Following my earlier post about introduction to DHCPv6, let’s see how DHCPv6 relaying works in practice.
In VLAN 60 there is the DHCPv6 client but no DHCPv6 server. The subnet-attached router is configured as DHCPv6 relay, using the DHCPv6 server address from VLAN 41. The components in this setup are:
- DHCPv6 client: Debian Linux 11 (Bullseye), using ISC DHCP client 4.4.1-2.3+deb11u2
- DHCPv6 relay: Cisco CSR1000v
- DHCPv6 server: Microsoft Windows Server 2022 DHCP service
I’ll capture the traffic on both the client and the server, while first requesting new DHCPv6 lease, then renewing the lease, and finally releasing it. As usual, here are the capture files for your own inspection:
- dhcpv6-relay-client.pcap (github.com)
- dhcpv6-relay-server.pcap (github.com)
You can also see the long DHCPv6 packet dissections in text at the end of this post.
On the DHCPv6 client
The DHCPv6-related frames are #7-10 (Solicit–Advertise–Request–Reply), #20-21 (Renew–Reply) and #29-30 (Release–Reply).
To be direct, just see my Introduction to DHCPv6 post for the client-side packet explanations, these are the same kind of packets, with these minor differences:
- The source IPv6 address of the Advertise and Reply packets is
fe80::20c:29ff:fe7b:28e0. That is the link-local address of the DHCPv6 relay in the client-side VLAN. - When you compare the DHCPv6 client DUID (DHCP Unique Identifier) on this capture and on the previous one, you’ll see that they differ. That’s because I’ve been deleting the
/var/lib/dhcp/dhclient6.leasesfile on the client when testing, so the DUID has been regenerated. On this client it uses DUID type 1: using the link-layer address plus time. - This time the DHCPv6 client has also been sending its hostname in DHCPv6 option 39 as I’ve configured the client with
send fqdn.fqdn "testclient.lein.io"directive. Furthermore, if using Wireshark to see the packets, you can also see that the ISC DHCPv6 client is not strictly RFC 4704 compliant in DHCPv6 Release messages: the RFC says that “A client MUST only include the Client FQDN option in SOLICIT, REQUEST, RENEW, or REBIND messages.” The currently latest Wireshark development build for version 4.3.0 emits an error message on that.
The ISC DHCPv6 client logged these in the process:
Dec 6 14:19:19 dhcptestclient dhclient[18033]: XMT: Solicit on ens192, interval 1010ms. Dec 6 14:19:19 dhcptestclient dhclient[18033]: RCV: Advertise message on ens192 from fe80::20c:29ff:fe7b:28e0. Dec 6 14:19:20 dhcptestclient dhclient[18033]: XMT: Request on ens192, interval 920ms. Dec 6 14:19:20 dhcptestclient dhclient[18033]: RCV: Reply message on ens192 from fe80::20c:29ff:fe7b:28e0. Dec 6 14:21:20 dhcptestclient dhclient[18033]: PRC: Renewing lease on ens192. Dec 6 14:21:20 dhcptestclient dhclient[18033]: XMT: Renew on ens192, interval 9780ms. Dec 6 14:21:20 dhcptestclient dhclient[18033]: RCV: Reply message on ens192 from fe80::20c:29ff:fe7b:28e0. Dec 6 14:21:42 dhcptestclient dhclient[18057]: XMT: Release on ens192, interval 920ms.
On the DHCPv6 server
The Windows DHCP server logs for DHCPv6 shows nothing extraordinary:
11000,12/06/23,14:19:19,DHCPV6 Solicit,2001:db8:5678:0:8b7c:78f7:d5e4:64c5,testclient.lein.io,,14,000100012D032346000C2967427A,,,,, 11002,12/06/23,14:19:20,DHCPV6 Request,2001:db8:5678:0:8b7c:78f7:d5e4:64c5,testclient.lein.io,,14,000100012D032346000C2967427A,,,,, 11004,12/06/23,14:21:20,DHCPV6 Renew,2001:db8:5678:0:8b7c:78f7:d5e4:64c5,testclient.lein.io,,14,000100012D032346000C2967427A,,,,, 11007,12/06/23,14:21:42,DHCPV6 Release,2001:db8:5678:0:8b7c:78f7:d5e4:64c5,,,14,000100012D032346000C2967427A,,,,, 11016,12/06/23,14:21:42,DHCPV6 client Deleted,2001:db8:5678:0:8b7c:78f7:d5e4:64c5,,,14,000100012D032346000C2967427A,,,,,
There are the expected Solicit, Request, Renew and Release messages from the client, as well as finally a generic “client Deleted” message (still with an odd capitalization but that’s how it is there).
The capture on the server side is now interesting as we have the DHCPv6 relay in use.
In the capture there are just Relay-forward and Relay-reply messages that contain the “normal” Solicit, Advertise, Request, Reply, Renew and Release messages.
