search

pi-hole / FTL

The Pi-hole FTL engine
https://pi-hole.net
Other
1.37k stars 194 forks source link

ICMPv6 RA not emitted, DHCPv6 doesn't hand out addresses #1150

Closed bscottm closed 3 years ago

bscottm commented 3 years ago

Versions

Platform

Expected behavior

enable-ra is turned off (see /etc/dnsmasq.d/02-pihole-dhcp.conf if DHCPv6 is enabled. That's probably not expected behavior, but not the issue.

If enable-ra is uncommented/enabled, no ICMPv6 RA messages are emitted.

If radvd is active and sending RA messages, DHCPv6 reports:

Jul 19 15:55:38 dnsmasq-dhcp[6011]: DHCP, IP range 192.168.50.2 -- 192.168.50.254, lease time 1d
Jul 19 15:55:38 dnsmasq-dhcp[6011]: DHCPv6, IP range <My /64 prefix>::100 -- <My /64 prefix>::1ff, lease time 1d
Jul 19 16:11:03 dnsmasq-dhcp[6011]: no address range available for DHCPv6 request via eth0
Jul 19 16:18:01 dnsmasq-dhcp[6011]: no address range available for DHCPv6 request via eth0
Jul 19 16:18:02 dnsmasq-dhcp[6011]: no address range available for DHCPv6 request via eth0

Actual behavior / bug

I kept DHCPv6 turned off in the web U/I and added an /etc/dnsmasq.d/dhcpv6.conf file so that my changes wouldn't get overwritten. Contents:

#quiet-dhcp6
enable-ra
dhcp-range=<My /64 prefix>::100,<My /64 prefix>::1ff,64,24h
dhcp-option=option6:dns-server,[::]
dhcp-option=option6:information-refresh-time,6h
ra-param=*,mtu:1480,high,60
# ra-param=*,0,0

Used wireshark to watch the IPv6 traffic: No ICMPv6 RA messages advertised. Commented out enable-ra in my dhcpv6.conf, turned on radvd to start advertising the router. pihole-FTL receives the DHCPv6 requests, but does not find an available address on a very small (6 host) network.

Steps to reproduce

Steps to reproduce the behavior:

See above.

Debug Token

Screenshots

N/A

Additional context

N/A

DL6ER commented 3 years ago

I do not have much DHCPv6 experience (and actually firmly believe this should have never been invented) but looking at the source code, no address range available for DHCPv6 request via eth0 seems to be emitted whenever the address range does not fall into the subnet of the link receiving the request. However, this code region is rather entangled (it also deals with DHCPv6 relaying) and even prefaced with a comment:

/* This cost me blood to write, it will probably cost you blood to understand - srk. */

Everything DHCP related is unmodified dnsmasq code. You'll likely have a lot more success asking your question on the official dnsmasq mailing list dnsmasq-discuss@lists.thekelleys.org.uk

dschaper commented 3 years ago

I think there may be confusion about the dhcp-range=<My /64 prefix>::100,<My /64 prefix>::1ff,64,24h line. That's not for DHCPv6, it's purely to enable Pi-hole to announce an RA with the DNS IP address.

Pi-hole is not designed to be a DHCPv6 server and we have no configuration or modes that enable DHCPv6.

dschaper commented 3 years ago

See https://github.com/pi-hole/pi-hole/pull/4206 for more information if my assumption was correct.

bscottm commented 3 years ago

I was able to get it working, although the "how" is indeterminate. pi-hole does work as a DHCPv6 server and sends out RA advertisements. I have a separate dnsmasq config file.

Two feature recommendations: (a) Reverse v4 configuration -- if pi-hole is acting as a DHCP server, then it out to automagically configure itself for reverse DNS requests. (b) Reverse v6 configuration -- ditto, IPv6.

Does sound like there should be a separate page for DHCPv6 configuration. Something to hack in my copious spare time. ;-)