Disclaimer: by no means I’m an IPv6 expert and I’m not going to teach on different IPv6 configuration options and basics. In this post, I will focus solely on a specific subject.

---

As a part of my IPv6 learning path I played with stateful DHCPv6 and spent all weekends to sort one interesting. Here is my simple network setup:

basically, two private networks connected to a router.

1. UDM Pro router
2. L2 switch
3. DHCPv6 stateful server
4. DHCPv6 client
5. IPv6 network: fd00:0:0:4::/64

The problem: clients receive IPv6 address from DHCPv6 and cannot communicate in same network using LUA (fd00) addresses.

A brief description of stateful DHCPv6

There are a lot of articles in internet on IPv6 autoconfiguration, SLAAC and other stateless stuff. It is good in theory, but any sort of autonomous configuration in enterprise networks isn’t the best idea. For example, in Active Directory environment you would like to control IP address assignment and registration in DNS server. Therefore I went through stateful DHCPv6 option. DHCPv6 installation and configuration in Windows Server is pretty straightforward and I won’t focus on it, except few moments.

DHCPv6 message exchange is slightly different than DHCPv4 and it looks like this:

In IPv4, client never queries local router and immediately broadcasts with DHCP DISCOVER. This is another change in IPv6, DHCPv6 no longer supplies default gateway address to clients and this task is delegated to routers. If you are a router, then you advertise yourself as router and you can easily (to some extent) can have multiple routers connected to network and both can act as default gateway. And you don’t need to re-configure DHCP options to change default gateway. And considering that DHCP leases often measured in days, this can be problematic.

Anyway, client sends a Router Solicitation (RS) multicast (literally, broadcast, but it doesn’t matter) to discover routers on a network. If router is connected, it responds to client with Router Advertisement (RA). This response do two things:

1. inform client about router presence on a network and an ability to perform routing on a network;
2. RA configuration options, or with complete information on how client should configure IPv6 address on interface.

Then client sends DHCP Solicitation multicast to discover and communicate with DHCPv6 server (if presented) to acquire stateful IPv6 address. Many articles in internet discuss cases when IPv6 router acts as DHCPv6 server, or other non-interesting stuff, such as stateless DHCPv6 or SLAAC. Cases with dedicated stateful DHCPv6 are more scarce and almost neither forum/blog helped me directly.

Problem identification

In fact, DHCPv6 client can acquire stateful configuration from DHCPv6 without RS/RA part. Router is not required. However, my observation showed that clients cannot communicate with each other using stateful IP addresses if there are no Router Advertisement messages. Even on same VLAN/network. The only communication way is to use only link-local addresses, no exceptions. And it was strange, because my router (UDM Pro) is connected to network and configuration shows that it should broadcast with RA:

Although IPv6 RA is checked, there are no RAs floods on a network. Next thing was to check if IGMP snooping is disabled:

IPv6 actively uses multicast and you MUST ensure that you don’t have IGMP Snooping enabled on IPv6 interface, because IGMP Snooping will effectively drop all multicast.

So far, so good, IGMP Snooping is not enabled. Next thing was to check if there is any RS/RA message flow on UDM using tcpdump:

# sudo tcpdump -npi switch0.110 "icmp6 && ip6[40] == 133 || ip6[40] == 134"
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on switch0.110, link-type EN10MB (Ethernet), capture size 262144 bytes
19:49:54.087839 IP6 fe80::6429:78ec:3b8c:42d6 > ff02::2: ICMP6, router solicitation, length 16
19:49:58.087014 IP6 fe80::6429:78ec:3b8c:42d6 > ff02::2: ICMP6, router solicitation, length 16
19:50:02.089967 IP6 fe80::6429:78ec:3b8c:42d6 > ff02::2: ICMP6, router solicitation, length 16

As you can see, UDM receives RS messages and never responds with RA. I was a big fan of Ubiquiti and their hardware, had very good experience with their USG. But upgrade to UDM Pro was a bit step back, because a lot of things I use are broken there. And here is another, IPv6 RA. It seems, there is a dependency between Enable “IPv6 Router Advertisement” and “Enable DHCPv6” checkboxes. If latter is unchecked, then former has no effect. RAs are disabled when UDM doesn’t run DHCPv6.

I searched all Ubiquiti’s forums and actively looked at second page of google.

Solution development

Based on research it appears that UDM uses dnsmasq to implement DNS and DHCP functionality and have to use SSH to change things. First of all, dnsmasq configuration is stored in /run/dnsmasq.conf.d/. There already are several files that start with dhcp.dhcpServers-{network name}.conf. In fact, file name format is irrelevant here. I wouldn’t recommend to modify existing files, instead you should drop your own file with custom settings.

I found a great tutorial on dnsmasq config file options. I compiled the following file:

# specify the interface. In my case it is VLAN 110, so interface is br110.
# You can consult with ‘ifconfig’ to determine your own interface name
interface=br110
# here is a tricky part
# you MUST specify network prefix (first 64 bits) and option ‘ra-only’.
# This effectively resets M (Managed configuration) and O (Others flags).
# Tests show that you can remove ‘ra-only’ flag and keep only network prefix.
# It is the only mandatory part in ‘dhcp-range’ line.
dhcp-range=fd00:0:0:4::,ra-only
# enable Router Advertisement
enable-ra

put this content in /run/dnsmasq.conf.d/ directory and restart dnsmasq daemon.

However, it is only part of solution. Another problem is that custom config file won’t survive UDM reboot and you loose all changes.

After digging into this problem, I found a neat package from boostchicken called UDM / UDMPro Boot Script. Steps to install the package on main page. Now, you are allowed to host custom files and startup scripts on your UDM/UDM Pro device in /mnt/data/on_boot.d/ location (outside of unifi OS context). You basically create a custom script in that folder (file name doesn’t matter as long as it uses .sh file extension). Here is the content of script file:

#!/bin/sh

echo "interface=br110
dhcp-range=fd00:0:0:4::,ra-only
enable-ra" > /run/dnsmasq.conf.d/ipv6-ra.conf

this will write dnsmasq configuration file to runtime configuration directory. And fire reboot command to restart UDM. After restart you should see RS/RA flow:

# sudo tcpdump -npi switch0.110 "icmp6 && ip6[40] == 133 || ip6[40] == 134"
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on switch0.110, link-type EN10MB (Ethernet), capture size 262144 bytes
20:41:44.232009 IP6 fe80::6429:78ec:3b8c:42d6 > ff02::2: ICMP6, router solicitation, length 16
20:41:44.232784 IP6 fe80::d823:b7ff:fee6:ac07 > fe80::6429:78ec:3b8c:42d6: ICMP6, router advertisement, length 88

Next Questions

I don’t know if it is possible to disable A (autonomous) flag in RA options, which is always enabled. When this bit is set to 1, IPv6 client perform autonomous IPv6 address configuration in advertised network prefix along to DHCP-received, for example:

   IPv6 Address. . . . . . . . . . . : fd00:0:0:4::424b
   IPv6 Address. . . . . . . . . . . : fd00::4:6429:78ec:3b8c:42d6

Windows client receives one address from a stateful DHCPv6 server (first line) and another which is autoconfigured because of A bit enabled in RA message. I wouldn’t mind of this, but this address is also registered in DNS, thus every host now has at least two AAAA records: from DHCP and autoconfiguration. Neither of my configuration attempts helped. I found a blog post that describes the M, O and A bit setup based on different flag combination in dhcp-range options. It appears that A bit is always set to 1.

---