In this example the Relay-forward messages are coming from the DHCPv6 relay’s (router’s) address 2001:db8:9876::100:1 and going to the DHCPv6 server at 2001:db8:9876::30, and the Relay-reply messages are going from the server to the relay.
The Relay-forward messages
When the DHCPv6 relay receives a DHCPv6 message from the client and determines that it should be relayed to the server, the relay creates a new Relay-forward message and encapsulates the original DHCPv6 message from the client in the Relay Message option (OPTION_RELAY_MSG, 9).
The relay also adds other options in the Relay-forward message, like these in this example:
- Client Link-Layer Address option (
OPTION_CLIENT_LINKLAYER_ADDR, 79), defined in RFC 6939- This gives the server a possibility to see the client’s link-layer address (usually MAC address), if it needs it for some purpose
- Interface-Id option (
OPTION_INTERFACE_ID, 18), defined in the DHCPv6 RFC (RFC 8415) - Relay Agent Remote-ID option (
OPTION_REMOTE_ID, 37), defined in RFC 4649- These can be used by the server to determine if some specific settings need to be sent to the client
The resulted Relay-forward message is then sent to the DHCPv6 server as a unicast packet in this example. It is also possible for the relay to use All_DHCP_Servers (ff05::1:3) site-local scope multicast address to reach the DHCPv6 server(s).
Chaining the relays is possible (but not demonstrated here) so that one relay sends the Relay-forward message to another DHCPv6 relay. In that case the receiving relay will encapsulate the received Relay-forward message to its own Relay-forward message accordingly.
The Relay-reply messages
After receiving the Relay-forward message and processing the DHCPv6 message in the Relay Message option field, the DHCPv6 server sends the reply as a Relay-reply message to the DHCPv6 relay’s address (where the UDP packet was sent to the server).
The Relay-reply message contains the Relay Message option (with the actual DHCPv6 response message) as well as the Interface-Id option since it was present in the received Relay-forward message.
Summary
In the client side the DHCPv6 process works the same with and without the DHCPv6 relay.
In the server side the communication between DHCPv6 relay and DHCPv6 server is based on Relay-forward and Relay-reply messages that contain the encapsulated “normal” DHCPv6 messages as well as some additional information that helps the DHCPv6 server to configure the remote DHCPv6 clients appropriately.
Appendixes
- Appendix 1: The DHCPv6 messages in the client-side capture
- Appendix 2: The DHCPv6 messages in the server-side capture
- Appendix 3: The IPv6 configurations on the DHCPv6 relay
Appendix 1: The DHCPv6 messages in the client-side capture
Frame 7: 143 bytes on wire (1144 bits), 143 bytes captured (1144 bits)
Ethernet II, Src: VMware_67:42:7a (00:0c:29:67:42:7a), Dst: IPv6mcast_01:00:02 (33:33:00:01:00:02)
Internet Protocol Version 6, Src: fe80::20c:29ff:fe67:427a, Dst: ff02::1:2
User Datagram Protocol, Src Port: 546, Dst Port: 547
DHCPv6
Message type: Solicit (1)
Transaction ID: 0x4db879
Client Identifier
Option: Client Identifier (1)
Length: 14
DUID: 000100012d032346000c2967427a
DUID Type: link-layer address plus time (1)
Hardware type: Ethernet (1)
DUID Time: Dec 6, 2023 14:19:18.000000000 FLE Standard Time
Link-layer address: 00:0c:29:67:42:7a
Link-layer address (Ethernet): VMware_67:42:7a (00:0c:29:67:42:7a)
Option Request
Option: Option Request (6)
Length: 8
Requested Option code: DNS recursive name server (23)
Requested Option code: Domain Search List (24)
Requested Option code: Client Fully Qualified Domain Name (39)
Requested Option code: Simple Network Time Protocol Server (31)
Elapsed time
Option: Elapsed time (8)
Length: 2
Elapsed time: 0ms
Client Fully Qualified Domain Name
Option: Client Fully Qualified Domain Name (39)
Length: 21
Flags: 0x00 [CLIENT wants to update its AAAA RRs and SERVER to update its PTR RRs]
.... .0.. = N bit: Server SHOULD perform PTR RR updates
.... ...0 = S bit: Server SHOULD NOT perform AAAA RR updates
Client Domain Name: testclient.lein.io.
