHCP6) delegates IPv6 prefixes,
and allocates IPv6 addresses. It offers Stateful Address Autoconfiguration, and
complements the Stateless Address Autoconfiguration described in RFC 2462
"IPv6 Stateless Address Autoconfiguration". Stateless Address Autoconfiguration
allows an IPv6-aware device to be plugged into a network, and given an IP
address without manual configuration.
DHCPv6 and address autoconfiguration are not mutually exclusive. For
example, autoconfiguration can be used to obtain the addresses and a DHCPv6
server can be utilised to retrieve options that the client may require such as a
list of available DNS servers or NTP servers. Unlike IPv4, an IPv6 client always
has a link-local address, it is never without an address, so in a worst-case
scenario it could still communicate with other hosts on the same link. Due to
the fact that the client initially sends a SOLICIT message to a link-local
multicast address, the DHCPv6 server must be on the same link to receive the
initial SOLICIT message. A SOLICIT message is a message sent by a client to
locate DHCP6 servers.
Who uses DHCPv6?
DHCP is particularly useful for ISPs to allocate IPv6 prefixes to customer sites.
The creation and allocation of complete IPv6 addresses is then performed by
IPv6 stateless address autoconfiguration.
Another example of using DHCP is a University with a central DHCPv6 server
allotting prefixes to various departments campus-wide.
DHCPv6 is not present in Allied Telesyn Software releases until 2.6.1. For
familiarisation with the IPv6 protocol, please see the IPv6 chapter in your Allied Telesyn
Software Reference Manual.
Copyright © 2003 Allied Telesyn International, Corp.
While every effort has been made to ensure that the information contained within this techical note is
accurate, Allied Telesyn International can not accept any liability for errors in, or omissions arising from the use
of this information.
2
Technical Note
What can DHCPv6 do?
When the router is configured as a DHCP6 server it can:
■
delegate prefixes to IPv6 subnets
This allows for an ease of address configuration. For example, if a company
moves ISPs they would require a different prefix to be assigned to the main
router. The router would then advertise this prefix and no reconfiguration
of the hosts should be necessary (apart from applications that rely on certain
addresses).
■
assign normal and temporary IPv6 addresses to devices.
An IPv6 address is a hexadecimal string, made up from eight pairs of octets
separated by colons, for example 3ffe:2::0:1. For more information about
IPv6 addresses, see the IPv6 chapter in your Allied Telesyn Software
Reference Manual. Normal addresses are renewed by the server for as long
as the device requires an address. Temporary addresses are assigned for a
limited time (lease time) and are usually allocated for privacy reasons, as
outlined in RFC 3041 “Privacy Extensions for Stateless Address
Autoconfiguration in IPv6”.
DHCP6 uses multicast and unicast addresses for communication similar to the
IPv4 broadcast address. Addresses reserved are:
■
FF02::1:2
This link scope multicast address is used by clients to communicate with
DHCP6 servers
■
FF05::1:3
This site scope multicast address is used by clients to communicate with
DHCP6 servers. When DHCP6 is configured, the router listens on this
address.
Security
The DHCP6 server and client allow for DHCP6 message authentication for
security purposes. The server and client maintain a pair of ‘keys’ and a ‘key-id’.
You can create the key on the server and copy it to the client, or the other way
around.
You can create a key and give it a key-id using the CREATE ENCO KEY
command, and then link each key to the required DHCP6 client using the
command ADD DHCP6 KEY.
IP Address Assignment Configuration
Example
This example illustrates the steps required to configure a DHCP6 server and
DHCP6 client.
DHCP6 Server Configuration
1.
Enable the IPv6 module.
Enable IPv6, using the command:
ENABLE IPV6
DHCPv6
C613-05019-00 REV A
25 August 2003
Technical Note
3
2.
Create the IPv6 interface.
Create the IPv6 interface that will respond to DHCPv6 messages, using the
command:
CREATE IPV6 INTERFACE=eth0
3.
Configure the IPv6 interface to receive its address from the DHCP6 server.
