Dhcp

Dhcp

DHCP (Dynamic Host Configuration Protocol) is a network management protocol for assigning IP addresses and other configurations to hosts on the network.

IP6M DHCP server function is provided by the ISC Dhcpd v4.4 package, found in the Ubuntu Linux distribution. It has two separated process for IPv4 and IPv6, differentiated by the -4 and -6 command line options.

The two processes listed by the "ps" command:

dhcpd -user dhcpd -group dhcpd -f -4 -pf /run/dhcp-server/dhcpd.pid -cf /etc/dhcp/dhcpd.conf
dhcpd -user dhcpd -group dhcpd -f -6 -pf /run/dhcp-server/dhcpd6.pid -cf /etc/dhcp/dhcpd6.conf

The two server can be controlled independently by the following commands:

# service isc-dhcp-server [start|stop|restart]

# service isc-dhcp-server6 [start|stop|restart]

The next pages show the detailed configurations.

thomas Fri, 10/04/2019 - 16:08

Dhcp Version 4

Dhcp Version 4

The DHCP version 4 process is responsible for IPv4 address configuration for cable modems, MTA-s and CPE devices. IPv4 addressing still necesery for all devices, because most of the Internet uses only IPv4 nowadays. Actual dhcpd.conf can be checked under "/ip6m_dhcp/dhcpd" url of a working IP6M instance.

The configuration file has the following sections:

  1. header, global options
  2. dhcp classes
  3. subnets
  4. hosts

 

Global options

option option-122 code 122 = string;
next-server 192.168.89.10;
omapi-port 7911;
log-facility local7;
log(info, concat("LEASE LOG|", pick-first-value(binary-to-ascii(10, 8, ".", leased-address), ""), "|", binary-to-ascii(16, 8, ":", option agent.remote-id), "|", binary-to-ascii(16, 8, ":", option dhcp-client-identifier)));
option option-120 code 120 = unsigned integer 32;
option option-120 0;
option log-servers 192.168.89.10;
option tftp-server-name "192.168.89.10";
option space packetcable;
option packetcable.primary-dhcp-server code 1 = ip-address;
option packetcable.secondary-dhcp-server code 2 = ip-address;
option packetcable.provisioning-server code 3 = { boolean, ip-address };
option packetcable.as-request-timers code 4 = { unsigned integer 32, unsigned integer 32, unsigned integer 32 };
option packetcable.ap-request-timers code 5 = { unsigned integer 32, unsigned integer 32, unsigned integer 32 };
option packetcable.kerberos-realm-name code 6 = text;
option packetcable.kerberos-use-tgt code 7 = boolean;
option packetcable.provisioning-timer code 8 = unsigned integer 8;
option packetcable.new-provisioning-server code 15 = { boolean, ip-address };
option packetcable-encapsulation code 122 = encapsulate packetcable;
option option-66 code 66 = string;
option packetcable.primary-dhcp-server 192.168.89.10;
option packetcable.secondary-dhcp-server 192.168.89.10;
option packetcable.provisioning-server true 192.168.89.10;
option packetcable.kerberos-realm-name "\005BASIC\0011\000";
option packetcable.kerberos-use-tgt false;
option time-servers 192.168.89.10;
option time-offset 0;
option domain-name "ip6m.net";
use-host-decl-names on;

Most of these lines define packetcable.* options (option-122 dhcp option), which is required for docsis voip mta configuration.

192.168.89.10 is a sample IPv4 address of the IP6M server.

 

DHCP Classes

 

Dhcp classes needed when ip address assignment cannot be static based on the client's mac address, because it doesn't known, but it has to be done based on other information, for example the dhcp forwarding agent that sent the dhcp request to the server. This is the typical situation when the server has to assign IP address to an unknown mac address behind a known cable modem.

An example of such a class is:

class "CMTS-1" {
  match if (
    (option agent.remote-id = 44:32:C8:21:9:E7) and (option dhcp-client-identifier != 1:44:32:C8:21:09:E8) and (option dhcp-client-identifier != ff:c8:21:09:e8:0:3:0:1:44:32:c8:21:9:e8) or
    (option agent.remote-id = 44:32:C8:41:8C:67) and (option dhcp-client-identifier != 1:44:32:C8:41:8C:68) and (option dhcp-client-identifier != ff:c8:41:8c:68:0:3:0:1:44:32:c8:41:8c:68) or
    (option agent.remote-id = 0:1E:6B:E6:B4:A5) and (option dhcp-client-identifier != 1:00:1E:6B:E6:B4:A6) and (option dhcp-client-identifier != ff:6b:e6:b4:a6:0:3:0:1:0:1e:6b:e6:b4:a6) or
    (option agent.remote-id = C:EE:E6:E5:35:2C) and (option dhcp-client-identifier != 1:0C:EE:E6:E5:35:2D) and (option dhcp-client-identifier != ff:e6:e5:35:2d:0:3:0:1:c:ee:e6:e5:35:2d) or
    (option agent.remote-id = 90:6E:BB:54:F0:D0) or
    (option agent.remote-id = 0:11:E6:F2:2C:94) and (option dhcp-client-identifier != 1:00:11:E6:F2:2C:95) and (option dhcp-client-identifier != ff:e6:f2:2c:95:0:3:0:1:0:11:e6:f2:2c:95)   );
}

Let's analyze the first row:

(option agent.remote-id = 44:32:C8:21:9:E7) and (option dhcp-client-identifier != 1:44:32:C8:21:09:E8) and (option dhcp-client-identifier != ff:c8:21:09:e8:0:3:0:1:44:32:c8:21:9:e8)

A dhcp request is matched if its forwarding agent is "44:32:C8:21:9:E7", and its dhcp client id (until Docsis 2.0 mac address) is not (!=) one of the other two identifiers. In this example the other two identifier is the ID of the voip MTA in the cable modem, so only other mac addresses will match in this class. The MTA will get it's IP address in an other class or static assignment.