Identity Association for Non-temporary Address
Option: Identity Association for Non-temporary Address (3)
Length: 12
IAID: 2967427a
T1: 3600
T2: 5400
Frame 8: 207 bytes on wire (1656 bits), 207 bytes captured (1656 bits)
Ethernet II, Src: VMware_7b:28:e0 (00:0c:29:7b:28:e0), Dst: VMware_67:42:7a (00:0c:29:67:42:7a)
Internet Protocol Version 6, Src: fe80::20c:29ff:fe7b:28e0, Dst: fe80::20c:29ff:fe67:427a
User Datagram Protocol, Src Port: 547, Dst Port: 546
DHCPv6
Message type: Advertise (2)
Transaction ID: 0x4db879
Server Identifier
Option: Server Identifier (2)
Length: 14
DUID: 000100006498654c000c2978effd
DUID Type: link-layer address plus time (1)
Hardware type: NET/ROM pseudo (0)
DUID Time: Jun 24, 2053 19:03:24.000000000 FLE Summer Time
Link-layer address: 000c2978effd
Client Identifier
Option: Client Identifier (1)
Length: 14
DUID: 000100012d032346000c2967427a
DUID Type: link-layer address plus time (1)
Hardware type: Ethernet (1)
DUID Time: Dec 6, 2023 14:19:18.000000000 FLE Standard Time
Link-layer address: 00:0c:29:67:42:7a
Link-layer address (Ethernet): VMware_67:42:7a (00:0c:29:67:42:7a)
Identity Association for Non-temporary Address
Option: Identity Association for Non-temporary Address (3)
Length: 40
IAID: 2967427a
T1: 120
T2: 192
IA Address
Option: IA Address (5)
Length: 24
IPv6 address: 2001:db8:5678:0:8b7c:78f7:d5e4:64c5
Preferred lifetime: 240
Valid lifetime: 600
DNS recursive name server
Option: DNS recursive name server (23)
Length: 32
1 DNS server address: 2606:4700:4700::1111
2 DNS server address: 2606:4700:4700::1001
Client Fully Qualified Domain Name
Option: Client Fully Qualified Domain Name (39)
Length: 21
Flags: 0x04 [CLIENT SHALL update AAAA RRs; SERVER SHALL NOT perform any DNS updates]
.... .1.. = N bit: Server SHOULD NOT perform PTR RR updates
.... ..0. = O bit: Server HAS NOT overridden client's S bit preference
.... ...0 = S bit: Server SHOULD NOT perform AAAA RR updates
Client Domain Name: testclient.lein.io.
Frame 9: 189 bytes on wire (1512 bits), 189 bytes captured (1512 bits)
Ethernet II, Src: VMware_67:42:7a (00:0c:29:67:42:7a), Dst: IPv6mcast_01:00:02 (33:33:00:01:00:02)
Internet Protocol Version 6, Src: fe80::20c:29ff:fe67:427a, Dst: ff02::1:2
User Datagram Protocol, Src Port: 546, Dst Port: 547
DHCPv6
Message type: Request (3)
Transaction ID: 0xb4f010
Client Identifier
Option: Client Identifier (1)
Length: 14
DUID: 000100012d032346000c2967427a
DUID Type: link-layer address plus time (1)
Hardware type: Ethernet (1)
DUID Time: Dec 6, 2023 14:19:18.000000000 FLE Standard Time
Link-layer address: 00:0c:29:67:42:7a
Link-layer address (Ethernet): VMware_67:42:7a (00:0c:29:67:42:7a)
Server Identifier
Option: Server Identifier (2)
Length: 14
DUID: 000100006498654c000c2978effd
DUID Type: link-layer address plus time (1)
Hardware type: NET/ROM pseudo (0)
DUID Time: Jun 24, 2053 19:03:24.000000000 FLE Summer Time
Link-layer address: 000c2978effd
Option Request
Option: Option Request (6)
Length: 8
Requested Option code: DNS recursive name server (23)
Requested Option code: Domain Search List (24)
Requested Option code: Client Fully Qualified Domain Name (39)
Requested Option code: Simple Network Time Protocol Server (31)
Elapsed time
Option: Elapsed time (8)
Length: 2
Elapsed time: 0ms
Client Fully Qualified Domain Name
Option: Client Fully Qualified Domain Name (39)
Length: 21
Flags: 0x00 [CLIENT wants to update its AAAA RRs and SERVER to update its PTR RRs]
.... .0.. = N bit: Server SHOULD perform PTR RR updates
.... ...0 = S bit: Server SHOULD NOT perform AAAA RR updates
Client Domain Name: testclient.lein.io.