Configure the interface to receive its IPv6 address from DHCP6, using the
command:
ADD IPV6 INTERFACE=eth0 IPADDRESS=fec0::0001:0001/64
4.
Enable DHCP6 on the server.
To enable DHCP6 on the server, use the command:
ENABLE DHCP6
5.
Create a DHCP6 policy.
The DCHP6 policy will contain the details of the configuration given to the
client that makes a DHCP6 request.
CREATE DHCP6 POLI=sierra
6.
Create a DHCP6 range.
To configure the server to assign IP addresses to the clients, associate the
range of addresses with the policy and specify an address type of “norm”
CREATE DHCP6 RANGE=leone POLICY=sierra
IP=fec0:0001::0001/128-fec0:0001::ffff/128 TYPE=NORMAL
CREATE DHCP6 RANGE=nevada POLICY=sierra IP=fec0:0002::/64fec0:0010::/64 TYPE=PD
7.
Add configuration parameters to the policy.
In this example, the server assigns a T1 time and a T2 time to the client, in
seconds. After the T1 time, the client will ask the server to renew its lease of
the IPv6 address. If the client does not receive a reply to the Renew
messages after T2 seconds, it will attempt to find another DHCP6 server by
sending a multicast Rebind message.
ADD DHCP6 POLICY="sierra" T1TI=60
ADD DHCP6 POLICY="sierra" T2TI=120
8.
Link the policy to the interface.
ADD DHCP6 INTERFACE=eth0 POLICY=sierra
DHCP6 Client Configuration
1.
Enable the IPv6 module.
Enable IPv6, using the command:
ENABLE IPV6
2.
Create the IPv6 interface.
Create the IPv6 interface that will request the IPv6 address, using the
command:
CREATE IPV6 INTERFACE=eth0
DHCPv6
C613-05019-00 REV A
25 August 2003
4
Technical Note
3.
Configure the IPv6 interface to receive its address from the DHCP6 server.
Configure the interface to receive its IPv6 address from DHCP6, using the
command:
ADD IPV6 INT=eth0 IPADDRESS=dhcp
Screen outputs for DHCP6 and IPv6 “SHOW” commands are shown in Figures
1 to 5. Table 1 lists the figure number and a description of the figure.
Table 1: Listing of DHCP6 and IPv6 “SHOW” command outputs.
Figure Number
Description
Figure 1
SHOW DHCP6 SERVER
Information about the currently defined server entries that the
DCHP6 client has discovered.
Figure 2
SHOW IPV6 INTERFACE
Information about the interfaces configured for IPv6.
Figure 3
SHOW DHCP6 CLIENT
Information about currently defined client entries on the server.
Figure 4
Information about DHCP6 interfaces configured on the router.
SHOW DHCP6 INTERFACE
Figure 5
SHOW DHCP6 COUNTER
Information about DHCP6 counters.
Figure 1: Example output from the SHOW DHCP6 SERVER command.
DHCP6 Servers
------------------------------------------------------------------------------Interface .............. eth0
ServerID ............... 0x000386dd0090990a0241
Server Src Address ..... unknown
Reconfigure Key ........ 0x0faeb4e316e5ab204045cd9e26be6109
Primary DNS Server ..... Secondary DNS Server ... Server Preference ...... 0
Domain Search List .....
IAID ................ 0x00000200
IPv6 Address ..... fec0:0001::0001/128
Expiry ........... 15-May-2003 08:48:14
----------------------------------------------------------------------------
DHCPv6
C613-05019-00 REV A
25 August 2003
Technical Note
Figure 2: Example output from the SHOW IPV6 INTERFACE=eth0 command.
IPV6 Interface Configuration
---------------------------------------------------------------------Interface ................................ eth0
Ipv6 Interface Index ..................... 1
Link-layer address ....................... 00-00-cd-03-6e-cc
Link-layer state ......................... Up
EUI-64 Interface Identifier .............. 0200CDFFFE036ECC
IPSec .................................... No
True MTU/Link MTU ........................ 1500/1500
Multicast status ......................... Enabled
Send Router Advertizements ? ............. No
Ipv6 Interface Addresses :
Int Addresses PLen Decrement
Type Scope State Enabled Valid Preferred Publish
---------------------------------------------------------------------0 fe80::0200:cdff:fe03:6ecc /64 No
unicast link preferred Yes infinite infinite No
1 fec0:0001::0001 /64 No
unicast global preferred Yes 150 120 No
Figure 3: Example output from the SHOW DHCP CLIENT command.
