Upon upgrade from dhcpcd 6.4.7 to 6.6.7 dhcpcd is now producing an incorrect prefix length for delegated netblocks being handed down from Internet service provider (see actual/expected results section below for dump of dhcpcd hook script environment for details showing what was actually produced in each version). In my case, the ISP was handing down a /64 netblock, and dhcpcd reported it as a /72. Will likely need to be referred to upstream. The incorrect prefix length causes problems as any prefix greater than a /64 causes stateless autoconfiguration to fail (this is the reason why the ISP delegates a /64). Specifically, it appears that dhcpcd is obtaining the correct prefix length but then reports and sets it later with the wrong one. Reproducible: Always Steps to Reproduce: Reproducing this bug will require an ISP that will delegate a /64 IPv6 address block via DHCPv6. Actual Results: These are the results from dhcpcd 6.6.7 showing the IPv6 request stages. Pay particular attention to the new_dhcp6_ia_pd1_prefix1_length being 64, but dhcpcd ignoring this and providing prefix of 72 in new_delegated_dhcp6_prefix. I have replaced the first three groups of my IPv6 address with 'xxxx:xxxx:xxxx' for security reasons: *********************** Thu Mar 5 10:40:38 CST 2015 ARGS: \nENV: if_oneup=true old_dhcp6_ia_pd1_prefix1=xxxx:xxxx:xxxx:fc:: old_dhcp6_server_id=000100011704964a0050569d0066 ifcarrier=up ifwireless=0 interface=eth1 new_dhcp6_client_id=000100011a9d73580001c0089f97 reason=REBIND6 new_dhcp6_ia_pd1_t2=481600 ifflags=69699 RC_SVCNAME=net.eth1 new_dhcp6_ia_pd1_t1=301000 PATH=/lib/rc/sbin:/lib/rc/bin:/bin:/sbin:/bin:/sbin:/usr/bin:/usr/sbin:/usr/bin: /usr/sbin:/usr/local/bin:/usr/local/sbin pid=3499 new_dhcp6_server_id=000100011704964a0050569d0066 PWD=/ old_dhcp6_ia_pd1_prefix1_length=64 skip_hooks=lookup-hostname mtu ntp.conf resolv.conf yp.conf interface_order=eth1 eth0 new_dhcp6_ia_pd1_prefix1_length=64 old_dhcp6_ia_pd1_prefix1_vltime=602263 new_dhcp6_ia_pd1_iaid=00000001 if_up=true new_dhcp6_ia_pd1_prefix1_pltime=602001 old_dhcp6_ia_pd1_iaid=00000001 if_down=false SHLVL=1 new_dhcp6_ia_pd1_prefix1=xxxx:xxxx:xxxx:fc:: old_dhcp6_client_id=000100011a9d73580001c0089f97 old_dhcp6_ia_pd1_prefix1_pltime=602263 old_dhcp6_ia_pd1_t2=481810 old_dhcp6_ia_pd1_t1=301131 new_dhcp6_ia_pd1_prefix1_vltime=602001 if_ipwaited=false ifmetric=3 ifmtu=1500 _=/bin/env *********************** Thu Mar 5 10:40:40 CST 2015 ARGS: \nENV: new_delegated_dhcp6_prefix=xxxx:xxxx:xxxx:fc::1/72 if_oneup=true ifcarrier=up ifwireless=0 interface=eth0 reason=DELEGATED6 ifflags=4163 RC_SVCNAME=net.eth1 PATH=/lib/rc/sbin:/lib/rc/bin:/bin:/sbin:/bin:/sbin:/usr/bin:/usr/sbin:/usr/bin: /usr/sbin:/usr/local/bin:/usr/local/sbin pid=3499 PWD=/ skip_hooks=lookup-hostname mtu ntp.conf resolv.conf yp.conf interface_order=eth1 eth0 if_up=false if_down=true SHLVL=1 if_ipwaited=true ifmetric=3 ifmtu=1500 _=/bin/env Expected Results: This is the same as the actual results, except that it is produced by dhcpcd 6.4.7: *********************** Thu Mar 5 22:01:05 CST 2015 ARGS: \nENV: if_oneup=true old_dhcp6_ia_pd1_prefix1=xxxx:xxxx:xxxx:fc:: old_dhcp6_server_id=000100011704964a0050569d0066 ifcarrier=up ifwireless=0 interface=eth1 new_dhcp6_client_id=000100011a9d73580001c0089f97 reason=REBIND6 new_dhcp6_ia_pd1_t2=483840 ifflags=4163 RC_SVCNAME=net.eth1 new_dhcp6_ia_pd1_t1=302400 PATH=/lib/rc/sbin:/lib/rc/bin:/bin:/sbin:/bin:/sbin:/usr/bin:/usr/sbin:/usr/bin: /usr/sbin:/usr/local/bin:/usr/local/sbin