Identity Association for Non-temporary Address
Option: Identity Association for Non-temporary Address (3)
Length: 40
IAID: 2967427a
T1: 3600
T2: 5400
IA Address
Option: IA Address (5)
Length: 24
IPv6 address: 2001:db8:5678:0:8b7c:78f7:d5e4:64c5
Preferred lifetime: 7200
Valid lifetime: 7500
Frame 10: 207 bytes on wire (1656 bits), 207 bytes captured (1656 bits)
Ethernet II, Src: VMware_7b:28:e0 (00:0c:29:7b:28:e0), Dst: VMware_67:42:7a (00:0c:29:67:42:7a)
Internet Protocol Version 6, Src: fe80::20c:29ff:fe7b:28e0, Dst: fe80::20c:29ff:fe67:427a
User Datagram Protocol, Src Port: 547, Dst Port: 546
DHCPv6
Message type: Reply (7)
Transaction ID: 0xb4f010
Server Identifier
Option: Server Identifier (2)
Length: 14
DUID: 000100006498654c000c2978effd
DUID Type: link-layer address plus time (1)
Hardware type: NET/ROM pseudo (0)
DUID Time: Jun 24, 2053 19:03:24.000000000 FLE Summer Time
Link-layer address: 000c2978effd
Client Identifier
Option: Client Identifier (1)
Length: 14
DUID: 000100012d032346000c2967427a
DUID Type: link-layer address plus time (1)
Hardware type: Ethernet (1)
DUID Time: Dec 6, 2023 14:19:18.000000000 FLE Standard Time
Link-layer address: 00:0c:29:67:42:7a
Link-layer address (Ethernet): VMware_67:42:7a (00:0c:29:67:42:7a)
Identity Association for Non-temporary Address
Option: Identity Association for Non-temporary Address (3)
Length: 40
IAID: 2967427a
T1: 120
T2: 192
IA Address
Option: IA Address (5)
Length: 24
IPv6 address: 2001:db8:5678:0:8b7c:78f7:d5e4:64c5
Preferred lifetime: 240
Valid lifetime: 600
DNS recursive name server
Option: DNS recursive name server (23)
Length: 32
1 DNS server address: 2606:4700:4700::1111
2 DNS server address: 2606:4700:4700::1001
Client Fully Qualified Domain Name
Option: Client Fully Qualified Domain Name (39)
Length: 21
Flags: 0x04 [CLIENT SHALL update AAAA RRs; SERVER SHALL NOT perform any DNS updates]
.... .1.. = N bit: Server SHOULD NOT perform PTR RR updates
.... ..0. = O bit: Server HAS NOT overridden client's S bit preference
.... ...0 = S bit: Server SHOULD NOT perform AAAA RR updates
Client Domain Name: testclient.lein.io.
Frame 20: 189 bytes on wire (1512 bits), 189 bytes captured (1512 bits)
Ethernet II, Src: VMware_67:42:7a (00:0c:29:67:42:7a), Dst: IPv6mcast_01:00:02 (33:33:00:01:00:02)
Internet Protocol Version 6, Src: fe80::20c:29ff:fe67:427a, Dst: ff02::1:2
User Datagram Protocol, Src Port: 546, Dst Port: 547
DHCPv6
Message type: Renew (5)
Transaction ID: 0xa3d236
Client Identifier
Option: Client Identifier (1)
Length: 14
DUID: 000100012d032346000c2967427a
DUID Type: link-layer address plus time (1)
Hardware type: Ethernet (1)
DUID Time: Dec 6, 2023 14:19:18.000000000 FLE Standard Time
Link-layer address: 00:0c:29:67:42:7a
Link-layer address (Ethernet): VMware_67:42:7a (00:0c:29:67:42:7a)
Server Identifier
Option: Server Identifier (2)
Length: 14
DUID: 000100006498654c000c2978effd
DUID Type: link-layer address plus time (1)
Hardware type: NET/ROM pseudo (0)
DUID Time: Jun 24, 2053 19:03:24.000000000 FLE Summer Time
Link-layer address: 000c2978effd
Option Request
Option: Option Request (6)
Length: 8
Requested Option code: DNS recursive name server (23)
Requested Option code: Domain Search List (24)
Requested Option code: Client Fully Qualified Domain Name (39)
Requested Option code: Simple Network Time Protocol Server (31)
Elapsed time
Option: Elapsed time (8)
Length: 2
Elapsed time: 0ms
Client Fully Qualified Domain Name
Option: Client Fully Qualified Domain Name (39)
Length: 21
Flags: 0x00 [CLIENT wants to update its AAAA RRs and SERVER to update its PTR RRs]
.... .0.. = N bit: Server SHOULD perform PTR RR updates
.... ...0 = S bit: Server SHOULD NOT perform AAAA RR updates
Client Domain Name: testclient.lein.io.
