Behind the surging IPv6, how much do you know about the DHCPv6 protocol?

With the popularization of IPv6 technology, DHCPv6 as a basic technology is something that every IT person needs to know more or less. This article will use Tencent Cloud CVM to analyze the working principle of DHCPv6 in detail, hoping to help more people master the DHCPv6 protocol. What is the DHCPv6 protocol? How does a client automatically obtain an IPV6 address for the first time? How does CVM automatically obtain the last used IPv6 address when it restarts? This article was written by Li Binwen, an after-sales architect at Tencent Cloud.

[[325777]]

1. Introduction to DHCPv6

DHCPv6 (Dynamic Host Configuration Protocol for IPv6) is a network protocol used to allocate IPv6 addresses, prefixes, DNS and other configurations.

DHCPv6 is a protocol that runs between the client and the server. Like DHCP in IPv4, all protocol messages are based on UDP (the client uses UDP port number 546, and the server uses port number 547). However, since there are no broadcast messages in IPv6, DHCPv6 uses multicast messages (by default, all DHCPv6 servers will join and listen to the multicast group: FF02::1:2), and the client does not need to configure the IPv6 address of the server.

1. Advantages of DHCPv6

Compared with other methods of allocating IPv6 addresses, DHCPv6 has the following advantages:

• Better control over the allocation of IPv6 addresses. The DHCPv6 method can not only record the addresses allocated to IPv6 hosts, but also allocate specific addresses to specific IPv6 hosts to facilitate network management.
• DHCPv6 supports the allocation of IPv6 prefixes to network devices, facilitating automatic configuration of the entire network and network hierarchical management.
• In addition to assigning IPv6 addresses and prefixes to IPv6 hosts, you can also assign network configuration parameters such as DNS server IPv6 addresses.

2. DHCPv6 message format

DHCPv6 belongs to the application layer of the OSI seven-layer protocol stack, so it needs to encapsulate the network layer IPv6 header and the transport layer UDP header first.

3. DHCPv6 Field Notes

• msg-type: 8 bits long, indicating the type of the message. A total of 13 message types are defined.
• transaction-id: 24 bits in length, indicating the interaction ID randomly generated by the DHCPv6 client (the interaction ID of the message initiated by the server is 0), used to identify a DHCPv6 message in a round-trip interaction. For example, a Solicit/Advertise message is one interaction, and a Request/Reply message is another interaction, and the two have different interaction IDs.
• options: The length is variable according to the message type, indicating the optional field of DHCPv6. This field contains the configuration information assigned by the DHCPv6 server to the IPv6 host, such as the client ID, server ID or valid life cycle information.

4. Several common message types defined by DHCPv6

(1) Solicit: The DHCPv6 client uses the Solicit message to discover the location of the DHCPv6 server.

(2) Advertise: The DHCPv6 server sends an Advertise message in response to a Solicit message, informing the client of the DHCPv6 services it can provide.

(3) Request: The DHCPv6 client sends a Request message to request an IPv6 address and other configuration information from the DHCPv6 server.

(4) Confirm: The DHCPv6 client sends a Confirm message to any reachable DHCPv6 server to check whether the IPv6 address it has currently obtained is applicable to the link to which it is connected.

(5) Reply: The DHCPv6 server sends a Reply message in the following situations:

• The DHCPv6 server sends a Reply message that carries address and configuration information in response to the Solicit, Request, Renew, and Rebind messages received from the DHCPv6 client.
• The DHCPv6 server sends a Reply message carrying configuration information in response to the received Information-Request message.
• Used to respond to Confirm, Release, and Decline messages sent by DHCPv6 clients.

(6) Decline: The DHCPv6 client sends a Decline message to the DHCPv6 server, stating that one or more addresses assigned by the DHCPv6 server have been used by other clients on the link where the DHCPv6 client is located.