pid=3496 new_dhcp6_server_id=000100011704964a0050569d0066 PWD=/ old_dhcp6_ia_pd1_prefix1_length=64 skip_hooks=lookup-hostname mtu ntp.conf resolv.conf yp.conf interface_order=eth1 eth0 new_dhcp6_ia_pd1_prefix1_length=64 old_dhcp6_ia_pd1_prefix1_vltime=602001 new_dhcp6_ia_pd1_iaid=00000001 if_up=true new_dhcp6_ia_pd1_prefix1_pltime=604800 old_dhcp6_ia_pd1_iaid=00000001 if_down=false SHLVL=1 new_dhcp6_ia_pd1_prefix1=xxxx:xxxx:xxxx:fc:: old_dhcp6_client_id=000100011a9d73580001c0089f97 old_dhcp6_ia_pd1_prefix1_pltime=602001 old_dhcp6_ia_pd1_t2=481600 old_dhcp6_ia_pd1_t1=301000 new_dhcp6_ia_pd1_prefix1_vltime=604800 if_ipwaited=false ifmetric=3 ifmtu=1500 _=/bin/env *********************** Thu Mar 5 22:01:07 CST 2015 ARGS: \nENV: if_oneup=true ifcarrier=up ifwireless=0 interface=eth0 reason=DELEGATED6 ifflags=4163 RC_SVCNAME=net.eth1 PATH=/lib/rc/sbin:/lib/rc/bin:/bin:/sbin:/bin:/sbin:/usr/bin:/usr/sbin:/usr/bin: /usr/sbin:/usr/local/bin:/usr/local/sbin pid=3496 PWD=/ skip_hooks=lookup-hostname mtu ntp.conf resolv.conf yp.conf interface_order=eth1 eth0 if_up=false if_down=true SHLVL=1 new_dhcp6_prefix=xxxx:xxxx:xxxx:fc::1/64 if_ipwaited=true ifmetric=3 ifmtu=1500 _=/bin/env Below is the emerge --info and my /etc/dhcpcd.conf: [emerge --info] Portage 2.2.14 (python 2.7.9-final-0, default/linux/x86/13.0, gcc-4.7.3, glibc-2.19-r1, 3.17.8-gentoo-r1 i686) ================================================================= System uname: Linux-3.17.8-gentoo-r1-i686-Intel-R-_Atom-TM-_CPU_Z510_@_1.10GHz-with-gentoo-2.2 KiB Mem: 1023948 total, 886236 free KiB Swap: 0 total, 0 free Timestamp of tree: Sat, 28 Feb 2015 14:45:01 +0000 ld GNU ld (Gentoo 2.24 p1.4) 2.24 app-shells/bash: 4.2_p53 dev-lang/perl: 5.20.1-r4 dev-lang/python: 2.7.9-r1, 3.4.1 sys-apps/baselayout: 2.2 sys-apps/openrc: 0.13.11 sys-apps/sandbox: 2.6-r1 sys-devel/autoconf: 2.69 sys-devel/automake: 1.13.4 sys-devel/binutils: 2.24-r3 sys-devel/gcc: 4.7.3-r1 sys-devel/gcc-config: 1.7.3 sys-devel/libtool: 2.4.4 sys-devel/make: 4.1-r1 sys-kernel/linux-headers: 3.16 (virtual/os-headers) sys-libs/glibc: 2.19-r1 Repositories: gentoo kloepfer ACCEPT_KEYWORDS="x86" ACCEPT_LICENSE="*" CBUILD="i686-pc-linux-gnu" CFLAGS="-O2 -march=prescott -pipe -fomit-frame-pointer -fno-ident" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/gconf /etc/gentoo-release /etc/init.d /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo" CXXFLAGS="-O2 -march=prescott -pipe -fomit-frame-pointer -fno-ident" DISTDIR="/sysbuild/distfiles" FCFLAGS="-O2 -march=i686 -pipe" FEATURES="assume-digests binpkg-logs config-protect-if-modified distlocks ebuild-locks fixlafiles getbinpkg merge-sync news parallel-fetch preserve-libs protect-owned sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync" FFLAGS="-O2 -march=i686 -pipe" GENTOO_MIRRORS="http://distfiles.gentoo.org" LANG="C" LC_ALL="C" LDFLAGS="-Wl,-O1 -Wl,--as-needed" MAKEOPTS="-j5" PKGDIR="/sysbuild/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/space/sysbuild/portage" PORTDIR_OVERLAY="/sysbuild/overlay" SYNC="rsync://limbic/gentoo-portage" USE="acl berkdb bzip2 cli cracklib crypt cxx dri gdbm iconv ipv6 libav mmx mmxext modules ncurses nls nptl openmp pam pcre readline session sse sse2 ssl ssse3 tcpd unicode x86 zlib" ABI_X86="32" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1 emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="kexi words flow plan sheets stage tables krita karbon braindump author" CAMERAS="ptp2" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" CPU_FLAGS_X86="mmx