DHCPv6 Not working?

Another noob IPv6 question.

I’ve had it generally working for a while. I have multiple VLANS and use prefix-delegation from my ISP and give each VLAN a subnet assignment and all the clients use SLAAC and get an address and work great.

Somewhat for learning and somewhat for a potential use case, I would like to try DHCPv6 internally. So I can somewhat control the addresses given using static assignment.

I thought I set it up right, but it’s not working. I created a new VLAN for this test so I don’t bring my current networks down.

I used the same config on the WAN side to assign a prefix to this new VLAN. That works and it has the ::1 address in the subnet.

I then created this DHCPV6 Server setup (these are all temporary and will be removed/deleted once it’s working):

# show service dhcpv6-server
 listen-interface bond0.100
 shared-network-name TST {
     description "Testing first dhcpv6 server"
     interface bond0.100
     option {
         name-server 2606:4700:4700::1111
         name-server 2606:4700:4700::1001
     }
     subnet 2604:f580:15f:c464::0/64 {
         interface bond0.100
         range 1 {
             start 2604:f580:15f:c464::40
             stop 2604:f580:015f:c464:ffff:ffff:ffff:ffff
         }
         static-mapping macbookpro {
             ipv6-address 2604:f580:15f:c464::2
             ipv6-prefix 2604:f580:15f:c464::/64
             mac 98:fd:b4:9a:07:bf
         }
         static-mapping tsthost {
             ipv6-address 2604:f580:15f:c464::3
             ipv6-prefix 2604:f580:15f:c464::/64
             mac BC:24:11:45:29:AE
         }
         subnet-id 100
     }
 }

I see a listening process on UDP6 546.

But no clients get an address. I have tried MacOS and a Linux VM (the mac addresses in the config). I tried without the static-mapping to see if they would just assign anything.

Nothing is ever assigned. I tried looking at server logs that contain dhcpv6 and see nothing.

Is there something I have to do to kick this into gear?

In the Ubuntu server installer, I put the VM on this VLAN, and I chose DHCPv6 during the install process and it just spins. This little line is a spinning one on the the real screen. So clearly something is not right.

image1383×324 22 KB

Can you paste output of show version?

If 1.5 rolling within roughly the last year, please also show cat /run/kea/kea-dhcp6.conf

$ show version
Version:          VyOS 1.5-rolling-202502041521
Release train:    current
Release flavor:   generic

Built by:         <myemail>
Built on:         Tue 04 Feb 2025 15:21 UTC
Build UUID:       2f6ed0ca-5af0-4688-a59f-df45b0726f5a
Build commit ID:  c1a7b705862a02

Architecture:     x86_64
Boot via:         installed image
System type:      bare metal
Secure Boot:      n/a (BIOS)

Hardware vendor:  Protectli
Hardware model:   FW4B
Hardware S/N:     123456789
Hardware UUID:    Unknown

Copyright:        VyOS maintainers and contributors

$ cat /run/kea/kea-dhcp6.conf
{
    "Dhcp6": {
        "interfaces-config": {
            "interfaces": ["bond0.100"],
            "service-sockets-max-retries": 60,
            "service-sockets-retry-wait-time": 5000
        },
        "control-socket": {
            "socket-type": "unix",
            "socket-name": "/run/kea/dhcp6-ctrl-socket"
        },
        "lease-database": {
            "type": "memfile",
            "persist": true,
            "name": "/config/dhcp/dhcp6-leases.csv"
        },
        "hooks-libraries": [
            {
                "library": "/usr/lib/x86_64-linux-gnu/kea/hooks/libdhcp_run_script.so",
                "parameters": {
                    "name": "/usr/libexec/vyos/system/on-dhcpv6-event.sh",
                    "sync": false
                }
            },
            {
                "library": "/usr/lib/x86_64-linux-gnu/kea/hooks/libdhcp_lease_cmds.so",
                "parameters": {}
            }
        ],
        "option-data": [
        ],
        "shared-networks": [
    {
        "name": "TST",
        "subnet6": [
            {
                "subnet": "2604:f580:15f:c464::0/64",
                "id": 100,
                "interface": "bond0.100",
                "pools": [
                    {
                        "pool": "2604:f580:15f:c464::40 - 2604:f580:015f:c464:ffff:ffff:ffff:ffff"
                    }
                ],
                "reservations": [
                    {
                        "hostname": "macbookpro",
                        "hw-address": "98:fd:b4:9a:07:bf",
                        "ip-addresses": [
                            "2604:f580:15f:c464::2"
                        ],
                        "prefixes": [
                            "2604:f580:15f:c464::/64"
                        ]
                    },
                    {
                        "hostname": "tsthost",
                        "hw-address": "BC:24:11:45:29:AE",
                        "ip-addresses": [
                            "2604:f580:15f:c464::3"
                        ],
                        "prefixes": [
                            "2604:f580:15f:c464::/64"
                        ]
                    }
                ]
            }
        ],
        "option-data": [
            {
                "name": "dns-servers",
                "data": "2606:4700:4700::1001"
            }
        ],
        "interface": "bond0.100"
    }
]

    }
}

It’s interesting to me that the file there has only one dns-server in option-data even though I have configured 2. Not that it’s this issue, but just interesting.

And just to show the bond0.100 interface so that I know I have the right prefix used in my configs:

$ sh int bonding bond0.100
bond0.100@bond0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 9a:96:5c:35:a0:00 brd ff:ff:ff:ff:ff:ff
    inet 10.0.100.1/24 brd 10.0.100.255 scope global bond0.100
       valid_lft forever preferred_lft forever
    inet6 2604:f580:15f:c464::1/64 scope global
       valid_lft forever preferred_lft forever
    inet6 fe80::9896:5cff:fe35:a000/64 scope link
       valid_lft forever preferred_lft forever
    Description: TST

    RX:     bytes  packets  errors  dropped  overrun       mcast
           489249     5683       0        0        0        1306
    TX:     bytes  packets  errors  dropped  carrier  collisions
         39396459    29175       0        1        0           0

I did not setup RA for this VLAN. I don’t know if that’s required. I assumed that was for SLAAC only. I have RA setup for all my others that are working SLAAC implementations.

15f and 015f is it ok or mistake? I don’t remember the format

I corrected it to be the same and removed the 0 as the assigned ip (from ISP) for that interface does not have that leading 0. It was there because I used an online cidr/ip address calculator and it inserted it.

Either way, it didn’t change anything after changing it and retrying to obtain an address.

I found this: ⚓ T5876 Dhcp bug in latest 1.5 rolling releases

It says fixed, but I seem to have the issue. I found out that when I run this command, I get the following output:

$ show dhcpv6 server statistics

WARNING: DHCP server is configured but not started. Data may be stale.

Pool    Size    Leases    Available    Usage
------  ------  --------  -----------  -------

It says it’s not running. But, I can’t find any command that I need to issue to tell it to start. I do not have the “disable” flag set. So I believe it should just start. But, it doesn’t.

RA is always needed on ipv6. It’s how router discovery is done - dhcpv6 contains no router information. To enable dhcpv6 on the VLAN you need to enable the Managed or Other flags on the RA (possibly both) without which no client will try dhcpv6.

Managed says you’re using dhcpv6 for the addressing (disables SLAAC) and Other is for everything else.
Back in the day, before RDNSS and DNSSL it was common to use dhcpv6 in a static mode with just the O flag set to provide DNS and domain search paths.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.