How to workaround IPv6 prefix length issues with ISC DHCP clients.


In our current DHCP client code (at the time of writing this article: 4.3.0, 4.2.6 and 4.1-ESV-R9) the prefix length associated with an address from an IA_NA or IA_TA is hardcoded to 64.  When this code was written this seemed to be an appropriate placeholder behavior until such time as the IETF developed a standard option for passing that information from the server to the client.  As it happens the IETF hasn't created such an option, but the use of 64 as a default is not always appropriate.

As discussed in RFC5942 the use of a hardcoded length can lead to problems when a client believes it is on-link due to the prefix length while it really is not.  Unfortunately it is also the case that some systems may rely upon the old, incorrect, behavior to allow a client to think it is on-link without the benefit of router-advertisements.  In a properly functioning system the client should use a prefix length of 128 and get any on-link information from the RAs from a router.

In the short term you may address this issue by modifying the script that is used to connect the client to your operating system.  The client passes the information it receives in options to the script by placing them in environment variables and then invoking the script.  The script then examines the environment variables and calls the OS specific program to pass the information to the OS.

For example the following snippet is from the sample freebsd script:

 ifconfig ${interface} inet6 ${new_ip6_address}/${new_ip6_prefixlen} alias

This passes the newly acquired IPv6 address to the ifconfig program which associates it with the given interface.  If you are using ISC's DHCP client, the value of new_ip6_prefixlen will have been set to 64.

You can specify the length you wish to use by removing the new_ip6_prefixlen environment variable from the script and replacing it with a known length, such as 128.  Alternatively, you might wish to adapt the script to determine the length from some other source if one is available.

Future plans

Since the original article (2014 February), the future has arrived.  DHCP 4.3.1, 4.2.7, and 4.1-ESV-R10 added DHCLIENT_DEFAULT_PREFIX_LEN in includes/site.h, and a user who wants a different default can edit this file and recompile.  Of course the above script suggestion still works if you do not want to recompile (such as if using a distributor's package of ISC DHCP.)

We might offer a solution for runtime configuration in a future major release, but that has not yet been determined.  The default for DHCLIENT_DEFAULT_PREFIX_LEN is still 64, but we might also consider changing that in the future.