DHCPv6 IP<->DUID mapping ?
Miloslav Hůla
miloslav.hula at gmail.com
Tue Aug 22 15:28:53 UTC 2017
I'm not sure I undestand the question. Probably yes. We are using slapd
(OpenLDAP) and isc-dhcp-server-ldap packages, everythink stock packages
for current Debian Stretch.
Milo
Dne 2017-08-22 v 17:11 Hillary Nelson napsal(a):
> For LDAP backend, do you use the LDAP comes with DHCP source code?
>
>
> Thanks!
> Hillary
>
>
> On Tue, Aug 22, 2017 at 10:48 AM, Miloslav Hůla <miloslav.hula at gmail.com
> <mailto:miloslav.hula at gmail.com>> wrote:
>
> Restart is needed for now. We have two servers in failover and
> restart is done one by one, so restart is not issue for us.
>
> But in these days we are preparing LDAP backend for DHCPv4 and v6
> servers. When it will be done, restart will not be necessary.
> Configuration snippet follows. Now, we have only static records, no
> range6. On switches, we have a MAC-radius mechanism, so
> non-registered MACs fall into guest VLAN and they get IPv6 by router
> advertisment and SLAAC.
>
>
> shared-network VLAN-4 {
> subnet6 2002:817:55:1100::/64 {
> }
>
> subnet6 2002:817:55:1101::/64 {
> }
>
> subnet6 2002:817:55:1102::/64 {
> }
> }
>
> shared-network VLAN-100 {
> subnet6 2002:817:55:11ee::/64 {
> }
> }
>
>
> host atlas.example.com <http://atlas.example.com> {
> hardware ethernet 00:50:56:a5:c6:69;
> fixed-address6 2002:817:55:1100::52;
> }
>
> host milo.example.com <http://milo.example.com> {
> hardware ethernet 00:50:56:a5:c6:70;
> fixed-address6 2002:817:55:11ee::56;
> }
>
> Milo
>
>
>
> Dne 2017-08-22 v 16:23 Hillary Nelson napsal(a):
>
> Great to know it works for you! I wonder do you need to restart
> DHCPv6 server everytime there are new MAC added, with DHCPv4 we
> use omapi to add dynamic host entry so no need to restart server.
>
> Here is the relevant config I've been trying, can you share your
> config if you don't mind, you don't need to use your real IP space:
>
> *****************************
> shared-network "network-staff" {
> subnet6 fd01:beef:1::/64 {
> pool6 {
> deny known-clients;
> range6 fd01:beef:1::0/96;
> }
> }
> subnet6 2001:beef:1::/64 {
> pool6 {
> deny unknown-clients;
> range6 2001:beef:1::0/96;
> }
> }
> }
>
> host registered-host1 { hardware ethernet 11:22:AA:BB:CC:DD;
> option host-name "registered-host1"; }
>
> ***********************************
>
> Thanks!
> Hillary
>
>
> On Tue, Aug 22, 2017 at 9:05 AM, Miloslav Hůla
> <miloslav.hula at gmail.com <mailto:miloslav.hula at gmail.com>
> <mailto:miloslav.hula at gmail.com
> <mailto:miloslav.hula at gmail.com>>> wrote:
>
> Hi,
>
> we register DHCPv6 clients by MAC, the same way as DHCPv4.
> With ISC
> server, address association works directly via VLAN
> interface or
> relay, event this way is not i the RFCs.
>
> Milo
>
>
> Dne 2017-08-18 v 16:14 Hillary Nelson napsal(a):
>
>
> We plan to enable IPv6 registration like we do with our
> IPv4(with deny unknown clients), which needs query
> lease info to
> get DUID from giving IPv6 address, without omapi
> support, should
> we parse lease or log to get DUID from IPv6 address?
> How do you
> folks get your DHCPv6 IPv6<->DUID mapping?
>
> If anyone has done IPv6 registration and would like to
> share
> your experience, it will be greatly appreciated!! You
> contact me
> off list if you want..
>
> Best,
> Hillary
More information about the dhcp-users
mailing list