From 861c89141a828939cd5266866dfba89cacfba259 Mon Sep 17 00:00:00 2001 From: Simon Kelley Date: Wed, 25 Sep 2013 15:30:30 +0100 Subject: [PATCH] Change rules for constructing DHCPv6 ranges. --- CHANGELOG | 5 +++++ man/dnsmasq.8 | 10 +++------- src/dhcp6.c | 12 +++++++----- 3 files changed, 15 insertions(+), 12 deletions(-) diff --git a/CHANGELOG b/CHANGELOG index d001a3d..c0c6661 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -119,6 +119,11 @@ version 2.67 6939 for this to work. It always works for directly connected clients. Thanks to Vladislav Grishenko for prompting this feature. + + Remove the rule for constructed DHCP ranges that the local + address must be either the first or last address in the + range. This was originally to avoid SLAAC addresses, but + we now explicitly autoconfig and privacy addresses instead. version 2.66 diff --git a/man/dnsmasq.8 b/man/dnsmasq.8 index e313d54..2b1570a 100644 --- a/man/dnsmasq.8 +++ b/man/dnsmasq.8 @@ -652,24 +652,20 @@ This forms a template which describes how to create ranges, based on the address .B --dhcp-range=::1,::400,constructor:eth0 -will look for addresses of the form ::1 or :400 on +will look for addresses on eth0 and then create a range from ::1 to ::400. If the interface is assigned more than one network, then the corresponding ranges will be automatically created, and then deprecated and finally removed again as the address is deprecated and then deleted. The interface name may have a final "*" wildcard. Note -that just any address on eth0 will not do: the non-prefix part must be -equal either the start or end address given in the dhcp-range. This is -to prevent prefixes becoming perpetual if the interface -gains a SLAAC address for the prefix when it is advertised by dnsmasq. +that just any address on eth0 will not do: it must not be an +autoconfigured or privacy address, or be deprecated. If a dhcp-range is only being used for stateless DHCP and/or SLAAC, then the address can be simply :: .B --dhcp-range=::,constructor:eth0 -This removes the condition above, and will pick up the prefix from any address on eth0 which is NOT -autoconfigured, slaac, temporary or deprecated. There is a variant of the constructor: syntax using the keyword .B constructor-noauth. diff --git a/src/dhcp6.c b/src/dhcp6.c index ef4c495..c8b1d85 100644 --- a/src/dhcp6.c +++ b/src/dhcp6.c @@ -602,6 +602,12 @@ static int construct_worker(struct in6_addr *local, int prefix, IN6_IS_ADDR_MULTICAST(local)) return 1; + if (!(flags & IFACE_PERMANENT)) + return 1; + + if (flags & IFACE_DEPRECATED) + return 1; + if (!indextoname(daemon->doing_dhcp6 ? daemon->dhcp6fd : daemon->icmp6fd, if_index, ifrn_name)) return 0; @@ -618,11 +624,7 @@ static int construct_worker(struct in6_addr *local, int prefix, } } - else if ((addr6part(local) == addr6part(&template->start6) || - addr6part(local) == addr6part(&template->end6) || - (IN6_IS_ADDR_UNSPECIFIED(&template->start6) && - IFACE_PERMANENT == (flags & (IFACE_PERMANENT | IFACE_DEPRECATED)))) && - wildcard_match(template->template_interface, ifrn_name)) + else if (wildcard_match(template->template_interface, ifrn_name)) { start6 = *local; setaddr6part(&start6, addr6part(&template->start6));