Identity Association for Non-temporary Address
Option: Identity Association for Non-temporary Address (3)
Length: 40
IAID: 2967427a
T1: 3600
T2: 5400
IA Address
Option: IA Address (5)
Length: 24
IPv6 address: 2001:db8:5678:0:8b7c:78f7:d5e4:64c5
Preferred lifetime: 7200
Valid lifetime: 7500
Frame 21: 207 bytes on wire (1656 bits), 207 bytes captured (1656 bits)
Ethernet II, Src: VMware_7b:28:e0 (00:0c:29:7b:28:e0), Dst: VMware_67:42:7a (00:0c:29:67:42:7a)
Internet Protocol Version 6, Src: fe80::20c:29ff:fe7b:28e0, Dst: fe80::20c:29ff:fe67:427a
User Datagram Protocol, Src Port: 547, Dst Port: 546
DHCPv6
Message type: Reply (7)
Transaction ID: 0xa3d236
Server Identifier
Option: Server Identifier (2)
Length: 14
DUID: 000100006498654c000c2978effd
DUID Type: link-layer address plus time (1)
Hardware type: NET/ROM pseudo (0)
DUID Time: Jun 24, 2053 19:03:24.000000000 FLE Summer Time
Link-layer address: 000c2978effd
Client Identifier
Option: Client Identifier (1)
Length: 14
DUID: 000100012d032346000c2967427a
DUID Type: link-layer address plus time (1)
Hardware type: Ethernet (1)
DUID Time: Dec 6, 2023 14:19:18.000000000 FLE Standard Time
Link-layer address: 00:0c:29:67:42:7a
Link-layer address (Ethernet): VMware_67:42:7a (00:0c:29:67:42:7a)
Identity Association for Non-temporary Address
Option: Identity Association for Non-temporary Address (3)
Length: 40
IAID: 2967427a
T1: 120
T2: 192
IA Address
Option: IA Address (5)
Length: 24
IPv6 address: 2001:db8:5678:0:8b7c:78f7:d5e4:64c5
Preferred lifetime: 240
Valid lifetime: 600
DNS recursive name server
Option: DNS recursive name server (23)
Length: 32
1 DNS server address: 2606:4700:4700::1111
2 DNS server address: 2606:4700:4700::1001
Client Fully Qualified Domain Name
Option: Client Fully Qualified Domain Name (39)
Length: 21
Flags: 0x04 [CLIENT SHALL update AAAA RRs; SERVER SHALL NOT perform any DNS updates]
.... .1.. = N bit: Server SHOULD NOT perform PTR RR updates
.... ..0. = O bit: Server HAS NOT overridden client's S bit preference
.... ...0 = S bit: Server SHOULD NOT perform AAAA RR updates
Client Domain Name: testclient.lein.io.
Frame 29: 189 bytes on wire (1512 bits), 189 bytes captured (1512 bits)
Ethernet II, Src: VMware_67:42:7a (00:0c:29:67:42:7a), Dst: IPv6mcast_01:00:02 (33:33:00:01:00:02)
Internet Protocol Version 6, Src: fe80::20c:29ff:fe67:427a, Dst: ff02::1:2
User Datagram Protocol, Src Port: 546, Dst Port: 547
DHCPv6
Message type: Release (8)
Transaction ID: 0x3f54da
Client Identifier
Option: Client Identifier (1)
Length: 14
DUID: 000100012d032346000c2967427a
DUID Type: link-layer address plus time (1)
Hardware type: Ethernet (1)
DUID Time: Dec 6, 2023 14:19:18.000000000 FLE Standard Time
Link-layer address: 00:0c:29:67:42:7a
Link-layer address (Ethernet): VMware_67:42:7a (00:0c:29:67:42:7a)
Server Identifier
Option: Server Identifier (2)
Length: 14
DUID: 000100006498654c000c2978effd
DUID Type: link-layer address plus time (1)
Hardware type: NET/ROM pseudo (0)
DUID Time: Jun 24, 2053 19:03:24.000000000 FLE Summer Time
Link-layer address: 000c2978effd
Option Request
Option: Option Request (6)
Length: 8
Requested Option code: DNS recursive name server (23)
Requested Option code: Domain Search List (24)
Requested Option code: Client Fully Qualified Domain Name (39)
Requested Option code: Simple Network Time Protocol Server (31)
Elapsed time
Option: Elapsed time (8)
Length: 2
Elapsed time: 0ms
Client Fully Qualified Domain Name
Option: Client Fully Qualified Domain Name (39)
Length: 21
Only the following message types are permitted to use OPTION_CLIENT_FQDN:\nSOLICIT, REQUEST, RENEW, REBIND, ADVERTISE, and REPLY
This message type is not permitted to use OPTION_CLIENT_FQDN
[Expert Info (Error/Protocol): This message type is not permitted to use OPTION_CLIENT_FQDN]
