[Dibbler] Help on configuring OPTION_AUTH support on DHCPv6 server

sureshbabu.kps at wipro.com sureshbabu.kps at wipro.com
Fri Mar 27 15:29:42 CET 2015


[root at CentOS5112 AAA]# dd if=/dev/urandom of=AAA-key-685b110 bs=1 count=32
32+0 records in
32+0 records out
32 bytes (32 B) copied, 0.000474785 s, 67.4 kB/s
[root at CentOS5112 AAA]# ls
AAA-key-685b110  keys-mapping

24:58 Server Debug     Received 67 bytes on interface eth1/3 (socket=3, addr=fe80::f292:1cff:fe82:3c0.).
24:58 Server Notice    Received SOLICIT on eth1/3, trans-id=0x3d960c, 5 opts: 1 3 8 11 6 (non-relayed)
24:58 Server Debug     Checking exceptions for link-local=fe80::f292:1cff:fe82:3c0
24:58 Server Debug     Cache: Cached address for client (DUID=00:03:00:01:f0:92:1c:82:03:c0) found: 200::9d04:5bc4:9259:75c0
24:58 Server Info      Cache: Cached address 200::9d04:5bc4:9259:75c0 found. Welcome back.
24:58 Server Info      Client 00:03:00:01:f0:92:1c:82:03:c0 got 200::9d04:5bc4:9259:75c0 (IAID=2182873191, pref=86400,valid=172800).
24:58 Server Debug     Address usage for class 0 increased to 2.
24:58 Server Debug     Preference set to 0.
24:58 Server Debug     Checking exceptions for link-local=fe80::f292:1cff:fe82:3c0
24:58 Server Debug     Cache: Entry for client (DUID=00:03:00:01:f0:92:1c:82:03:c0) was deleted.
24:58 Server Debug     Cache: Address 200::9d04:5bc4:9259:75c0 added for client (DUID=00:03:00:01:f0:92:1c:82:03:c0).
24:58 Server Debug     Address usage for class 0 decreased to 1.
24:58 Server Error     AUTH: Failed to load key with key-id: 685b110
18:3a Server Notice    Sending ADVERTISE on eth1/3,transID=0x3d960c, opts: 3 2 1 7, 0 relay(s).
24:58 Server Debug     Not executing external script (Notify script disabled).
24:58 Server Notice    Accepting connections. Next event in 81856 second(s).

[root at CentOS5112 AAA]# cat AAA-key-685b110
▒aE▒"PH▒U▒ě▒▒4▒B▒▒Y▒▒▒\+[root at CentOS5112 AAA]# hexdump AAA-key-685b110
0000000 c10c 6181 e345 5022 b948 1806 1055 c4c6
0000010 a69b 87f6 d534 af42 0fc8 8159 bc95 2b5c
0000020

Is there any issue in key file? Why it is failing to load? Any input please.

thanks,
Suresh


From: sureshbabu.kps at wipro.com [mailto:sureshbabu.kps at wipro.com]
Sent: Friday, March 27, 2015 4:11 PM
To: dibbler at klub.com.pl
Subject: [Dibbler] Help on configuring OPTION_AUTH support on DHCPv6 server

Hi,

I am using dibbler-server version 1.0.0 RC1 on a CentOS 6.5 system for DHCPv6 and request your input on the config to support OPTION_AUTH properly.

Server log:

35:17 Server Debug     Received 67 bytes on interface eth1/3 (socket=3, addr=fe80::f292:1cff:fe82:3c0.).
35:17 Server Notice    Received SOLICIT on eth1/3, trans-id=0x3d960c, 5 opts: 1 3 8 11 6 (non-relayed)    <- Option 11 is set
35:17 Server Debug     Checking exceptions for link-local=fe80::f292:1cff:fe82:3c0
35:17 Server Debug     Cache: Cached address for client (DUID=00:03:00:01:f0:92:1c:82:03:c0) found: 200::9d04:5bc4:9259:75c0
35:17 Server Info      Cache: Cached address 200::9d04:5bc4:9259:75c0 found. Welcome back.
35:17 Server Info      Client 00:03:00:01:f0:92:1c:82:03:c0 got 200::9d04:5bc4:9259:75c0 (IAID=2182873191, pref=86400,valid=172800).
35:17 Server Debug     Address usage for class 0 increased to 2.
35:17 Server Debug     Preference set to 0.
35:17 Server Debug     Checking exceptions for link-local=fe80::f292:1cff:fe82:3c0
35:17 Server Debug     Cache: Entry for client (DUID=00:03:00:01:f0:92:1c:82:03:c0) was deleted.
35:17 Server Debug     Cache: Address 200::9d04:5bc4:9259:75c0 added for client (DUID=00:03:00:01:f0:92:1c:82:03:c0).
35:17 Server Debug     Address usage for class 0 decreased to 1.
35:17 Server Notice    Sending ADVERTISE on eth1/3,transID=0x3d960c, opts: 3 2 1 7, 0 relay(s).   <- Option 11 is NOT set
35:17 Server Debug     Not executing external script (Notify script disabled).
35:17 Server Notice    Accepting connections. Next event in 95637 second(s).

Server is not adding Option 11 in ADVERTISE.

server.conf:

log-level 8
log-mode short
preference 0
auth-protocol delay
auth-replay monotonic
auth-methods digest-hmac-md5
auth-realm "SOMESTRING"
auth-required 0
iface "eth1"{
   t1 50
   t2 100
   # assign addresses from this pool
   class {
      pool 200::/64
   }
}

Is there anything I am missing on the server side to configure?

Thank you for your time.

regards,
Suresh

The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com<http://www.wipro.com>
The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://klub.com.pl/pipermail/dibbler/attachments/20150327/4884f23c/attachment-0001.html>


More information about the Dibbler mailing list