Page MenuHomeVyOS Platform

DHCPv6 static-mappings not working due to excess quotes around dhcp6.client-id
Closed, ResolvedPublicBUG

Description

vyos generates host-identifier option with excess quotes, causing the static host declarations to not work, clients get addresses from the dynamic pool instead. isc-dhcpd shows no error.

Vyos-generated non-working /etc/dhcp/dhcpd6.conf snippet (values are examples - tx is time, mx is MAC in type 1 DUID):

host FOO-6pool_foohost {
    host-identifier option dhcp6.client-id "00:01:00:01:t1:t2:t3:t4:m1:m2:m3:m4:m5:m6";
    fixed-address6 2001:db8::123;
}

Tested working:

host FOO-6pool_foohost {
    host-identifier option dhcp6.client-id 00:01:00:01:t1:t2:t3:t4:m1:m2:m3:m4:m5:m6;
    fixed-address6 2001:db8::123;
}

Details

Difficulty level
Unknown (require assessment)
Version
1.2.0-rolling+201905261657
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)

Event Timeline

ISC-dhcp can parse this option either as a quoted string or colon-separated hex list. common/tables.c

On input, the option can be specified either as a quoted string or as a colon-separated hex list.

In my (limited) experience, the hex list is much more commonly used as most DUIDs contain unprintable data. It's also easier to look up on the client as most distros use hex-list notation as default (Windows uses a hyphen-separated hex list, which is easy to convert to colon-separated)
Nonetheless, there are two options:

  1. we require the use of colon-separated hex lists (easier to implement and add a validator)
  2. we support both hex lists and strings and add a vaildator to validate both.

Option 1 is preferred IMO as it lessens the confusion and possible mistakes by users as they can't mistakenly enter a hex-list as a quoted string and not knowing why it doesn't work.

In addition to removing the quotes from the output I'd clarify the configuration help messages and add a validator.

jjakob triaged this task as High priority.Jun 16 2019, 5:34 PM

Change priority to high as the bug makes DHCPv6 static mappings inoperable.

Closed PR and reopened in https://github.com/vyos/vyos-1x/pull/72 due to creating a new branch

Tested working on 1.2.0-rolling+201906210337

jjakob changed the task status from In progress to Backport candidate.Jun 24 2019, 6:23 PM
jjakob added a project: VyOS 1.3 Equuleus.
jjakob moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus board.

Since this changed dhcp6.client-id to only accept colon-separated hex lists, configs that still have the strings will fail to apply, leading to nonworking configs.
Should we bump the dhcp-server vyatta-config-version and write a migration script?
Shouldn't there be a separate dhcpv6-server/relay vyatta-config-version? Perhaps the migration script could add those.

Putting the migration script on hold until I can get sample configs for "service dhcp6-server static-mapping identifier ..." and related host entries in /etc/dhcp/dhcpdv6.conf from an old vyos version with the old vyatta-cfg-dhcp-server scripts.
In particular if it was possible to set quoted strings as identifier which would be set unchanged in dhcpd6.conf, this would necessitate detecting whether the identifier was a quoted string or not, and converting the string to hex. If it wasn't possible to set quoted strings the migration script is not necessary.

syncer removed a project: VyOS 1.2 Crux.
syncer added a subscriber: syncer.

Please backport this

c-po moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved this task from VyOS 1.2.4 to VyOS 1.2.3 on the VyOS 1.2 Crux board.
c-po moved this task from Needs Triage to Finished on the VyOS 1.2 Crux (VyOS 1.2.3) board.
c-po set Is it a breaking change? to Unspecified (possibly destroys the router).