Issues with dhcpv6 and ddns updates

perl-list perl-list at network1.net
Fri Dec 2 15:07:36 UTC 2016 

Robert, 

I don't know anything about DDNS updates as I have never used them, but I can confirm that on release {} in DHCPv6 does not seem to have access to any of the option data. I had the same problem and asked the list about it more than a week ago. I was met with silence. If a developer could comment on this being a bug or simply not implemented yet, that would be great. Target for inclusion of option data in on release {} statements? 

> From: "Robert Senger" <robert.senger at lists.microscopium.de>
> To: "Users of ISC DHCP" <dhcp-users at lists.isc.org>
> Sent: Friday, December 2, 2016 10:01:31 AM
> Subject: Issues with dhcpv6 and ddns updates

> Hi there,

> I am running isc-dhcp-server in ipv6 mode, and I'd like to update the
> local internal dns zones hosted by bind9 with dhcpv6 client's names and
> ipv6 addresses.

> The built-in ddns seems to be completely unable to remove entries from
> the dns upon expiry or release, so I ended up doing ddns stuff on my
> own using "on commit|expiry|release" event handlers and corresponding
> scripts.

> But this also has issues with expiry and release events. While
> (almost...) everything is fine with commits, I am having trouble
> getting enough information about which hosts lease has expired or was
> released.

> This is the code I have in the dhcpd6.conf global scope:

> on commit
> {

> set ClientMac =
> "n/a";

> set ClientIP = pick-first-value(binary-to-ascii(16, 16, ":",
> substring(option dhcp6.ia-na, 16, 16)),
> "n/a");
> set ClientID = pick-first-value(binary-to-ascii(16, 8, ":",
> option dhcp6.client-id),
> "n/a");
> set ClientName = pick-first-value(ddns-hostname, option
> fqdn.hostname, option host-name,
> "n/a");
> log(concat("Commit (global): Mac: ", ClientMac, ", IP: ",
> ClientIP, ", Name: ", ClientName, ", ID: ",
> ClientID));
> #execute("/etc/dhcp/dhcp6commit.sh", ClientMac, ClientIP,
> ClientName,
> ClientID);
> }

> on expiry
> {

> set ClientMac =
> "n/a";

> set ClientIP = pick-first-value(binary-to-ascii(16, 16, ":",
> substring(option dhcp6.ia-na, 16, 16)),
> "n/a");
> set ClientID = pick-first-value(binary-to-ascii(16, 8, ":",
> option dhcp6.client-id),
> "n/a");
> set ClientName = pick-first-value(ddns-hostname, option
> fqdn.hostname, option host-name,
> "n/a");
> log(concat("Expiry (global): Mac: ", ClientMac, ", IP: ",
> ClientIP, ", Name: ", ClientName, ", ID: ",
> ClientID));
> #execute("/etc/dhcp/dhcp6expiry.sh", ClientMac, ClientIP,
> ClientName,
> ClientID);
> }

> on release
> {

> set ClientMac =
> "n/a";

> set ClientIP = pick-first-value(binary-to-ascii(16, 16, ":",
> substring(option dhcp6.ia-na, 16, 16)),
> "n/a");
> set ClientID = pick-first-value(binary-to-ascii(16, 8, ":",
> option dhcp6.client-id),
> "n/a");
> set ClientName = pick-first-value(ddns-hostname, option
> fqdn.hostname, option host-name,
> "n/a");
> log(concat("Release (global): Mac: ", ClientMac, ", IP: ",
> ClientIP, ", Name: ", ClientName, ", ID: ",
> ClientID));
> #execute("/etc/dhcp/dhcp6release.sh", ClientMac, ClientIP,
> ClientName,
> ClientID);
> }

> (I've commented the "execute" statement to not mess up ddns while
> testing).

> And this is what I see in the dhcp log:

> Commit:

> Dec 2 15:02:02 prokyon dhcpd: Reply NA: address
> fd10:2842:f0d1:414:b64e:8a55:154d:ad6 to client with duid
> 00:01:00:01:1e:dd:f7:4d:00:12:f0:90:5a:49 iaid = 1 valid for 1200
> seconds
> Dec 2 15:02:02 prokyon dhcpd: Commit (global): Mac: n/a, IP:
> fd10:2842:f0d1:414:b64e:8a55:154d:ad6, Name: n/a, ID:
> 0:1:0:1:1e:dd:f7:4d:0:12:f0:90:5a:49

> Release:

> Dec 2 15:03:39 prokyon dhcpd: Client
> 00:01:00:01:1e:dd:f7:4d:00:12:f0:90:5a:49 releases address
> fd10:2842:f0d1:414:b64e:8a55:154d:ad6
> Dec 2 15:03:39 prokyon dhcpd: Release (global): Mac: n/a, IP: n/a,
> Name: n/a, ID: n/a

> Expiry:

> Dec 2 15:14:04 prokyon dhcpd: Expiry (global): Mac: n/a, IP: n/a,
> Name: n/a, ID: n/a

> So, everything is alright for commit events, except that there's no
> hostname available. I know how to create a custom hostname from address
> or id, so this is not really a problem.

> But for expiry and release events, there's simply nothing that can be
> passed on to the scripts. No address, no name, no id. It's impossible
> to remove dns entries.

> Next, if I move the "set ClientIP = " lines from inside the "on
> commit|expiry|release" event handlers above those into the global
> scope, I magically get the address for expiry, but not for release:

> Dec 2 15:35:55 prokyon dhcpd: Expiry (global): Mac: n/a, IP:
> fd10:2842:f0d1:414:b64e:8a55:154d:ad6, Name: n/a, ID: n/a
> Dec 2 15:38:17 prokyon dhcpd: Release (global): Mac: n/a, IP: n/a,
> Name: n/a, ID: n/a

> Moving all this code into a host statement (works for known hosts only,
> of course), finally makes it possible to get a hostname and to perform
> clean ddns updates for commit and expiry, but it requires at least one
> dns lookup in the script to get the address from the hostname for
> release events, which is a really, really ugly hack.

> Am I doing something wrong, did I miss something, or ist this
> intended behavior or even a bug?

> Thanks for help,

> Robert

> --
> Robert Senger

> --
> Robert Senger

> _______________________________________________
> dhcp-users mailing list
> dhcp-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20161202/4d8f44b4/attachment-0001.html>

More information about the dhcp-users mailing list