search

openwrt / odhcp6c

This repository is a mirror of https://git.openwrt.org/?p=project/odhcp6c.git. It is for reference only and is not active for checks-ins or reporting issues; issues should be reported at: https://bugs.openwrt.org. Pull requests will be accepted which will be merged in odhcp6c.git
GNU General Public License v2.0
78 stars 81 forks source link

odhcp6c with iWay #38

Closed agners closed 4 years ago

agners commented 9 years ago

According to the provider I should get a /56 subnet using PD. However, it does not appear to work on current Chaos Calmer RC3 (on a WNDR4300, odhcp6c d21764d).

I made a capture of the DHCPv6 packages while running odhcp6c manually on the WAN interface:

# odhcp6c -s /lib/netifd/dhcpv6.script -Ntry -P0 -t120 eth0.2 -e -v
odhcp6c[22466]: (re)starting transaction on eth0.2
Command failed: Not found
odhcp6c[22466]: Starting SOLICIT transaction (timeout 4294967295s, max rc 0)
odhcp6c[22466]: Got a valid reply after 5ms
odhcp6c[22466]: Got a valid reply after 7ms
Command failed: Not found
odhcp6c[22466]: Starting REQUEST transaction (timeout 4294967295s, max rc 10)
odhcp6c[22466]: Send REQUEST message (elapsed 0ms, rc 0)
odhcp6c[22466]: Send REQUEST message (elapsed 955ms, rc 1)
odhcp6c[22466]: Send REQUEST message (elapsed 2835ms, rc 2)
odhcp6c[22466]: Send REQUEST message (elapsed 6665ms, rc 3)
odhcp6c[22466]: Send REQUEST message (elapsed 14675ms, rc 4)
odhcp6c[22466]: Send REQUEST message (elapsed 30705ms, rc 5)
Command failed: Not found
Command failed: Not found
odhcp6c[22466]: Send REQUEST message (elapsed 62635ms, rc 6)
Command failed: Not found
Command failed: Not found
odhcp6c[22466]: Send REQUEST message (elapsed 92515ms, rc 7)
Command failed: Not found
Command failed: Not found
odhcp6c[22466]: Send REQUEST message (elapsed 124761ms, rc 8)
Command failed: Not found
Command failed: Not found
odhcp6c[22466]: Send REQUEST message (elapsed 154545ms, rc 9)
Command failed: Not found
Command failed: Not found
odhcp6c[22466]: (re)starting transaction on eth0.2

Wireshark capture file: https://cloud.agner.ch/public.php?service=files&t=842f0cf8d0023a348d2c334f56e34876

It seems that the replies from the servers are not accepted by odhcp6c, but it is not clear to me why... Probably due to some RFC3315 Section 15 validation?

agners commented 9 years ago

Ok, I figured out the problem: The reply messages source address is not in the link local address space which the firewall would accept (fe80::/10). Furthermore, the source port is 546. The firewall configuration of OpenWrt only opens UDP src port 547...

After opening port 546 with and src 2001:8e0::/32 odhcp6c accepted the IA and everything worked flawless. So odhcp6c is definitely not to blame here, this bug can be closed from that perspective.

However, if a DHCPv6 expert could answer this question:

  1. Is the DHCPv6 servers src address choice allowed? I did not find something which says not, at least RFC3315 Section 17.2.3 says only that the reply message should have src address = dst address if the original message was received as a unicast address (which it was not...)
  2. Is the servers src port of 546 ok? RFC3315 seems also not to specify which src port shall be used...