1Short notice about DHCPv4 over DHCPv6 aka RFC 7341 2-------------------------------------------------- 3Note well: this code is still somewhat experimental and any user 4should take care when trying to use it. 5 6GENERAL 7The purpose of DHCPv4 over DHCPv6 (RFC7341) is to encapsulate 8a DHCPv4 request within a DHCPv6 request in order to transmit 9it across a v6 only network. This feature may become useful 10when, during the transition from a v4 to a v6 network, there 11are still v4 clients at the edges and v4 servers in the center 12but the links between them are v6 only. 13 14In order to support this functionality we have chosen to use 15two processes each for the client and server. In both pairs 16one process handles the DHCPv4 processing and the other handles 17the DHCPv6 processing. 18 19The topology is thus something like this: 20 21 Client processes network Server processes 22DHCPv4 <-> DHCPv6 <--ipv6--> DHCPv6 <-> DHCPv4 23 24The v6 client and server processes can continue to process 25DHCPv6 packets as normal but will also allow a DHCPv4 process 26to connect to them via a socket. The DHCPv4 client will pass 27a request to the DHCPv6 client which will encapsulate it within 28a DHCPv6 request which is sent to the DHCPv6 server (possibly 29via DHCPv6 relays). When the DHCPv6 server receives the packet 30it will get the DHCPv4 query and pass it to the DHCPv4 31server. The response will by handled in a similar fashion. 32 33When starting up the paired processes one should take care that 34they use different files for configuration, leases and process IDs. 35 36LOCALIZATION 37Normally the DHCPv4 server choose a subnet based on a number of options: 38 - follow the Relay Agent Link Selection option if exists 39 - follow the Subnet Selection option if exists 40 - use the relay address if relayed 41 - use the receiving interface 42 43With the exception of the last case the address must match a subnet address. 44Unfortunately when using DHCPv4 over DHCPv6 this information is not available 45in the packet, to quote RFC 7341: 46 47 Since the DHCPv4 message is encapsulated in the DHCPv6 message, it 48 lacks the information that is typically used by the DHCPv4 server, 49 implementing [RFC2131], to make address- allocation decisions, 50 e.g., giaddr for relayed messages and IPv4 address of the interface 51 that the server is using to communicate with a directly connected 52 client. 53 54In DHCPv4 over DHCPv6, there are a mixture of IPv6 and IPv4 addresses. 55The DHCPv4 over DHCPv6 server externally uses only IPv6 addresses, 56even on the DHCPv4 side, so shared networks associated with directly 57attached interfaces are identified by subnet6 declarations. 58For this reason, the DHCPv4 side shouldn't request an interface 59vai the command line or configuration file: all usable interfaces 60will be requested (i.e., standard behavior when no interface is 61specified in the command line or configuration file) and it is 62not an error to have an interface with an address and no matching 63subnet6 declaration, nor an error to have no usable interfaces 64(i.e., fully relayed or routed topologies are accepted). 65 66Note also there is no involved DHCPv4 relays (DHCPv4 messages are 67directly encapsulated into DHCPv6 DHCPv4-query/DHCPv4-response 68messages by clients and servers as there is no cross DHCP version 69relays specified by RFC 7341) so to get a Relay Agent option or 70a relay address are very unlikely cases. 71 72So the procedure is: 73 - follow the Relay Agent Link Selection option if exists 74 - follow the DHCPv4 Subnet Selection option if exists 75 - use the DHCPv4 relay address if DHCPv4 relayed 76 - when DHCPv6 relayed, use the first relay with an usable (i.e., not 77 unspecified or link-local) address 78 - use the receiving interface 79 80The basic network configuration is something like this: 81---- 82shared-network "link1" { 83 subnet6 2001:db8:1:1::/64 { } 84 85 subnet 192.168.1.0 netmask 255.255.255.0 { 86 range 192.168.1.100 192.168.1.199; 87 } 88} 89---- 90 91This groups the 2001:db8:1:1::/64 subnet with the 192.168.1.0 subnet. 92When the a DHCPv4 over DHCPv6 client uses the 2001:db8:1:1::10 IPv6 address 93it will get an address from 192.168.1.1xy assigned. 94 95There is one remaining question: on which interface should 96a DHCPv4 over DHCPv6 client apply the assigned IPv4 address? 97RFC 7341 does not really help: 98 Before applying for an IPv4 address via a DHCPv4-query message, the 99 client must identify a suitable network interface for the address. 