[This message type is not permitted to use OPTION_CLIENT_FQDN]
[Severity level: Error]
[Group: Protocol]
Identity Association for Non-temporary Address
Option: Identity Association for Non-temporary Address (3)
Length: 40
IAID: 2967427a
T1: 0
T2: 0
IA Address
Option: IA Address (5)
Length: 24
IPv6 address: 2001:db8:5678:0:8b7c:78f7:d5e4:64c5
Preferred lifetime: 0
Valid lifetime: 0
Frame 30: 146 bytes on wire (1168 bits), 146 bytes captured (1168 bits)
Ethernet II, Src: VMware_7b:28:e0 (00:0c:29:7b:28:e0), Dst: VMware_67:42:7a (00:0c:29:67:42:7a)
Internet Protocol Version 6, Src: fe80::20c:29ff:fe7b:28e0, Dst: fe80::20c:29ff:fe67:427a
User Datagram Protocol, Src Port: 547, Dst Port: 546
DHCPv6
Message type: Reply (7)
Transaction ID: 0x3f54da
Server Identifier
Option: Server Identifier (2)
Length: 14
DUID: 000100006498654c000c2978effd
DUID Type: link-layer address plus time (1)
Hardware type: NET/ROM pseudo (0)
DUID Time: Jun 24, 2053 19:03:24.000000000 FLE Summer Time
Link-layer address: 000c2978effd
Client Identifier
Option: Client Identifier (1)
Length: 14
DUID: 000100012d032346000c2967427a
DUID Type: link-layer address plus time (1)
Hardware type: Ethernet (1)
DUID Time: Dec 6, 2023 14:19:18.000000000 FLE Standard Time
Link-layer address: 00:0c:29:67:42:7a
Link-layer address (Ethernet): VMware_67:42:7a (00:0c:29:67:42:7a)
Identity Association for Non-temporary Address
Option: Identity Association for Non-temporary Address (3)
Length: 40
IAID: 2967427a
T1: 0
T2: 0
IA Address
Option: IA Address (5)
Length: 24
IPv6 address: 2001:db8:5678:0:8b7c:78f7:d5e4:64c5
Preferred lifetime: 0
Valid lifetime: 0
Appendix 2: The DHCPv6 messages in the server-side capture
Frame 1: 226 bytes on wire (1808 bits), 226 bytes captured (1808 bits)
Ethernet II, Src: VMware_7b:28:ea (00:0c:29:7b:28:ea), Dst: VMware_78:ef:07 (00:0c:29:78:ef:07)
Internet Protocol Version 6, Src: 2001:db8:9876::100:1, Dst: 2001:db8:9876::30
User Datagram Protocol, Src Port: 547, Dst Port: 547
DHCPv6
Message type: Relay-forw (12)
Hopcount: 0
Link address: 2001:db8:5678::1
Peer address: fe80::20c:29ff:fe67:427a
Relay Message
Option: Relay Message (9)
Length: 81
DHCPv6
Message type: Solicit (1)
Transaction ID: 0x4db879
Client Identifier
Option: Client Identifier (1)
Length: 14
DUID: 000100012d032346000c2967427a
DUID Type: link-layer address plus time (1)
Hardware type: Ethernet (1)
DUID Time: Dec 6, 2023 14:19:18.000000000 FLE Standard Time
Link-layer address: 00:0c:29:67:42:7a
Link-layer address (Ethernet): VMware_67:42:7a (00:0c:29:67:42:7a)
Option Request
Option: Option Request (6)
Length: 8
Requested Option code: DNS recursive name server (23)
Requested Option code: Domain Search List (24)
Requested Option code: Client Fully Qualified Domain Name (39)
Requested Option code: Simple Network Time Protocol Server (31)
Elapsed time
Option: Elapsed time (8)
Length: 2
Elapsed time: 0ms
Client Fully Qualified Domain Name
Option: Client Fully Qualified Domain Name (39)
Length: 21
Flags: 0x00 [CLIENT wants to update its AAAA RRs and SERVER to update its PTR RRs]
.... .0.. = N bit: Server SHOULD perform PTR RR updates
.... ...0 = S bit: Server SHOULD NOT perform AAAA RR updates
Client Domain Name: testclient.lein.io.
Identity Association for Non-temporary Address
Option: Identity Association for Non-temporary Address (3)
Length: 12
IAID: 2967427a
T1: 3600
T2: 5400
Client Link-Layer Address
Option: Client Link-Layer Address (79)
Length: 8
Hardware type: Ethernet (1)
Link-layer address: 00:0c:29:67:42:7a
Link-layer address (Ethernet): VMware_67:42:7a (00:0c:29:67:42:7a)
Interface-Id
Option: Interface-Id (18)
Length: 3
Interface-ID: 476931
Remote Identifier
Option: Remote Identifier (37)
Length: 22
Enterprise ID: ciscoSystems (9)
Remote-ID: 020000000000000a00030001001ebde08800
Frame 2: 252 bytes on wire (2016 bits), 252 bytes captured (2016 bits)
