iocage jail as DHCPv6 client

[Junicast]

FreeNAS 11.2U6

What do I have to do in order to use DHCPv6 as a client (not as a downstream router) with an iocage jail?
I have tried to use autoconfig which just doesn't work. Static IP works fine but is cumbersome.

I have a pfSense Router who provides hostnames into my own DNS zone via RFC 2136 which I would love to utilize for my jails as well.
My most recent test was just to set DHCP (IPv4) to automatic and then I did the following:

Code:

pkg install dhcp6
echo "dhcp6c_enable=YES" >> /etc/rc.conf

with this config:

Code:

interface epair0b {
send ia-na 1;
send ia-pd 0;
send domain-name-servers,domain-name;
};
id assoc na 1 {
};
id assoc pd {
};

When I start the service I get this to stderr:

Code:

dhcp6c_interfaces is not set

When I start dhcp6c manually just nothing happens.

 

[dlavigne]

Were you able to resolve this?

 

[sretalla]

When you say DHCP v6 as a client, do you mean that you want your iocage jail to get an address assigned? or do you mean you want to use your iocage "client" as a DHCP v6 server to allocate addresses to other machines on your network? I think it's the first one, but that doesn't match with the pkg install you quoted.

If it's the first case, you should think about starting again without installing that pkg and looking at the settings for DHCP in the iocage setup...

What does your jail setup look like? (output of iocage get all <jailname> )

 

[Junicast]

Were you able to resolve this?

No, this is not resolved. I fear FreeNAS with iocage simply does not support this kind of setup.

... I think it's the first one, but that doesn't match with the pkg install you quoted.

I want the jail to be a DHCPv6 client so it receives its address statefully via DHCPv6 instead of static or SLAAC. I have a working DHCPv6 server running on pfSense in network. Other clients do already receive addresses.
The package I quoted is correct:

Code:

root@logging:~ # pkg search dhcp6
dhcp6-20080615.2_2             KAME DHCP6 client, server, and relay

This is the jail configuration:

Code:

CONFIG_VERSION:14.1
allow_chflags:0
allow_mlock:0
allow_mount:0
allow_mount_devfs:0
allow_mount_nullfs:0
allow_mount_procfs:0
allow_mount_tmpfs:0
allow_mount_zfs:0
allow_quotas:0
allow_raw_sockets:0
allow_set_hostname:1
allow_socket_af:0
allow_sysvipc:0
allow_tun:0
available:readonly
basejail:no
boot:off
bpf:yes
children_max:0
cloned_release:11.2-RELEASE
comment:none
compression:lz4
compressratio:readonly
coredumpsize:off
count:1
cpuset:off
cputime:off
datasize:off
dedup:off
defaultrouter:none
defaultrouter6:none
depends:none
devfs_ruleset:4
dhcp:on
enforce_statfs:2
exec_clean:1
exec_fib:0
exec_jail_user:root
exec_poststart:/usr/bin/true
exec_poststop:/usr/bin/true
exec_prestart:/usr/bin/true
exec_prestop:/usr/bin/true
exec_start:/bin/sh /etc/rc
exec_stop:/bin/sh /etc/rc.shutdown
exec_system_jail_user:0
exec_system_user:root
exec_timeout:60
host_domainname:none
host_hostname:v6test
host_hostuuid:v6test
host_time:yes
hostid:8DC28570-6238-0000-0000-000000000000
hostid_strict_check:off
interfaces:vnet0:bridge0
ip4:new
ip4_addr:none
ip4_saddrsel:1
ip6:new
ip6_addr:vnet0|accept_rtadv
ip6_saddrsel:1
jail_zfs:off
jail_zfs_dataset:iocage/jails/v6test/data
jail_zfs_mountpoint:none
last_started:2019-10-15 07:51:20
login_flags:-f root
mac_prefix:7085c2
maxproc:off
memorylocked:off
memoryuse:off
mount_devfs:1
mount_fdescfs:1
mount_linprocfs:0
mount_procfs:0
mountpoint:readonly
msgqqueued:off
msgqsize:off
nmsgq:off
notes:none
nsemop:off
nshm:off
nthr:off
openfiles:off
origin:readonly
owner:root
pcpu:off
priority:99
pseudoterminals:off
quota:none
release:11.2-RELEASE-p14
reservation:none
resolver:/etc/resolv.conf
rlimits:off
securelevel:2
shmsize:off
stacksize:off
state:up
stop_timeout:30
swapuse:off
sync_state:none
sync_target:none
sync_tgt_zpool:none
sysvmsg:new
sysvsem:new
sysvshm:new
template:no
type:jail
used:readonly
vmemoryuse:off
vnet:on
vnet0_mac:7085c26bc095 7085c26bc096
vnet1_mac:none
vnet2_mac:none
vnet3_mac:none
vnet_default_interface:auto
vnet_interfaces:none
wallclock:off

 

[sretalla]

The jail system already allows assignment of IPv6 addresses without installation of additional packages.

You have some config there already

ip6:new ip6_addr:vnet0|accept_rtadv ip6_saddrsel:1

The trick will be to get that config right, then you should be assigned an address.

It may also be useful to see the output of sysrc -a from inside the jail.

 

[Junicast]

sysrc -a:

Code:

cron_flags:  -J 15
dhcp6c_enable: YES
hostname: v6test
ifconfig_epair0b: DHCP
ipv6_activate_all_interfaces: YES
rtsold_enable: YES
sendmail_enable: NO
sendmail_msp_queue_enable: NO
sendmail_outbound_enable: NO
sendmail_submit_enable: NO
sshd_enable: YES
syslogd_flags: -c -ss

ifconfig epair0b:

Code:

epair0b: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
    options=8<VLAN_MTU>
    ether 70:85:c2:6b:c0:96
    hwaddr 02:68:90:00:0c:0b
    inet 10.10.101.179 netmask 0xffffff00 broadcast 10.10.101.255
    nd6 options=1<PERFORMNUD>
    media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
    status: active
    groups: epair

 

[sretalla]

How about if you set ip6_addr to none? (and restart the jail)

 

[Junicast]

That doesn't change anything. Still no IPv6 address. I can see that IPv6 traffic is arriving within the jail when I

Code:

tcpdump -i epair0b -n -nn ip6

but the dhcpv6 client simply won't start. I will install FreeBSD as bhyve guest and check if my dhcp6c client maybe wrong.

 

[sretalla]

Do you have the checkbox set for IPv6 DHCP in the GUI?

 

[sretalla]

There may be some value in looking at this thread: https://www.ixsystems.com/community/threads/iocage-and-ipv6-autoconf.61700/

 

[Junicast]

I decided to remove dhcp6 and use dhcpcd as dhcpv6 client with this configuration:

Code:

hostname <<hostname>>
duid
persistent
option rapid_commit
option domain_name_servers, domain_name, domain_search, host_name
option classless_static_routes
option interface_mtu
require dhcp_server_identifier
slaac private
ipv6only

It works.

Edit:
The only thing that seems to be missing is that dhcpcd isn't start at jail boot. Even though dhcpcd_enable=yes is set in rc.conf.
I have to start the service manually every time. That's weird.