Page MenuHomeVyOS Platform

DHCPv6-PD prefix length not being set in config file
Closed, ResolvedPublicBUG

Description

In T2506 I noticed that the 'length' parameter was added to the dhcpv6-options.

However, when I add that parameter, the 'prefix' parameter is not being set in the interface configuration file.

/config/config.boot:

interfaces {
    ethernet eth0 {
        hw-id 52:54:00:27:59:a9
    }
    ethernet eth1 {
        hw-id 52:54:00:a0:f4:cc
    }
    ethernet eth2 {
        address dhcp
        address dhcpv6
        description "WAN Interface"
        dhcpv6-options {
            prefix-delegation {
                interface eth1 {
                    address 1
                    sla-id 2
                    sla-len 8
                }
                length 56
            }
        }
        hw-id 52:54:00:82:48:a0
    }
    loopback lo {
    }
}
system {
    config-management {
        commit-revisions 100
    }
    console {
        device ttyS0 {
            speed 115200
        }
    }
    host-name vyos
    login {
        user vyos {
            authentication {
                encrypted-password $6$JgwuysqvW/ZtY$XOYHQvd.tQ5AUii38VdU3IEGYndzOjeA2NTYKocFz2cmKz7.hlW3SXt3q6/VSknSC4tJnsLLHQ9rElkAP5V2D1
                plaintext-password ""
            }
        }
    }
    ntp {
        server 0.pool.ntp.org {
        }
        server 1.pool.ntp.org {
        }
        server 2.pool.ntp.org {
        }
    }
    syslog {
        global {
            facility all {
                level info
            }
            facility protocols {
                level debug
            }
        }
    }
}
/ Warning: Do not remove the following line.
// vyos-config-version: "broadcast-relay@1:cluster@1:config-management@1:conntrack@1:conntrack-sync@1:dhcp-relay@2:dhcp-server@5:dhcpv6-server@1:dns-forwarding@2:firewall@5:https@2:interfaces@10:ipoe-server@1:ipsec@5:l2tp@3:lldp@1:mdns@1:nat@5:ntp@1:pppoe-server@3:pptp@2:qos@1:quagga@6:salt@1:snmp@1:ssh@1:sstp@2:system@16:vrrp@2:vyos-accel-ppp@2:wanloadbalance@3:webgui@1:webproxy@2:zone-policy@1"
// Release version: 1.3-rolling-202006050117

/run/dhcp6c/dhcp6c.eth2.conf:

# generated by dhcp.py
# man https://www.unix.com/man-page/debian/5/dhcp6c.conf/

interface eth2 {
    request domain-name-servers;
    request domain-name;
    send ia-na 1; # non-temporary address
    send ia-pd 2; # prefix delegation
};

id-assoc na 1 {
    # Identity association NA
};

id-assoc pd 2 {
    prefix-interface eth1 {
        sla-id 2;
        sla-len 8;
        ifid 1;
    };
};

Any ideas on what might be causing the 'prefix' parameter of length 56 not to be put into the configuration file?

My ISP (Cox) only gives /64 by default, we have to request larger prefixes (like /56).

If I can get this configuration parameter to show up in the configuration file then I think things might work to request the /56 that Cox allows.

OpenWrt has no problems and gives me a /56 from Cox.

I've spent several hours going through the GIT logs and checking files, it looks like it should work. My guess is that there is a small typo somewhere.

Thanks for any ideas, suggestions, bugfixes, etc.

Details

Difficulty level
Easy (less than an hour)
Version
1.3
Why the issue appeared?
Implementation mistake
Is it a breaking change?
Unspecified (possibly destroys the router)

Event Timeline

dsummers created this task.Jun 5 2020, 8:08 AM
dsummers added a subscriber: richardpowellus.EditedJun 5 2020, 10:37 PM

In T421 @richardpowellus mentioned:

renew dhcpv6 interface ethX

after manually editing the /run/dhcp6c/dhcp6c.ethX.conf file to have:

prefix ::/56 infinity

in the id-assoc prefix section like so:

# generated by dhcp.py
# man https://www.unix.com/man-page/debian/5/dhcp6c.conf/

interface eth2 {
    request domain-name-servers;
    request domain-name;
    send ia-na 1; # non-temporary address
    send ia-pd 2; # prefix delegation
};

id-assoc na 1 {
    # Identity association NA
};

id-assoc pd 2 {
    prefix ::/56 infinity;
    prefix-interface eth1 {
        sla-id 2;
        sla-len 8;
        ifid 1;
    };
};

I'll try that here in a bit and see if that works for me and report back.

c-po added a subscriber: c-po.Jun 5 2020, 10:44 PM
This comment was removed by c-po.
c-po changed the task status from Open to In progress.Jun 5 2020, 10:45 PM
c-po claimed this task.
c-po closed this task as Resolved.Jun 5 2020, 11:03 PM
c-po triaged this task as Normal priority.
c-po changed Difficulty level from Unknown (require assessment) to Easy (less than an hour).
c-po changed Why the issue appeared? from Will be filled on close to Implementation mistake.
dsummers added a comment.EditedJun 5 2020, 11:55 PM

@richardpowellus Yes, your work around fixed my problem and I'm now for the first time able to receive a /56 from my ISP and divvy it up between my interfaces.

@c-po fixed T2551 and I expect the next rolling release to have that fix in it and so therefore should fix this issue.

Thanks everyone! I'm very excited now to get 1.3 stabilized and out the door for production work!

@c-po Woops, as of vyos-1.3-rolling-202006052325 now the problem has switched.