Ethernet II, Src: VMware_78:ef:07 (00:0c:29:78:ef:07), Dst: VMware_7b:28:ea (00:0c:29:7b:28:ea)
Internet Protocol Version 6, Src: 2001:db8:9876::30, Dst: 2001:db8:9876::100:1
User Datagram Protocol, Src Port: 547, Dst Port: 547
DHCPv6
Message type: Relay-reply (13)
Hopcount: 0
Link address: 2001:db8:5678::1
Peer address: fe80::20c:29ff:fe67:427a
Interface-Id
Option: Interface-Id (18)
Length: 3
Interface-ID: 476931
Relay Message
Option: Relay Message (9)
Length: 145
DHCPv6
Message type: Advertise (2)
Transaction ID: 0x4db879
Server Identifier
Option: Server Identifier (2)
Length: 14
DUID: 000100006498654c000c2978effd
DUID Type: link-layer address plus time (1)
Hardware type: NET/ROM pseudo (0)
DUID Time: Jun 24, 2053 19:03:24.000000000 FLE Summer Time
Link-layer address: 000c2978effd
Client Identifier
Option: Client Identifier (1)
Length: 14
DUID: 000100012d032346000c2967427a
DUID Type: link-layer address plus time (1)
Hardware type: Ethernet (1)
DUID Time: Dec 6, 2023 14:19:18.000000000 FLE Standard Time
Link-layer address: 00:0c:29:67:42:7a
Link-layer address (Ethernet): VMware_67:42:7a (00:0c:29:67:42:7a)
Identity Association for Non-temporary Address
Option: Identity Association for Non-temporary Address (3)
Length: 40
IAID: 2967427a
T1: 120
T2: 192
IA Address
Option: IA Address (5)
Length: 24
IPv6 address: 2001:db8:5678:0:8b7c:78f7:d5e4:64c5
Preferred lifetime: 240
Valid lifetime: 600
DNS recursive name server
Option: DNS recursive name server (23)
Length: 32
1 DNS server address: 2606:4700:4700::1111
2 DNS server address: 2606:4700:4700::1001
Client Fully Qualified Domain Name
Option: Client Fully Qualified Domain Name (39)
Length: 21
Flags: 0x04 [CLIENT SHALL update AAAA RRs; SERVER SHALL NOT perform any DNS updates]
.... .1.. = N bit: Server SHOULD NOT perform PTR RR updates
.... ..0. = O bit: Server HAS NOT overridden client's S bit preference
.... ...0 = S bit: Server SHOULD NOT perform AAAA RR updates
Client Domain Name: testclient.lein.io.
Frame 3: 272 bytes on wire (2176 bits), 272 bytes captured (2176 bits)
Ethernet II, Src: VMware_7b:28:ea (00:0c:29:7b:28:ea), Dst: VMware_78:ef:07 (00:0c:29:78:ef:07)
Internet Protocol Version 6, Src: 2001:db8:9876::100:1, Dst: 2001:db8:9876::30
User Datagram Protocol, Src Port: 547, Dst Port: 547
DHCPv6
Message type: Relay-forw (12)
Hopcount: 0
Link address: 2001:db8:5678::1
Peer address: fe80::20c:29ff:fe67:427a
Relay Message
Option: Relay Message (9)
Length: 127
DHCPv6
Message type: Request (3)
Transaction ID: 0xb4f010
Client Identifier
Option: Client Identifier (1)
Length: 14
DUID: 000100012d032346000c2967427a
DUID Type: link-layer address plus time (1)
Hardware type: Ethernet (1)
DUID Time: Dec 6, 2023 14:19:18.000000000 FLE Standard Time
Link-layer address: 00:0c:29:67:42:7a
Link-layer address (Ethernet): VMware_67:42:7a (00:0c:29:67:42:7a)
Server Identifier
Option: Server Identifier (2)
Length: 14
DUID: 000100006498654c000c2978effd
DUID Type: link-layer address plus time (1)
Hardware type: NET/ROM pseudo (0)
DUID Time: Jun 24, 2053 19:03:24.000000000 FLE Summer Time
Link-layer address: 000c2978effd
Option Request
Option: Option Request (6)
Length: 8
Requested Option code: DNS recursive name server (23)
Requested Option code: Domain Search List (24)
Requested Option code: Client Fully Qualified Domain Name (39)
Requested Option code: Simple Network Time Protocol Server (31)
Elapsed time
Option: Elapsed time (8)
Length: 2
Elapsed time: 0ms
Client Fully Qualified Domain Name
Option: Client Fully Qualified Domain Name (39)
Length: 21
Flags: 0x00 [CLIENT wants to update its AAAA RRs and SERVER to update its PTR RRs]
.... .0.. = N bit: Server SHOULD perform PTR RR updates
.... ...0 = S bit: Server SHOULD NOT perform AAAA RR updates
Client Domain Name: testclient.lein.io.
