Difference between revisions of "DHCP6 Server"

From Secure Computing Wiki
Jump to: navigation, search
(Configuring dhcp6s: corrected math error - hex not decimal!)
Line 60: Line 60:
 
};
 
};
 
</pre>
 
</pre>
This directive defines a pool, named pool1.  Pool1 is assigned addresses starting at 2001:db8:1:2::1000 and ending with 2001:db8:1:2::2000.  Note that we're creating a pool of '''one thousand''' addresses.  In the IPv4 world, that's the same as almost 4 entire class C networks.</li>
+
This directive defines a pool, named pool1.  Pool1 is assigned addresses starting at 2001:db8:1:2::1000 and ending with 2001:db8:1:2::2000.  Note that we're creating a pool of '''four thousand ninety six''' addresses.  In the IPv4 world, that's the same as 16 entire class C networks. <br /><small>Thanks to Leland for the correction on my math error. ;)</small></li>
  
 
== Conclusion ==
 
== Conclusion ==
 
This is a very quick and dirty configuration for DHCP and IPv6.  There are a ton more configuration directives and, with that, a whole lot more complexity.  Type man '''dhcp6s.conf''' for further configuration options.
 
This is a very quick and dirty configuration for DHCP and IPv6.  There are a ton more configuration directives and, with that, a whole lot more complexity.  Type man '''dhcp6s.conf''' for further configuration options.

Revision as of 06:28, 14 August 2009

Overview

While there are provisions for auto-configuration of IP addresses in the IPv6 protocol, most of the information necessary to get on the internet, and even talk to many computers on a LAN, is not obtained during the auto-configuration process. IPv6 auto-configuration is designed to simply get a valid IP address on a given host, with the help of a route advertisement service, usually installed on the network gateway. The host will still be missing the default gateway and DNS servers.

Installing the dhcp6 port on FreeBSD

To install the dhcp6 port, cd to the /usr/ports/net/dhcp6 directory on your FreeBSD 6.2 system and, as root, type make install:

# cd /usr/ports/net/dhcp6
# make install

The installation will place three startup scripts in /usr/local/etc/rc.d, which are going to need variables set in /etc/rc.conf in order to start. We'll discuss each of these files here.

dhcp6c

dhcp6c works as a DHCPv6 client and gets information from DHCPv6 servers to configure the specified interface. Multiple interfaces can be specified separated by spaces or tabs, in which case dhcp6c will work on all the interfaces simultaneously.

Since we're setting up a DHCP6 server, we do not want or need to start this process. Go to DHCP6 Client for installation and configuration of this process.

dhcp6relay

dhcp6relay acts as an intermediary to deliver DHCPv6 messages between clients and servers, and is on the same link as a client. dhcp6relay needs command line arguments interface ..., which specifies the list of links accommodating clients.

Again, since we're setting up a DHCP6 server, we do not want or need to start this process. Go to DHCP6 Client for installation and configuration of this process.

dhcp6s

dhcp6s replies to DHCPv6 client as DHCPv6 server. dhcp6s can give the following information to clients.

  • IPv6 prefixes for the requesting site
  • Non-temporary IPv6 addresses
  • A list of the DNS server addresses
  • DNS Domain Search List
  • A list of the NTP server addresses
  • A list of the SIP server addresses
  • SIP Server domain name
  • A list of the NIS server addresses
  • NIS domain name
  • A list of the NIS+ server addresses
  • NIS+ domain name
  • A list of the BCMCS server addresses
  • BCMCS Server domain name

Configuring dhcp6s

  1. Immediately after installation, there are a sample configuration file, dhcp6s.conf.sample, which we need to move to dhcp6s.conf:
    # cp dhcp6s.conf.sample dhcp6s.conf
  2. Now that we have a configuration file to work with, open the file with your favorite text editor. At the top of the file, you'll notice the following line:
    option domain-name-servers 2001:db8::35;

    Change the IPv6 address to that of your DNS server. In the case of our network, we've got the following entry:

    option domain-name-servers 2001:4980:1:111::149;
  3. The next example section is for DHCP assigned static addresses. These are useful for servers (in some cases) and laptops. It's always been my preference as an admin to leave my laptop in a DHCP configuration. At the office, I can do this, and still have a static IP address by configuring the DHCP server to assign a specific address based on the machine's MAC or hardware address. To setup a static host, use the example in the file as a reference. For the purposes here, we're going to comment this example out.
  4. Now we need to assign an interface on which to listed for DHCP requests. For this example, we're going to use exact configuration they have in the example file. To explain what's there, look at the statement:
    interface fxp0 {
           address-pool pool1 3600;
    };
    
    What we have, is a definition for interface fxp0, and we're specifying the use of address-pool named pool1, which will have a lifetime of 3600 seconds.
  5. Finally, we have the pool definition. This is the section that defines which IP addresses we want to hand out to systems sending a request. In the example config, we have:
    pool pool1 {
           range 2001:db8:1:2::1000 to 2001:db8:1:2::2000 ;
    };
    
    This directive defines a pool, named pool1. Pool1 is assigned addresses starting at 2001:db8:1:2::1000 and ending with 2001:db8:1:2::2000. Note that we're creating a pool of four thousand ninety six addresses. In the IPv4 world, that's the same as 16 entire class C networks.
    Thanks to Leland for the correction on my math error. ;)
  6. Conclusion

    This is a very quick and dirty configuration for DHCP and IPv6. There are a ton more configuration directives and, with that, a whole lot more complexity. Type man dhcp6s.conf for further configuration options.