Help with DHCPv6 client-identifiers

Jiri Popelka jpopelka at redhat.com
Fri Nov 25 14:01:41 UTC 2011 

On 11/17/2011 11:03 PM, scott_stone at trendmicro.com wrote:
>
> I'm having a lot of trouble finding relevant information on this 
> online, so I'm going to ask you guys.. :)
>
> I have several thousand machines receiving static host reservations 
> with DHCPv4 currently.  ie,
>
> host myhostname.domainname {
>
>                hardware ethernet 00:50:56:DE:AD:BE;
>
>                fixed-address 10.0.0.1;
>
>                option host-name "myhostname.domainname";
>
> }
>
> ... simple, right?  OK, now we want to use DHCPv6 as well as DHCPv4.  
> It seems that the dhcp client identifiers for DHCPv6 are 
> **arbitrary**.  Is there no way to know ahead of time what they would 
> be, since they're not mapped to anything uniquely identifiable on the 
> machine (ie, MAC address)?  Do I need to have someone manually 
> investigate all of these hosts to find their client identifiers or is 
> there something I'm missing here...?
>
> ====================
>
> Scott Stone <scott_stone at trendmicro.com>
>
>

Not that I would think that this could really help ... It's just that 
I've noticed that there's been this item in changelog to 4.2.0:
- The 'hardware [ethernet|etc] ...;' parameter in host records has been
   extended to attempt to match DHCPv6 clients by the last octets of a
   DUID-LL or DUID-LLT provided by the client.

I think it's the implementation of what David mentioned in
https://lists.isc.org/pipermail/dhcp-users/2009-February/008092.html

Also the following few lines were added in 4.2.0 to example 
doc/dhcpd-dhcpv6.conf
host otherclient {
         # This host entry is hopefully matched if the client supplies a 
DUID-LL
         # or DUID-LLT containing this MAC address.
         hardware ethernet 01:00:80:a2:55:67;

         fixed-address6 3ffe:501:ffff:100::4321;
}

man dhclient says:
By default, DHCPv6 dhclient creates an identifier based on the 
link-layer address (DUID-LL) if it is running in stateless mode (with 
-S, not requesting an address), or it creates an identifier based on the 
link-layer address plus a timestamp (DUID-LLT) if it is running in 
stateful mode (without  -S,  requesting  an address).


Just my two cents.
--
Jiri
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20111125/c87cfe7e/attachment.html>

More information about the dhcp-users mailing list