Hi, I'm currently testing IPv6 subscriber termination (PPP/L2TP) on an MX204 (18.4R2) and I have a bit of a problem with DHCPv6 IA_NA address allocation.
By default the lease time for the address is one day (86400 seconds) when the address is received by Radius. The Cisco CPE configures this address on the Dialer interface which does not go down when the PPP session is cleared. So the address stays there for a day at least which is suboptimal. We want to reduce the lease time so that it is detected sooner that the address is invalid and can be released / reused. The only way to change this behaviour seems to be setting the 'asymmetric-lease-time' option in the dhcpv6 group overrides. I set it to 600 seconds which works as expected (address has a lifetime of 600 seconds) BUT the MX does not respond to rebind queries from the client. So the address times out and the client has to solicit the address again. Traceoptions seem to indicate that the packet is handled in an special way because of the asymmetric lease time: Mar 11 10:58:56.881706 [MSTR][DEBUG] dhcpv6_packet_new: PACKET - Allocated new v6 packet 0xa176480 Mar 11 10:58:56.881749 [MSTR][INFO] [default:default][SVR][INET6][si-0/0/0.3221225603] >>>>>>>>>> Decode message from == fe80::12f3:11ff:fe81:18fe/546 <<<<<<<<<< Mar 11 10:58:56.881760 [MSTR][INFO] [default:default][SVR][INET6][si-0/0/0.3221225603] --[ msgtype == DHCPV6-REBIND ]-------------------------- Mar 11 10:58:56.881769 [MSTR][INFO] [default:default][SVR][INET6][si-0/0/0.3221225603] --[ len == 76 ]-- Mar 11 10:58:56.881778 [MSTR][INFO] [default:default][SVR][INET6][si-0/0/0.3221225603] --[ xid == e72bcf ]-- Mar 11 10:58:56.881787 [MSTR][INFO] [default:default][SVR][INET6][si-0/0/0.3221225603] --[ Internally Unsupported Option Mar 11 10:58:56.881799 [MSTR][INFO] [default:default][SVR][INET6][si-0/0/0.3221225603] OPTION code 8, len 2, data 00 00 ]-- Mar 11 10:58:56.881808 [MSTR][INFO] [default:default][SVR][INET6][si-0/0/0.3221225603] --[ OPTION_CLIENTID Mar 11 10:58:56.881820 [MSTR][INFO] [default:default][SVR][INET6][si-0/0/0.3221225603] OPTION code 1, len 10, data 00 03 00 01 10 f3 11 81 18 fe ]-- Mar 11 10:58:56.881829 [MSTR][INFO] [default:default][SVR][INET6][si-0/0/0.3221225603] --[ OPTION_OPT_REQ Mar 11 10:58:56.881839 [MSTR][INFO] [default:default][SVR][INET6][si-0/0/0.3221225603] OPTION code 6, len 4, data 00 17 00 18 ]-- Mar 11 10:58:56.881848 [MSTR][INFO] [default:default][SVR][INET6][si-0/0/0.3221225603] --[ OPTION_IA_NA Mar 11 10:58:56.881856 [MSTR][INFO] [default:default][SVR][INET6][si-0/0/0.3221225603] OPTION code 3, len 40, iaid 1114113, T1 0, T2 0 ]-- Mar 11 10:58:56.881866 [MSTR][DEBUG][default:default][SVR][INET6][si-0/0/0.3221225603] dhcpv6_option_parse: Parsing suboptions of OPTION_IA_NA - Start Mar 11 10:58:56.881875 [MSTR][INFO] [default:default][SVR][INET6][si-0/0/0.3221225603] --[ OPTION_IAADDR Mar 11 10:58:56.881885 [MSTR][INFO] [default:default][SVR][INET6][si-0/0/0.3221225603] OPTION code 5, len 24, pre-ltime 600, valid-ltime 600, addr 2001:db8:8:1d::1, data NULL ]-- Mar 11 10:58:56.881895 [MSTR][DEBUG][default:default][SVR][INET6][si-0/0/0.3221225603] dhcpv6_option_parse: Parsing suboptions of OPTION_IA_NA - Done Mar 11 10:58:56.881905 [MSTR][DEBUG][default:default][SVR][INET6][si-0/0/0.3221225603] dhcpv6_packet_decode: dhcpv6 pkt parsing - End Mar 11 10:58:56.881914 [MSTR][DEBUG] dhcpv6_packet_handle: ALQ: LQ update skipped - Not expected Mar 11 10:58:56.881926 [MSTR][DEBUG][default:default][SVR][INET6][si-0/0/0.3221225603] jdhcpd_v6_short_lease_recv_check: Checking packet safd for short lease requirement Mar 11 10:58:56.881935 [MSTR][DEBUG][default:default][SVR][INET6][si-0/0/0.3221225603] jdhcpd_v6_short_lease_recv_check: Packet safd has short lease configuration call short lease handler Mar 11 10:58:56.881952 [MSTR][DEBUG][default:default][SVR][INET6][si-0/0/0.3221225603] jdhcpd_v6_short_lease_recv_check: Packet converted returning to sender Mar 11 10:58:56.881987 [MSTR][DEBUG][default:default][SVR][INET6][si-0/0/0.3221225603] jdhcpd_v6_short_lease_recv_check: Short lease refreshed Mar 11 10:58:56.881997 [MSTR][DEBUG][default:default][SVR][INET6][si-0/0/0.3221225603] dhcpv6_packet_handle: Short lease processing has consumed this packet Mar 11 10:58:56.882008 [MSTR][DEBUG][default:default][SVR][INET6][si-0/0/0.3221225603] dhcpv6_packet_handle: leasequeryreply No, retries 0 Mar 11 10:58:56.882016 [MSTR][DEBUG] dhcpv6_packet_free: PACKET - Freeing v6 packet 0xa176480 The trace says "Short lease refreshed" but no reply is sent to the client. Any idea how this can be solved? It seems one can only configure lease times when using a IPv6 pool, but we use addresses configured from Radius. Config looks like this: # show system services dhcp-local-server dhcpv6 { group lns-dhcpv6 { overrides { rapid-commit; asymmetric-lease-time 600; asymmetric-prefix-lease-time 600; } interface si-0/0/0.0; interface si-0/1/0.0; } } Radius has: Framed-IPv6-Prefix = "2001:db8:8:1d::1/128" And Cisco CPE uses this: interface Dialer7 mtu 1448 ip address negotiated ip virtual-reassembly in encapsulation ppp load-interval 30 dialer pool 7 no cdp enable ipv6 address dhcp rapid-commit ipv6 enable no ipv6 redirects ppp authentication chap callin ppp chap hostname ******** ppp chap password 0 ****** ppp pap refuse ! Best Regards Sebastian -- GPG Key: 0x58A2D94A93A0B9CE (F4F6 B1A3 866B 26E9 450A 9D82 58A2 D94A 93A0 B9CE) 'Are you Death?' ... IT'S THE SCYTHE, ISN'T IT? PEOPLE ALWAYS NOTICE THE SCYTHE. -- Terry Pratchett, The Fifth Elephant _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp