Currently, odhcpd provides the leasetime configuration option for DHCPv4, but it appears that this option is ignored for DHCPv6 and odhcpd passes out IP addresses to stateful DHCPv6 clients with infinite lifetimes. This seems like a bad thing to do, especially given that #26 is still unaddressed (i.e. odhcpd cannot store state) and even when it is addressed, not all routers may be configured with non-volatile memory for this (e.g. user may not have external USB storage and may not want to wear out internal router flash).
Therefore I think there's a risk that a fresh instance of odhcpd might erroneously reuse addresses that it previously handed out prior to a router reboot. This risk seems particularly high given that currently, it passes out IPs with infinite lifetime - so there could be some client using an IP assigned from a long, long time ago that odhcpd just doesn't know about. (LuCI web interface says DHCPv6 leases expire within 12 hours, but that seems to be a LuCI bug because the clients & Wireshark say they don't expire.)
To mitigate this risk, it would be useful to have odhcpd only pass out stateful DHCPv6 addresses with a limited lifetime - user configurable. For example, if a user cannot store odhcpd state (e.g. due to #26 or lack of non-volatile memory), they could configure for a very short lifetime (e.g. 5 or 10 minutes). That would greatly limit the amount of time during which there is a risk of duplicate IP addresses on the network due to an odhcpd screw-up.
dedeckeh
commented
4 years ago
Currently, odhcpd provides the
leasetimeconfiguration option for DHCPv4, but it appears that this option is ignored for DHCPv6 and odhcpd passes out IP addresses to stateful DHCPv6 clients with infinite lifetimes. This seems like a bad thing to do, especially given that #26 is still unaddressed (i.e. odhcpd cannot store state) and even when it is addressed, not all routers may be configured with non-volatile memory for this (e.g. user may not have external USB storage and may not want to wear out internal router flash).Therefore I think there's a risk that a fresh instance of odhcpd might erroneously reuse addresses that it previously handed out prior to a router reboot. This risk seems particularly high given that currently, it passes out IPs with infinite lifetime - so there could be some client using an IP assigned from a long, long time ago that odhcpd just doesn't know about. (LuCI web interface says DHCPv6 leases expire within 12 hours, but that seems to be a LuCI bug because the clients & Wireshark say they don't expire.)
To mitigate this risk, it would be useful to have odhcpd only pass out stateful DHCPv6 addresses with a limited lifetime - user configurable. For example, if a user cannot store odhcpd state (e.g. due to #26 or lack of non-volatile memory), they could configure for a very short lifetime (e.g. 5 or 10 minutes). That would greatly limit the amount of time during which there is a risk of duplicate IP addresses on the network due to an odhcpd screw-up.