Now the "prefix ::/56 infinity" stanza is in the configuration file, but now the other parameters are not being put in.

/conf/boot.conf file:

interfaces {
    ethernet eth0 {
        hw-id 52:54:00:27:59:a9
    }
    ethernet eth1 {
        hw-id 52:54:00:a0:f4:cc
    }
    ethernet eth2 {
        address dhcp
        address dhcpv6
        description "WAN Interface"
        dhcpv6-options {
            prefix-delegation {
                interface eth1 {
                    address 1
                    sla-id 2
                    sla-len 8
                }
                length 56
            }
        }
        hw-id 52:54:00:82:48:a0
    }
    loopback lo {
    }
}
system {
    config-management {
        commit-revisions 100
    }
    console {
        device ttyS0 {
            speed 115200
        }
    }
    host-name vyos
    login {
        user vyos {
            authentication {
                encrypted-password $6$JgwuysqvW/ZtY$XOYHQvd.tQ5AUii38VdU3IEGYndzOjeA2NTYKocFz2cmKz7.hlW3SXt3q6/VSknSC4tJnsLLHQ9rElkAP5V2D1
                plaintext-password ""
            }
        }
    }
    ntp {
        server 0.pool.ntp.org {
        }
        server 1.pool.ntp.org {
        }
        server 2.pool.ntp.org {
        }
    }
    syslog {
        global {
            facility all {
                level info
            }
            facility protocols {
                level debug
            }
        }
    }
}
/ Warning: Do not remove the following line.
// vyos-config-version: "broadcast-relay@1:cluster@1:config-management@1:conntrack@1:conntrack-sync@1:dhcp-relay@2:dhcp-server@5:dhcpv6-server@1:dns-forwarding@2:firewall@5:https@2:interfaces@10:ipoe-server@1:ipsec@5:l2tp@3:lldp@1:mdns@1:nat@5:ntp@1:pppoe-server@3:pptp@2:qos@1:quagga@6:salt@1:snmp@1:ssh@1:sstp@2:system@16:vrrp@2:vyos-accel-ppp@2:wanloadbalance@3:webgui@1:webproxy@2:zone-policy@1"
// Release version: 1.3-rolling-202006052325

dhcp6c.eth2.conf:

# generated by dhcp.py
# man https://www.unix.com/man-page/debian/5/dhcp6c.conf/

interface eth2 {
    request domain-name-servers;
    request domain-name;
    send ia-na 1; # non-temporary address
    send ia-pd 2; # prefix delegation
};

id-assoc na 1 {
    # Identity association NA
};

id-assoc pd 2 {
    prefix ::/56 infinity;
    prefix-interface eth1 {
    };
};

Also, it may be another issue, but when I tried to "set disable" in the interfaces ethernet eth2 section, it disabled the IPv6 but not the IPv4, as in, the IPv4 still had an active IP address after I disabled and committed.

Thanks for any fixes.

hlmtre added a subscriber: hlmtre.Jun 6 2020, 4:18 AM

@dsummers Do you have a section in your config for router-advert? I'm still struggling to get my Comcast business connection to delegate me an ipv6 prefix and then to have that be routable (my local interface gets a /63... wtf?!)

admin@gw# show interfaces ethernet eth0
 address <public IP>
 address dhcpv6
 description WAN
 dhcpv6-options {
     prefix-delegation {
         interface eth1 {
             address 1
             sla-id 1
             sla-len 4
         }
         length 64
     }
 }
 duplex auto
 firewall {
     in {
         name OUTSIDE-IN
     }
     local {
         name OUTSIDE-LOCAL
     }
 }
 hw-id ac:1f:6b:48:63:e8
 smp-affinity auto
 speed auto
 traffic-policy {
     out upload
 }

... nets me:

admin@gw:~$ show interfaces 
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface        IP Address                        S/L  Description
---------        ----------                        ---  -----------
eth0             <public IP>                       u/u  WAN 
                 2603:3006:xx::28/128
eth1             192.168.6.1/24                    u/u  LAN 
                 2603:3006:xx:041::1/63
eth1.4           192.168.4.1/24                    u/u  vlan 4 
eth2             -                                 u/D  
eth3             -                                 u/D  
lo               127.0.0.1/8                       u/u  
                 ::1/128

which I find *super* bizarre.

Router-advert:

admin@gw# show service router-advert 
 interface eth1 {
     hop-limit 64
     interval {
         max 600
     }
     name-server 2606:4700:4700::1111
     name-server 2606:4700:4700::1001
     prefix ::/64 {
         valid-lifetime 2592000
     }
     reachable-time 0
     retrans-timer 0
 }

And from the LAN interface:

admin@gw:~$ ping6 -I eth1 google.com
connect: Network is unreachable
admin@gw:~$

:(

Thank you ahead of time!

c-po added a comment.Jun 6 2020, 8:57 AM

@c-po Woops, as of vyos-1.3-rolling-202006052325 now the problem has switched.

Now the "prefix ::/56 infinity" stanza is in the configuration file, but now the other parameters are not being put in.

That's correct - as result of this midnight change I missed out one part. Fixed in next rolling release in about 30 minutes.

@c-po I can now confirm that as of vyos-1.3-rolling-20200607117 this issue is now fixed!

I can correctly set my prefix length request to /56 using the configuration in the first comment and now I correctly receive a WAN address and the requested prefix delegation, and it correctly assigns the IP addresses to the requested interfaces.

VERY VERY NEAT! We've needed this for a long time.

THANK YOU VERY MUCH for implementing this feature.

Once VyOS 1.3 is released, I will finally be able to simply my current setup from multiple routers down to one router (VyOS),