 

Subnets

 

A typical subnet declaration with dynamic ip assigment to CPE devices based on the class above is the following:

subnet 10.2.0.0 netmask 255.255.0.0 {
  option subnet-mask 255.255.0.0;
  option broadcast-address 10.2.255.255;
  option routers 10.2.0.1;
  option time-servers 192.168.89.10;
  option time-offset 7200;
  option domain-name-servers 8.8.8.8, 8.8.4.4;
  max-lease-time 7200;
  default-lease-time 7200;
  server-identifier 192.168.89.10;
  pool {
    allow members of "CMTS-1";
    range 10.2.0.100 10.2.255.254;
  }
}

Of course, every class and other networks need to have their own subnet declaration. A minimal subnet declaration like this:

subnet 192.168.89.0 netmask 255.255.255.0 {
}

is needed for the server local network, even if we don't want to server any clients in this subnet.

 

Hosts

 

Docsis cable modems, MTA-s have their own host records as follows:

host modem-2 {
	hardware ethernet 44:32:c8:21:09:e7;
	fixed-address 10.1.0.3;
	filename "cm/cm-2.cfg";
}
host modem-3 {
	hardware ethernet 44:32:c8:41:8c:67;
	fixed-address 10.1.0.4;
	filename "cm/cm-3.cfg";
}
host modem-4 {
	hardware ethernet 00:1e:6b:e6:b4:a5;
	fixed-address 10.1.0.5;
	filename "cm/cm-4.cfg";
}

These records fairly simple, the request that matches the ethernet mac address gets the ip address defined in the "fixed-address" field and a "filename" option that is required by cable modems, where they find their configuration file to download by TFTP. (See next section)

A complete, working dhcp.conf file is generated by IP6M if you install the "ip6m_testdata" module, or add your own configuration.

 

thomas Mon, 10/07/2019 - 13:48

Dhcp Version 6

Dhcp Version 6

IPv6 DHCP configuration (/etc/dhcp/dhcpd6.conf) has the following sections:

  1. Global options
  2. Cablelabs options
  3. Subnets
  4. Hosts

 

Global options provided by the Dhcpd distribution package. IP6M adds its own data via include:

include "/etc/dhcp/ip6m-dhcpd6.conf";

at the end of the default dhcpd6.conf file. The content of this file is the following. A complete, working example of this config file can be found in IP6M under the " /ip6m_dhcp/dhcpd6" path if the "ip6m_testdata" module is enabled.

Cablelabs options definition

# declare the option space where the CableLabs options live
option space docsis code width 2 length width 2 hash size 100;
option docsis.tftp-servers code 32 = array of ip6-address;
option docsis.configuration-file code 33 = text;
option docsis.syslog-servers code 34 = array of ip6-address;
option docsis.device-id code 36 = string;
option docsis.time-servers code 37 = array of ip6-address;
option docsis.time-offset code 38 = signed integer 32;
option vsio.docsis code 4491 = encapsulate docsis;

Subnets

Similar to the IPv4 configuration, a subnet declaration is needed for the server's local network. This assumes, that the server has its IPv6 address assigned from the 2001:db8::/64 network, e.g.: 2001:db8::10/64

subnet6 2001:db8::/64 {
	range6 2001:db8::100 2001:db8::110;
}

Subnet declaration for a network behind a Docsis CMTS with IPv6 prefix delegating:

subnet6 2001:db8:4:11::/64 {
	range6 2001:db8:4:11::2 2001:db8:4:11::100;
	prefix6 2001:db8:4:100:: 2001:db8:4:200:: /64;
	option docsis.syslog-servers 2001:db8::10;
	option docsis.time-servers 2001:db8::10;
	option docsis.tftp-servers 2001:db8::10;
	option docsis.time-offset 3600;
}

Hosts in this subnet receive IP address from range 2001:db8:4:11::2 -> 2001:db8:4:11::100 and a delegated /64 prefix from the 2001:db8:4:100:: to 2001:db8:4:200:: range. This prefix is used in the customer's local network to assign unique, public IP addresses to every host. This is the main difference between IPv4 and IPv6 nowadays, when IPv4 networks use private ip addresses translated to the one public address assigned to the CPE router.

Hosts

host modem-2 {
	hardware ethernet 44:32:c8:21:09:e7;
	fixed-address6 2001:db8:4:11::4432:c821:09e7;
	option docsis.configuration-file "cm/cm-2.cfg";
}
host modem-3 {
	hardware ethernet 44:32:c8:41:8c:67;
	fixed-address6 2001:db8:4:11::4432:c841:8c67;
	option docsis.configuration-file "cm/cm-3.cfg";
}
host modem-4 {
	hardware ethernet 00:1e:6b:e6:b4:a5;
	fixed-address6 2001:db8:4:11::001e:6be6:b4a5;
	option docsis.configuration-file "cm/cm-4.cfg";
}

Host declarations for Docsis cable modems are very similar to the IPv4 version. IP6M calculates fix IP addresses from the cable modem's mac address.

 

 

thomas Mon, 10/07/2019 - 20:24