DHCP6 Clients
------------------------------------------------------------------------------Interface .............. eth0
ClientID ............... 0x000386dd0000cd036ecc
Client Src Address ..... fe80::0200:cdff:fe03:6ecc
Reconfigure Key ........ 0x0faeb4e316e5ab204045cd9e26be6109
IAID ................ 0x00000200
IPv6 Address ..... fec0:0001::0001/128
Type ............. normal
Expiry ........... 15-May-2003 02:05:21
----------------------------------------------------------------------------
DHCPv6
C613-05019-00 REV A
25 August 2003
5
6
Technical Note
Figure 4: Example output from the SHOW DHCP6 INTERFACE=eth0 command.
DHCP6 Interfaces
------------------------------------------------------------------------------Interface .............. eth0
Type ................... Server Interface
Policy attached ........ sierra
No. of Clients ......... 1
Interface State ........ Manager DHCP Server> sh dhcp6 int=eth0 ran
Manager DHCP Server> sh dhcp6 range
DHCP6 Ranges
------------------------------------------------------------------------------Name: leone
Prefix Block : fec0:0001::0001/128 -->
fec0:0001::ffff/128
Range Type : normal
Policy : sierra
Address(es) in use : 1
--------------------------------------------------------------------fec0:0001::0001/128 (in use)
------------------------------------------------------------------------------Name: nevada
Prefix Block : fec0:0002::/64 -->
fec0:0010::/64
Range Type : pd
Policy : sierra
Address(es) in use : 0
---------------------------------------------------------------------
Figure 5: Example output from the SHOW DHCP6 COUNTER command.
DHCP6 Counters
------------------------------------------------------------------------------Interface: eth0
InAdvertise ..................... 0 OutAdvertise .................... 2
InConfirm ....................... 0 OutConfirm ...................... 0
InDecline ....................... 0 OutDecline ...................... 0
InFailedAuth .................... 0 OutFailedAuth ................... 0
InInfoRequest ................... 0 OutInfoRequest .................. 0
InRebind ........................ 0 OutRebind ....................... 0
InReconfigure ................... 0 OutReconfigure .................. 0
InRelayForward .................. 0 OutRelayForward ................. 0
InRelease ....................... 0 OutRelease ...................... 0
InRenew ......................... 2 OutRenew ........................ 0
InReply ......................... 0 OutReply ........................ 3
InRequest ....................... 1 OutRequest ...................... 0
InRelayReply .................... 0 OutRelayReply ................... 0
InSolicit ....................... 2 OutSolicit ...................... 0
DHCPv6
C613-05019-00 REV A
25 August 2003
Technical Note
7
Prefix Delegation Configuration Example
Prefix delegation means that the client has to request that prefixes be served
rather than individual addresses.
In the following example, Router 1 delegates a range of prefixes to the eth0
interface on Router 2. Router 2 applies these prefixes to devices attached to its
eth1 interface. A Windows® XP client could plug into eth1 on Router B and
receive its IPv6 address via Stateless Address Autoconfiguration (see
RFC 2462). Router advertisements must be turned on to allow the router to
advertise its prefixes to the clients for stateless configuration.
A real world example for this example is a University, which has a central
DHCPv6 server allotting prefixes to various departments.
This example uses the same DHCP6 server configuration as the previous
example.
Figure 6: Example configuration for a basic DHCPv6 network.
ROUTER 1:
SERVER
ROUTER 2:
CLIENT
eth0
eth0
eth1
dhcp6-1-700
Configure Router 2 as a DHCP6 client.
1.
Enable the IPv6 module.
Enable IPv6, using the command:
ENABLE IPV6
2.
Configure the IPv6 interface.
