Skip Menu |
Report information
The Basics
Id: 47311
Status: open
Priority: 0/
Queue: dhcp-public

People
Owner: Nobody in particular
Requestors: Ray Soucy <rps@maine.edu>
Cc:
AdminCc:

Bug Information
Version Fixed: (no value)
Version Found: (no value)
Versions Affected: (no value)
Versions Planned: 4.4.2
Priority: (no value)
Severity: (no value)
CVSS Score: (no value)
CVE ID: (no value)
Component: (no value)
Area: (no value)

Dates
Created:Tue, 13 Mar 2018 15:11:03 +0000
Updated:Tue, 13 Mar 2018 15:50:45 +0000
Closed:Not set



This bug tracker is no longer active.

Please go to our Gitlab to submit issues (both feature requests and bug reports) for active projects maintained by Internet Systems Consortium (ISC).

Due to security and confidentiality requirements, full access is limited to the primary maintainers.

To: dhcp-suggest@isc.org
From: "Ray Soucy" <rps@maine.edu>
Date: Tue, 13 Mar 2018 11:10:55 -0400
Subject: DHCPv6 relay feature requests
Download (untitled) / with headers
text/plain 1.4KiB
Two items:

----

#1

It would be useful to see support for RFC 6939 added to dhcrelay for DHCPv6.

Specifically, the insertion of OPTION_CLIENT_LINKLAYER_ADDR (79) , which provides the client MAC to dhcpd as a relay option.

----

# 2

It would be useful to see support for providing external programs information on DHCPv6-PD prefix assignments so that systems used as routers could then take action to add routes for delegated prefixes.

This could be as simple as (1) creating a log event with the needed information (prefix, expiry, and next-hop) that could be streamed to a specific file; or (2) adding support to call an external script with the information past as a list of as arguments; or (3) maintaining a prefix-delegation database that keeps track of active prefixes delegated.

My personal preference would be the second option to call an external script.

----

These two items are important for enabling IPv6 with DHCPv6 for open source network routers and firewall projects, such as VyOS.  

They also compliment functionality already in DHCPd, and would provide a way to leverage these features without the use of proprietary relay agents.

I know that dhcrelay is not seen as a high priority for the project, but I hope I can convey how important this functionality is for both IPv6 adoption as well as open source router and firewall adoption.




--
Ray Patrick Soucy
Senior Cyber Security Engineer
Networkmaine, University of Maine System US:IT

207-581-3526
To: dhcp-public@isc.org
Subject: Re: [ISC-Bugs #47311] AutoReply: DHCPv6 relay feature requests
From: "Ray Soucy" <rps@maine.edu>
Date: Tue, 13 Mar 2018 11:21:35 -0400
Download (untitled) / with headers
text/plain 5.3KiB
As an aside, I proposed the idea that would become RFC 6939 back in early 2012 on NANOG:

https://mailman.nanog.org/pipermail/nanog/2012-January/044267.html

"If someone were to modify DHCPv6 to address these concerns, I think
the easiest way to do so would be to extend DHCPv6 relay messages to
include the MAC address of the system making the request
(DHCPv6
servers on local sub-networks would be able to determine the MAC from
the packet).  This would allow transitional DHCPv6 configurations to
be built on MAC addresses rather than DUID without client modification
(which is key).

Perhaps this is already possible through the use of RFC 6422 (which
shouldn’t break anything)."

I was a bit disappointed to see that Cisco didn't reach out to include me on the RFC, but oh well.  Anyway, the idea pre-dates Cisco's implementation so there should be no IP issues preventing its implementation.





On Tue, Mar 13, 2018 at 11:11 AM, DHCP Public Bugs via RT <dhcp-public@isc.org> wrote:
Greetings,

This message was automatically generated to acknowledge receipt of
your recent email
 "DHCPv6 relay feature requests",
and to let you know that we have opened a ticket for your request
(a summary of which appears below.)

We do not need a further response from you at this time, but if you
do respond, please include in the Subject of your reply the ID
   '[ISC-Bugs #47311]'
so that we can match up your reply with the ticket in our system.


What Happens Next
=================

Bug reports submitted to us in this manner are handled based on
perceived severity in relation to other bugs.  We handle reports as
time permits so there is no guaranteed response time for these
reports.

If you feel the issue you are reporting is a security issue, please
see http://www.isc.org/security/reporting-issues for details on how
to report it, including the PGP key you may use.

If it is of a non-security yet still urgent matter, you may reply
to this message to add further information.


Public Visibility of Bugs
=========================

Most bind and dhcp bug reports submitted since July 7, 2017 are visible
to the public at https://bugs.isc.org <https://bugs.isc.org/> after
review by the developers.

If you want this report to be withheld from public view, please
reply to this message with your request.

All reports submitted to
  bind9-confidential@isc.org <mailto:bind9-confidential@isc.org> and
  dhcp-confidential@isc.org <mailto:dhcp-confidential@isc.org>
are withheld from public view.

Other Support Options
=====================

If your organization requires more immediate attention, ISC offers
paid support options.  Please see http://www.isc.org/services/support
for more information.

If paid support is not an option, please consider making a donation
to ISC.  We don't require a donation -- we will work on your report
just as quickly whether or not you can donate -- but we always need
and welcome community support.  See http://www.isc.org/donate/


Run a Supported Version
=======================

If you are not running a supported version of our software, please
upgrade.  Bug reports against unsupported versions of BIND are
discouraged, as your issue may have already been addressed.

You can find the latest versions of our software here:

    https://www.isc.org/downloads/


For configuration help...
=========================

Questions regarding configuration or setup are addressed on mailing
lists - to subscribe, visit:

     https://lists.isc.org/mailman/listinfo/bind-users
 or  https://lists.isc.org/mailman/listinfo/dhcp-users


Thank you,
  dhcp-public@isc.org

---------------------------------------------------------------------

Two items:

----

#1

It would be useful to see support for RFC 6939 added to dhcrelay for DHCPv6.

Specifically, the insertion of OPTION_CLIENT_LINKLAYER_ADDR (79) , which
provides the client MAC to dhcpd as a relay option.

----

# 2

It would be useful to see support for providing external programs
information on DHCPv6-PD prefix assignments so that systems used as routers
could then take action to add routes for delegated prefixes.

This could be as simple as (1) creating a log event with the needed
information (prefix, expiry, and next-hop) that could be streamed to a
specific file; or (2) adding support to call an external script with the
information past as a list of as arguments; or (3) maintaining a
prefix-delegation database that keeps track of active prefixes delegated.

My personal preference would be the second option to call an external
script.

----

These two items are important for enabling IPv6 with DHCPv6 for open source
network routers and firewall projects, such as VyOS.

They also compliment functionality already in DHCPd, and would provide a
way to leverage these features without the use of proprietary relay agents.

I know that dhcrelay is not seen as a high priority for the project, but I
hope I can convey how important this functionality is for both IPv6
adoption as well as open source router and firewall adoption.




--
Ray Patrick Soucy
Senior Cyber Security Engineer
Networkmaine, University of Maine System US:IT

207-581-3526




--
Ray Patrick Soucy
Senior Cyber Security Engineer
Networkmaine, University of Maine System US:IT

207-581-3526
Hello Ray: As we begin looking at what to include in our next maintenance releases we will give your suggestions due consideration. Once we reach a decision we'll let you know. Thank you for taking the time to make your request, user feedback is extremely important in helping us understand what changes would be of value to user community. Regards, Thomas Markwalder ISC Software Engineering