DHCPv6 IP<->DUID mapping ?

Hillary Nelson nelsonhillary8 at gmail.com
Tue Aug 22 15:49:15 UTC 2017 

We have our DHCP server on Redhat which doesn't seem to have
'isc-dhcp-server-ldap' shipped like Debian. There is option to enable ldap
if you compile DHCP from source.
Here is more info on this:
https://kb.isc.org/article/AA-01462/0/LDAP-and-updating-to-DHCP-4.3.3-or-newer.html

Thanks!
Hillary

On Tue, Aug 22, 2017 at 11:28 AM, Miloslav Hůla <miloslav.hula at gmail.com>
wrote:

> I'm not sure I undestand the question. Probably yes. We are using slapd
> (OpenLDAP) and isc-dhcp-server-ldap packages, everythink stock packages for
> current Debian Stretch.
>
> Milo
>
>
> Dne 2017-08-22 v 17:11 Hillary Nelson napsal(a):
>
>> For LDAP backend, do you use the LDAP comes with DHCP source code?
>>
>>
>> Thanks!
>> Hillary
>>
>>
>> On Tue, Aug 22, 2017 at 10:48 AM, Miloslav Hůla <miloslav.hula at gmail.com
>> <mailto:miloslav.hula at gmail.com>> wrote:
>>
>>     Restart is needed for now. We have two servers in failover and
>>     restart is done one by one, so restart is not issue for us.
>>
>>     But in these days we are preparing LDAP backend for DHCPv4 and v6
>>     servers. When it will be done, restart will not be necessary.
>>     Configuration snippet follows. Now, we have only static records, no
>>     range6. On switches, we have a MAC-radius mechanism, so
>>     non-registered MACs fall into guest VLAN and they get IPv6 by router
>>     advertisment and SLAAC.
>>
>>
>>     shared-network VLAN-4 {
>>          subnet6 2002:817:55:1100::/64 {
>>          }
>>
>>          subnet6 2002:817:55:1101::/64 {
>>          }
>>
>>          subnet6 2002:817:55:1102::/64 {
>>          }
>>     }
>>
>>     shared-network VLAN-100 {
>>          subnet6 2002:817:55:11ee::/64 {
>>          }
>>     }
>>
>>
>>     host atlas.example.com <http://atlas.example.com> {
>>          hardware ethernet 00:50:56:a5:c6:69;
>>          fixed-address6 2002:817:55:1100::52;
>>     }
>>
>>     host milo.example.com <http://milo.example.com> {
>>
>>          hardware ethernet 00:50:56:a5:c6:70;
>>          fixed-address6 2002:817:55:11ee::56;
>>     }
>>
>>     Milo
>>
>>
>>
>>     Dne 2017-08-22 v 16:23 Hillary Nelson napsal(a):
>>
>>         Great to know it works for you!  I wonder do you need to restart
>>         DHCPv6 server everytime there are new MAC added, with DHCPv4 we
>>         use omapi to add dynamic host entry so no need to restart server.
>>
>>         Here is the relevant config I've been trying, can you share your
>>         config if you don't mind, you don't need to use your real IP
>> space:
>>
>>         *****************************
>>         shared-network "network-staff" {
>>               subnet6 fd01:beef:1::/64 {
>>                      pool6 {
>>                       deny known-clients;
>>                       range6 fd01:beef:1::0/96;
>>                   }
>>               }
>>               subnet6 2001:beef:1::/64 {
>>                   pool6 {
>>                       deny unknown-clients;
>>                       range6 2001:beef:1::0/96;
>>                   }
>>               }
>>         }
>>
>>         host registered-host1 { hardware ethernet 11:22:AA:BB:CC:DD;
>>         option host-name "registered-host1";  }
>>
>>         ***********************************
>>
>>         Thanks!
>>         Hillary
>>
>>
>>         On Tue, Aug 22, 2017 at 9:05 AM, Miloslav Hůla
>>         <miloslav.hula at gmail.com <mailto:miloslav.hula at gmail.com>
>>         <mailto:miloslav.hula at gmail.com
>>
>>         <mailto:miloslav.hula at gmail.com>>> wrote:
>>
>>              Hi,
>>
>>              we register DHCPv6 clients by MAC, the same way as DHCPv4.
>>         With ISC
>>              server, address association works directly via VLAN
>>         interface or
>>              relay, event this way is not i the RFCs.
>>
>>              Milo
>>
>>
>>              Dne 2017-08-18 v 16:14 Hillary Nelson napsal(a):
>>
>>
>>                  We plan to enable IPv6 registration like we do with our
>>                  IPv4(with deny unknown clients), which needs query
>>         lease info to
>>                  get DUID from giving IPv6 address, without omapi
>>         support, should
>>                  we parse lease or log to get DUID from IPv6 address?
>>         How do you
>>                  folks get your DHCPv6 IPv6<->DUID mapping?
>>
>>                  If anyone has done IPv6 registration and would like to
>>         share
>>                  your experience, it will be greatly appreciated!! You
>>         contact me
>>                  off list if you want..
>>
>>                  Best,
>>                  Hillary
>>
>
> _______________________________________________
> dhcp-users mailing list
> dhcp-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20170822/c81d0559/attachment.html>

More information about the dhcp-users mailing list