Create the IPv6 interfaces that will respond to DHCPv6 messages, using
the command:
CREATE IPV6 INTERFACE=eth0
CREATE IPV6 INTERFACE=eth1
3.
Link the policy to the IPv6 interface.
ADD IPV6 INTERFACE=eth0 IP=pd APPINT=eth1
4.
Enable IPv6 router advertisements.
Turn on router advertisements to allow the router to advertise its prefixes
to the clients, using the command:
ENABLE IPV6 ADVERTISE
Screen outputs for DHCP6 and IPv6 “SHOW” commands are shown in
Figure 7 to Figure 9. Table 2 lists the figure number and a description of the
figure.
DHCPv6
C613-05019-00 REV A
25 August 2003
8
Technical Note
Table 2: Listing of DHCP and IPv6 “SHOW” command outputs.
Figure Number
Description
Figure 7
SHOW IPV6 INTERFACE
Information about the interfaces configured for IPv6.
Figure 8
SHOW DHCP6 SERVER
Information about the currently defined server entries that the
DHCP6 client has discovered.
Figure 9
Information about DHCP6 interfaces that have been configured
SHOW DHCP6 INTERFACE on the router.
Figure 7: Example output from the SHOW IPv6 INTERFACE=eth0 command.
IPV6 Interface Configuration
---------------------------------------------------------------------Interface ................................ eth0
Ipv6 Interface Index ..................... 1
Link-layer address ....................... 00-00-cd-03-6e-cc
Link-layer state ......................... Up
EUI-64 Interface Identifier .............. 0200CDFFFE036ECC
IPSec .................................... No
True MTU/Link MTU ........................ 1500/1500
Multicast status ......................... Enabled
Send Router Advertizements ? ............. Yes
Ipv6 Interface Addresses :
Int Addresses PLen Decrement
Type Scope State Enabled Valid Preferred Publish
---------------------------------------------------------------------0 fe80::0200:cdff:fe03:6ecc /64 No
unicast link preferred Yes infinite infinite No
Manager B > sh ipv6 int=eth1
IPV6 Interface Configuration
---------------------------------------------------------------------Interface ................................ eth1
Ipv6 Interface Index ..................... 2
Link-layer address ....................... 00-00-cd-03-6e-cd
Link-layer state ......................... Up
EUI-64 Interface Identifier .............. 0200CDFFFE036ECD
IPSec .................................... No
True MTU/Link MTU ........................ 1500/1500
Multicast status ......................... Enabled
Send Router Advertizements ? ............. Yes
Ipv6 Interface Addresses :
Int Addresses PLen Decrement
Type Scope State Enabled Valid Preferred Publish
---------------------------------------------------------------------0 fe80::0200:cdff:fe03:6ecd /64 No
unicast link preferred Yes infinite infinite No
1 fec0:0002::0200:cdff:fe03:6ecd /64 No
unicast global preferred Yes infinite infinite Yes
DHCPv6
C613-05019-00 REV A
25 August 2003
Technical Note
Figure 8: Example output from the SHOW DHCP6 SERVER command.
DHCP6 Servers
------------------------------------------------------------------------------Interface .............. eth0
ServerID ............... 0x000386dd0090990a0241
Server Src Address ..... unknown
Reconfigure Key ........ 0x1cd4a9be4dd407bb1b47ade87eea6855
Primary DNS Server ..... Secondary DNS Server ... Server Preference ...... 0
Domain Search List .....
IPv6 Address ..... fec0:0002::/64
Expiry ........... never
----------------------------------------------------------------------------------------------------------------------------------------------------------
Figure 9: Example output from the SHOW DHCP6 INTERFACE=eth0 command.
DHCP6 Interfaces
------------------------------------------------------------------------------Interface .............. eth0
Type ................... Client/PD Interface
Policy attached ........ No. of Servers ......... 1
Interface State ........ BIND
Request Prefix ......... fec0:0002::
Request Length ......... 64
Apply Interface ...... eth1
Next 16-bit value .... 0
DHCPv6
C613-05019-00 REV A
25 August 2003
9
10
Technical Note
DHCPv6
C613-05019-00 REV A
25 August 2003