mmxext sse sse2 sse3 ssse3" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ublox ubx" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php5-5" PYTHON_SINGLE_TARGET="python2_7" PYTHON_TARGETS="python2_7 python3_4" RUBY_TARGETS="ruby19 ruby20" USERLAND="GNU" VIDEO_CARDS="fbdev glint intel mach64 mga nouveau nv r128 radeon savage sis tdfx trident vesa via vmware dummy v4l" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" USE_PYTHON="2.7" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS [/etc/dhcpcd.conf] # A sample configuration for dhcpcd. # See dhcpcd.conf(5) for details. # Allow users of this group to interact with dhcpcd via the control socket. #controlgroup wheel # Inform the DHCP server of our hostname for DDNS. hostname # Use the hardware address of the interface for the Client ID. #clientid # or # Use the same DUID + IAID as set in DHCPv6 for DHCPv4 ClientID as per RFC4361. duid # Persist interface configuration when dhcpcd exits. persistent # Rapid commit support. # Safe to enable by default because it requires the equivalent option set # on the server to actually work. option rapid_commit # A list of options to request from the DHCP server. option domain_name_servers, domain_name, domain_search, host_name option classless_static_routes # Most distributions have NTP support. option ntp_servers # Respect the network MTU. # Some interface drivers reset when changing the MTU so disabled by default. #option interface_mtu # A ServerID is required by RFC2131. require dhcp_server_identifier # Generate Stable Private IPv6 Addresses instead of hardware based ones # slaac private # A hook script is provided to lookup the hostname if not set by the DHCP # server, but it should not be run by default. nohook lookup-hostname # Gil: Turn off ipv6rs as it doesn't allow ia_pd to work coincident, methinks # It also is incompatible with the tunnel too noipv6rs # Request a prefix from the ISP for our internal interface ia_pd 1 eth0/0 # We need this because it is necessary for DHCP prefix assignment to work interface eth0 persistent noipv4 noipv4ll noipv6 noipv6rs interface eth1 ipv6ra_own_default
> Specifically, it appears that dhcpcd is obtaining the correct prefix length but > then reports and sets it later with the wrong one. Fixed here: http://roy.marples.name/projects/dhcpcd/ci/28139d2de00fc1a8d1c58a204441af8d4f7f17c6?sbs=0 Can you test the patch please?
This patch maybe of some use as well. http://roy.marples.name/projects/dhcpcd/ci/82ee559d0983641a91f7e4819665edbcf0af1df0?sbs=0
Roy - The first patch (to dhcp6.c) appears to have fixed the problem. I will leave it running to make sure that it continues to work over time. The second patch (to if-options.c) won't apply cleanly to v6.6.7 (the first chunk fails), and I'm not sure that testing what did apply will help you too much. Can you comment here as to whether 6.7.1 has both patches applied? If so, I'll go ahead and install that version (as it is in the Gentoo portage tree) and see that it seems stable. I don't want to get too daring (ie. running trunk) with this particular system as it is the router/firewall for my net and it could lock me out of the net at an inopportune time.
Both patches are only in my fossil trunk atm. Only the 1st one is really important for you - the 2nd one is more of a config check incase you want to delegate do another iface the same prefix. as it's a /64 and you're delegating a /64 you can't and i found a loophole in the original check.