100 Once the request is acknowledged by the server, the client can 101 configure the address and other relevant parameters on this 102 interface. The mechanism for determining a suitable interface is out 103 of the scope of the document. 104 105The ISC DHCP answer is the IPv4 address is (in fact is required to be) 106specified in the command line of the DHCPv4 side of the DHCPv4 over DHCPv6 107client. BTW in the usual case where the upstream interface is IPv6 only, 108the IPv4 interface will be a different one. 109 110 111 HOW TO USE 112 ---------- 113 114 115CONFIGURATION 116By default the DHCPv4 over DHCPv6 code is disabled and in order to use 117it you will need to configure it. Note that this code requires that the 118dhcpv6 code be enabled (it is enabled by default.) 119 120 ./configure --enable-dhcpv4o6 121 122CLIENT SETUP 123The client runs both a DHCPv6 client and a DHCPv4 client on the second 124Ethernet eth1. The following could be used to launch them from the 125client directory. 126 127 ./dhclient -d -v -6 -4o6 6767 -lf leases6 -pf pid6 eth1 128 129and 130 131 ./dhclient -d -v -4 -4o6 6767 -lf leases4 -pf pid4 eth1 132 133In this case we are using the port pair 6767 and 6768 for communication 134and one can start or stop either client as necessary (though if the 135v6 client is stopped the v4 client won't be able to contact a server). 136The lease files are leases4 and leases6 and the process id files are pid4 and 137pid6. You would probably put the files elsewhere. 138 139For testing purposes it is best to run the two clients in the foreground 140and in separate windows. 141 142SERVER SETUP 143As with any DHCP servers you will need to ensure there is a path from 144the clients to the servers - any firewalls must allow DHCPv6 traffic 145through. You should also verify no other DHCP servers are running 146and will conflict with the DHCPv4 over DHCPv6 pair. 147 148The server VM must have both IPv4 and IPv6 addresses. On a system 149running Fedora with the second interface named eno33554984, 150the commands are: 151 152 ip addr add 10.10.10.1/24 dev eno33554984 153 154and 155 156 ip -6 addr add 2001:db8:1:1::1/64 dev eno33554984 157 158Note that in theory the IPv4 address is not required but: 159 - there are some DHCPv4 clients which refused responses with no or an 160 invalid server-id 161 - this avoids messages about being unable to find a subnet to configure or 162 something similar 163 164Both ISC DHCP and Kea use 2 processes to manage DHCPv4-over-DHCPv6, one 165in charge of DHCPv6, the other in charge of DHCPv4. They communicate via UDP. 166 167ISC DHCP DHCPv6 SERVER 168The dhcpd.conf6 example configuration file is: 169---- 170# DHCPv6 conf 171 172authoritative; 173 174default-lease-time 3600; 175max-lease-time 7200; 176 177option dhcp6.dhcp4-o-dhcp6-server 2001:db8:1:1::1; 178 179subnet6 2001:db8:1:1::/64 { 180 range6 2001:db8:1:1::1:0/112; 181} 182---- 183 184The server is launched from the server directory by: 185 186 ./dhcpd -f -d -6 -4o6 6767 -cf ./dhcpd.conf6 -lf ./leases6 -pf ./pid6 eno33554984 187 188As with the client above the servers are using the port pair 6767 and 6768 189to communicate. The leases file (leases6) must be created before attempting 190to start the server. 191 192ISC DHCP DHCPv4 SERVER 193The dhcpd.conf4 example configuration file is: 194---- 195# DHCPv4o6 conf 196 197authoritative; 198 199default-lease-time 3600; 200max-lease-time 7200; 201 202shared-network "eno33554984" { 203 subnet6 2001:db8:1:1::/64 { } 204 205 subnet 10.10.10.0 netmask 255.255.255.0 { 206 range 10.10.10.100 10.10.10.199; 207 } 208} 209---- 210 211The server is launched from the server directory by: 212 213 ./dhcpd -f -d -4 -4o6 6767 -cf ./dhcpd.conf4 -lf ./leases4 -pf ./pid4 214 215Note that the port specification must be the same as used with the v6 server 216and that the configuration, lease and process id files should have different 217names. Again the The leases file (leases4) must be created before attempting 218to start the server. 219 220Finally note in the configuration file the use of the shared-network to 221connect the DHCPv4 and DHCPv6 subnets. 222 223USE WITH DHCPv6 RELAY(s) 224If the DHCPv6 infrastructure uses one (or more) relay because the client 225and the server are not on the same link the best choice is to put the 226first (closest to client) relay address in the dhcp4-o-dhcp6-server 227option so the same path between the DHCPv6 client part and server part 228will be used for DHCPv6 and DHCPv4-over-DHCPv6 traffic. 229