DHCP mit IPv6

samedi 4 février 2017

Hallo zusammen,

ich hätte da mal gern ein Problem :-)

Ich versuche gerade meinen Verbund von CentOs 7.2 Maschinen auf IPv6 umzustellen und scheitere kläglich am DHCP.
Mein DHCP ist konfiguriert und tut auch seinen Job - nur eben falsch. Die Clients bekommen immer eine IPv6 Adresse mit der SNM /128. Dadurch sind sie im Netzwerk nicht erreichbar. Konfiguriert hatte ich eine /64 Adressen (zumindest glaube ich das)
Verbindungen über IPv4 funktionieren ganz normal.

Meine Konfiguration sieht wie folgt aus:

DHCP-Server:Netzwerk Konfiguration:
2 Netzwerkadapter: enp0s3 (Verbindung nach außen), enp0s8 (internes Lan für die VMs)
IPv6 Adressen sollen nur über enp0s8 verteilt werden
Code:

[root@VMDH01 ~]# cat /etc/sysconfig/network-scripts/ifcfg-enp0s8
TYPE=Ethernet
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=no
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
NAME=enp0s8
UUID=c91b0d9d-5a8a-49c5-bd95-f668d1a26ff6
DEVICE=enp0s8
ONBOOT=yes
IPADDR=10.0.1.1
PREFIX=24
IPV6ADDR=2001:1000:aaaa:100::1/64
IPV6_PRIVACY=no

Die Ausgabe mit
Code:

ip a
sie wie folgt aus:
Code:

[root@VMDH01 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
      valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
      valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 08:00:27:cb:27:ec brd ff:ff:ff:ff:ff:ff
    inet 10.4.10.47/16 brd 10.4.255.255 scope global dynamic enp0s3
      valid_lft 863277sec preferred_lft 863277sec
    inet6 fd00::a00:27ff:fecb:27ec/64 scope global noprefixroute dynamic
      valid_lft 7043sec preferred_lft 3443sec
    inet6 fe80::a00:27ff:fecb:27ec/64 scope link
      valid_lft forever preferred_lft forever
3: enp0s8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 08:00:27:b8:44:d9 brd ff:ff:ff:ff:ff:ff
    inet 10.0.1.1/24 brd 10.0.1.255 scope global enp0s8
      valid_lft forever preferred_lft forever
    inet6 2001:1000:aaaa:100::1/64 scope global
      valid_lft forever preferred_lft forever
    inet6 fe80::a00:27ff:feb8:44d9/64 scope link
      valid_lft forever preferred_lft forever

Die /etc/dhcp/dhcpd6.conf sie wie folgt aus:
Code:

[root@VMDH01 ~]# cat /etc/dhcp/dhcpd6.conf
#
# DHCPv6 Server Configuration file.
#  see /usr/share/doc/dhcp*/dhcpd6.conf.example
#  see dhcpd.conf(5) man page
#
# IPv6 address valid lifetime
#  (at the end the address is no longer usable by the client)
#  (set to 30 days, the usual IPv6 default)
default-lease-time 2592000;

# IPv6 address preferred lifetime
#  (at the end the address is deprecated, i.e., the client should use
#  other addresses for new connections)
#  (set to 7 days, the  usual IPv6 default)
preferred-lifetime 604800;

# T1, the delay before Renew
#  (default is 1/2 preferred lifetime)
#  (set to 1 hour)
option dhcp-renewal-time 3600;

# T2, the delay before Rebind (if Renews failed)
#  (default is 3/4 preferred lifetime)
#  (set to 2 hours)
option dhcp-rebinding-time 7200;

# Enable RFC 5007 support (same than for DHCPv4)
allow leasequery;

# Global definitions for name server address(es) and domain search list
option dhcp6.name-servers fd00::a96:d7ff:fe16:3b89;
option dhcp6.domain-search "fritz.box";

# Set preference to 255 (maximum) in order to avoid waiting for
# additional servers when there is only one
option dhcp6.preference 255;

# Server side command to enable rapid-commit (2 packet exchange)
option dhcp6.rapid-commit;

# The delay before information-request refresh
#  (minimum is 10 minutes, maximum one day, default is to not refresh)
#  (set to 6 hours)
option dhcp6.info-refresh-time 21600;

# The path of the lease file
dhcpv6-lease-file-name "/var/lib/dhcpd/dhcpd6.leases";

#  (i.e., the server has an address in this subnet)
subnet6 2001:1000:aaaa:100::/64 {
        range6 2001:1000:aaaa:100::10  2001:1000:aaaa:100::210;

        # Use the whole /64 prefix for temporary addresses
        #  (i.e., direct application of RFC 4941)
        # range6 3ffe:501:ffff:100:: temporary;

        # Some /64 prefixes available for Prefix Delegation (RFC 3633)
        prefix6 2001:1000:aaaa:100:: 2001:1000:aaaa:101:: /64;
}

Konfiguration auf dem Client:
Netzwerkadapter: enp0s3 (internes lan)
Code:

[root@VMKI01 ~]# cat /etc/sysconfig/network-scripts/ifcfg-enp0s3
TYPE="Ethernet"
BOOTPROTO="dhcp"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF=no
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
NAME="enp0s3"
UUID="4591512f-da12-4772-89c1-73dc6c816eb1"
DEVICE="enp0s3"
ONBOOT="yes"
PEERDNS=yes
PEERROUTES=yes
DHCPV6C=yes

Die Ausgabe mit
Code:

ip a
sieht wie folgt aus:
Code:

[root@VMKI01 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
      valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
      valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 08:00:27:0c:0d:53 brd ff:ff:ff:ff:ff:ff
    inet 10.0.1.4/24 brd 10.0.1.255 scope global dynamic enp0s3
      valid_lft 436sec preferred_lft 436sec
    inet6 2001:1000:aaaa:100::210/128 scope global dynamic
      valid_lft 2591838sec preferred_lft 604638sec
    inet6 fe80::a00:27ff:fe0c:d53/64 scope link
      valid_lft forever preferred_lft forever

Auch verstehe ich nicht, das die letzte Adresse aus der IP-Range vergeben wird, statt der ersten.

Ich bin für jede Hilfe Danke.

Viele Güße


0 commentaires:

Enregistrer un commentaire

 

Lorem

Ipsum

Dolor