So far, the IPv6 issue has been working with the patch. I am seeing another issue that may or may not be related. The hook script is being executed at various times with the skip_hooks variable not being set as expected (in my environment, it should be "lookup-hostname mtu ntp.conf resolv.conf yp.conf" and I am seeing some instances of just "lookup-hostname" which is overwriting my resolv.conf). I notice the pid variable is also different during these times. This change has been since dhcpcd-6.6.7 was installed. I checked and there was also an update to openrc, so this could also implicated (here are the updates since March 5, when this started happening): 1425569260: >>> emerge (1 of 21) sys-libs/timezone-data-2014j to / 1425569308: >>> emerge (2 of 21) sys-libs/e2fsprogs-libs-1.42.12 to / 1425569325: >>> emerge (3 of 21) sys-devel/patch-2.7.3 to / 1425569344: >>> emerge (4 of 21) sys-devel/make-4.1-r1 to / 1425569361: >>> emerge (5 of 21) sys-boot/grub-0.97-r14 to / 1425569381: >>> emerge (6 of 21) sys-apps/dbus-1.8.16 to / 1425569404: >>> emerge (7 of 21) net-misc/rsync-3.1.1 to / 1425569421: >>> emerge (8 of 21) sys-apps/man-pages-3.78 to / 1425569458: >>> emerge (9 of 21) sys-apps/busybox-1.23.1-r1 to / 1425569476: >>> emerge (10 of 21) sys-fs/e2fsprogs-1.42.12 to / 1425569495: >>> emerge (11 of 21) sys-apps/openrc-0.13.11 to / 1425569518: >>> emerge (12 of 21) dev-lang/perl-5.20.1-r4 to / 1425569578: >>> emerge (13 of 21) perl-core/File-Temp-0.230.400-r1 to / 1425569599: >>> emerge (14 of 21) virtual/perl-File-Temp-0.230.400-r2 to / 1425569613: >>> emerge (15 of 21) perl-core/Data-Dumper-2.154.0 to / 1425569631: >>> emerge (16 of 21) virtual/perl-Scalar-List-Utils-1.380.0 to / 1425569645: >>> emerge (17 of 21) dev-perl/Digest-SHA1-2.130.0-r1 to / 1425569662: >>> emerge (18 of 21) dev-perl/Net-SSLeay-1.650.0 to / 1425569681: >>> emerge (19 of 21) net-dns/bind-tools-9.10.1_p1 to / 1425569703: >>> emerge (20 of 21) dev-perl/IO-Socket-SSL-1.967.0 to / 1425569719: >>> emerge (21 of 21) net-misc/dhcpcd-6.6.7 to / Roy: Does dhcpcd fork itself at any time during normal execution where there could be more than one instance running, or should I start looking for some udev-type issue starting another instance of dhcpcd? I'm going to try going back to the old dhcpcd again for a brief time to see if this behavior goes away before digging into a Gentoo/openrc issue (which is the only other thing I see there that would have some impact on starting dhcpcd).
(In reply to Gil Kloepfer from comment #5) > So far, the IPv6 issue has been working with the patch. Good :) > I am seeing another issue that may or may not be related. The hook script > is being executed at various times with the skip_hooks variable not being > set as expected (in my environment, it should be "lookup-hostname mtu > ntp.conf resolv.conf yp.conf" and I am seeing some instances of just > "lookup-hostname" which is overwriting my resolv.conf). That differs from the config file you posted above. Are you sure you have it set correctly? If so, please attach the config file you are now using. > I notice the pid variable is also different during these times. The pid you are seeing is the pid of the shell script running. I can't portably change the pid to the parent process unfortunately. > Roy: Does dhcpcd fork itself at any time during normal execution where > there could be more than one instance running, or should I start looking for > some udev-type issue starting another instance of dhcpcd? I'm going to try > going back to the old dhcpcd again for a brief time to see if this behavior > goes away before digging into a Gentoo/openrc issue (which is the only other > thing I see there that would have some impact on starting dhcpcd). No. dhcpcd only forks once, when daemonising. But see above for the logged pid discrepancy.
More PD fixes that maybe relevant to you from other bug reports: http://roy.marples.name/projects/dhcpcd/info/9bd1c73edccbb5e10ee5112245a08874366f6c7d http://roy.marples.name/projects/dhcpcd/info/f3ff6dcb12d13d27598dc836d3ac33a5e8701853 http://roy.marples.name/projects/dhcpcd/info/86ade2e1919fd333bdaa210cef978a56714ef98b http://roy.marples.name/projects/dhcpcd/info/3522f625f3849acb4e93727e774bd51dcf1d91a3 They may or may not apply to your version because the latest trunk has much improved route handling code. There is a new beta with these changes in available here: http://roy.marples.name/~roy/dhcpcd-6.7.99.4.tar.bz2
You're right, the dhcpcd.conf file has mostly the defaults in it. However, the command line (configured via /etc/conf.d/net) looks like this: 3542 ? Ss 0:01 dhcpcd -C mtu -C ntp.conf -C resolv.conf -C yp.conf -h -m 3 eth1 /etc/conf.d/net (for this interface): rc_net_eth1_provide="!net" # Network services don't require this interface modules_eth1="dhcpcd" config_eth1="dhcp" dhcpcd_eth1="-C mtu" dhcp_eth1="release nontp nodns nonis nosendhost" RC_NEED_eth1="iptables ip6tables" So a good question here would be what to do if the command line and configuration files disagree with one another? Does one take precidence, or are they combined in some way? It seems as though the previous behavior was to combine them additively in this case, and the behavior at v6.6.7 is (kind of) unpredictable. Going back to v6.4.7 seems to have resolved this problem as well. I'm going to need to set-up a VM to test any fixes for this other issue, so bear with me for a few days. I think I can construct a test environment so any changes can be done in a bit more controlled way (and won't affect my Internet-facing host).
Yes, the two are often in conflict. Especially when you do extra options to a running instance. Consider dhcpcd.conf only has -C mtu dhcpcd -C resolv.conf dhcpcd -n -C ntp.conf What should be the outcome there? Hopefully the beta tarball I posted improves it somewhat.
Fixed in 6.8.1, now in portage