2. Obtaining IPV6 address resolution for the first time

When a CVM accesses Tencent Cloud's IPv6 network for the first time, the interactive messages for automatically obtaining an IPv6 address through DHCPv6 are as follows:

1. Discovery

The client CVM (cloud server) sends a Solicit message to discover the DHCPv6 server and requests the DHCPv6 server (Tencent Cloud virtual component) to assign it an IPv6 address and network configuration parameters.

Since CVM does not know the IPv6 address of the DHCPv6 server, CVM uses the multicast address: FF02::1:2 to send Solicit messages to all DHCPv6 servers within the same link range.

The Solicit message carries information such as the client's DUID, the non-temporary address to be requested, and other network configuration parameters.

2. Provision phase

After receiving the Solicit message, the DHCPv6 server selects a circular search method according to the order of IPv6 addresses from small to large, selects the latest IPv6 address that can be allocated, and then responds to the CVM through an Advertise message in unicast mode.

The Advertise message carries information such as the server's DUID, the client's DUID, the IPv6 address assigned to the client, and the lease period.

3. Selection phase

Because the Solicit message is sent by multicast, if there are multiple DHCPv6 servers within the same link range, all servers that receive the Solicit message will respond with an Advertise message.

If multiple DHCPv6 servers respond to Advertise messages to the DHCPv6 client, the DHCPv6 client selects the Advertise message with the highest server priority (the DHCPv6 server can include a Preference option in the Advertise message to control the client's selection of a server). The client then sends a Request message in multicast mode to all DHCPv6 servers within the same link range. The message includes the DUID of the DHCPv6 server (high priority) selected by the client, the client's DUID, and the client's IPv6 address.

4. Confirmation phase

When the DHCPv6 server receives the Request message, it determines the server DUID information carried in the message:

• If the server DUID carried in the message is not the DUID of the server, the server will not respond to the Request message and will reclaim the IPv6 address requested in the Request message.
• If the server DUID carried in the message is the DUID of the server, the server responds with a Reply message in unicast mode to confirm that the IPv6 address requested in the Request message is allocated to the client.

5. Client CVM processing stage

After receiving the Reply message, the client CVM will send an address conflict detection message (Neighbor Solicitation) to check whether there are other clients within the link range using the same IPv6 address. If no response is received within the specified time, it means that the client can use this address.

Note: If the address conflict detection message (Neighbor Solicitation) sent receives a response, it means that another client has used this address. CVM will send a Decline (declare address conflict) message to the server in unicast mode and resend the Solicit message to request a new available IPv6 address. After receiving the Decline message, the server will list the IPv6 address carried in the message as a conflicting address.

3. Get IPV6 address resolution after restart

This is not the first time that the CVM accesses the Tencent Cloud IPv6 network. The interactive messages for automatically obtaining an IPv6 address through DHCPv6 are as follows:

In the first step, when the client CVM (cloud server) is not accessing the IPv6 network for the first time (for example, restarting, disabling and then re-enabling the network card, etc.), the CVM will send a Confirm message through the multicast address: FF02::1:2 to confirm whether the previous IPv6 address of the CVM is still available.

In the second step, after receiving the Confirm message, the DHCPv6 server (Tencent Cloud virtual component) confirms whether all the addresses in the Confirm message are applicable to the CVM.

If all IPv6 addresses in the Confirm message have passed the confirmation, the server responds with a Reply message for successful confirmation (if the client receives a Reply message for failed confirmation, it sends a Solicit message to request the IPv6 address again;).

In the third step, after receiving the reply message confirming success, the client CVM will send an address conflict detection message (Neighbor Solicitation) to check whether there are other clients within the link range using the same IPv6 address. If no response is received within the specified time, it means that the CVM can use this address.

At this point, the principle of how the client automatically obtains an IPv6 address for the first time and non-first time through the DHCPv6 protocol has been explained clearly. This article also explains the functions of the six common types of DHCPv6 messages. I hope you can try it more and deepen your understanding.