Identity Association for Non-temporary Address
Option: Identity Association for Non-temporary Address (3)
Length: 40
IAID: 2967427a
T1: 3600
T2: 5400
IA Address
Option: IA Address (5)
Length: 24
IPv6 address: 2001:db8:5678:0:8b7c:78f7:d5e4:64c5
Preferred lifetime: 7200
Valid lifetime: 7500
Client Link-Layer Address
Option: Client Link-Layer Address (79)
Length: 8
Hardware type: Ethernet (1)
Link-layer address: 00:0c:29:67:42:7a
Link-layer address (Ethernet): VMware_67:42:7a (00:0c:29:67:42:7a)
Interface-Id
Option: Interface-Id (18)
Length: 3
Interface-ID: 476931
Remote Identifier
Option: Remote Identifier (37)
Length: 22
Enterprise ID: ciscoSystems (9)
Remote-ID: 020000000000000a00030001001ebde08800
Frame 4: 252 bytes on wire (2016 bits), 252 bytes captured (2016 bits)
Ethernet II, Src: VMware_78:ef:07 (00:0c:29:78:ef:07), Dst: VMware_7b:28:ea (00:0c:29:7b:28:ea)
Internet Protocol Version 6, Src: 2001:db8:9876::30, Dst: 2001:db8:9876::100:1
User Datagram Protocol, Src Port: 547, Dst Port: 547
DHCPv6
Message type: Relay-reply (13)
Hopcount: 0
Link address: 2001:db8:5678::1
Peer address: fe80::20c:29ff:fe67:427a
Interface-Id
Option: Interface-Id (18)
Length: 3
Interface-ID: 476931
Relay Message
Option: Relay Message (9)
Length: 145
DHCPv6
Message type: Reply (7)
Transaction ID: 0xb4f010
Server Identifier
Option: Server Identifier (2)
Length: 14
DUID: 000100006498654c000c2978effd
DUID Type: link-layer address plus time (1)
Hardware type: NET/ROM pseudo (0)
DUID Time: Jun 24, 2053 19:03:24.000000000 FLE Summer Time
Link-layer address: 000c2978effd
Client Identifier
Option: Client Identifier (1)
Length: 14
DUID: 000100012d032346000c2967427a
DUID Type: link-layer address plus time (1)
Hardware type: Ethernet (1)
DUID Time: Dec 6, 2023 14:19:18.000000000 FLE Standard Time
Link-layer address: 00:0c:29:67:42:7a
Link-layer address (Ethernet): VMware_67:42:7a (00:0c:29:67:42:7a)
Identity Association for Non-temporary Address
Option: Identity Association for Non-temporary Address (3)
Length: 40
IAID: 2967427a
T1: 120
T2: 192
IA Address
Option: IA Address (5)
Length: 24
IPv6 address: 2001:db8:5678:0:8b7c:78f7:d5e4:64c5
Preferred lifetime: 240
Valid lifetime: 600
DNS recursive name server
Option: DNS recursive name server (23)
Length: 32
1 DNS server address: 2606:4700:4700::1111
2 DNS server address: 2606:4700:4700::1001
Client Fully Qualified Domain Name
Option: Client Fully Qualified Domain Name (39)
Length: 21
Flags: 0x04 [CLIENT SHALL update AAAA RRs; SERVER SHALL NOT perform any DNS updates]
.... .1.. = N bit: Server SHOULD NOT perform PTR RR updates
.... ..0. = O bit: Server HAS NOT overridden client's S bit preference
.... ...0 = S bit: Server SHOULD NOT perform AAAA RR updates
Client Domain Name: testclient.lein.io.
Frame 13: 272 bytes on wire (2176 bits), 272 bytes captured (2176 bits)
Ethernet II, Src: VMware_7b:28:ea (00:0c:29:7b:28:ea), Dst: VMware_78:ef:07 (00:0c:29:78:ef:07)
Internet Protocol Version 6, Src: 2001:db8:9876::100:1, Dst: 2001:db8:9876::30
User Datagram Protocol, Src Port: 547, Dst Port: 547
DHCPv6
Message type: Relay-forw (12)
Hopcount: 0
Link address: 2001:db8:5678::1
Peer address: fe80::20c:29ff:fe67:427a
Relay Message
Option: Relay Message (9)
Length: 127
DHCPv6
Message type: Renew (5)
Transaction ID: 0xa3d236
Client Identifier
Option: Client Identifier (1)
Length: 14
DUID: 000100012d032346000c2967427a
DUID Type: link-layer address plus time (1)
Hardware type: Ethernet (1)
DUID Time: Dec 6, 2023 14:19:18.000000000 FLE Standard Time
Link-layer address: 00:0c:29:67:42:7a
Link-layer address (Ethernet): VMware_67:42:7a (00:0c:29:67:42:7a)
Server Identifier
Option: Server Identifier (2)
Length: 14
DUID: 000100006498654c000c2978effd
DUID Type: link-layer address plus time (1)
Hardware type: NET/ROM pseudo (0)
DUID Time: Jun 24, 2053 19:03:24.000000000 FLE Summer Time
Link-layer address: 000c2978effd
Option Request
Option: Option Request (6)
Length: 8
Requested Option code: DNS recursive name server (23)
Requested Option code: Domain Search List (24)
Requested Option code: Client Fully Qualified Domain Name (39)
Requested Option code: Simple Network Time Protocol Server (31)
Elapsed time
Option: Elapsed time (8)
Length: 2
Elapsed time: 0ms
Client Fully Qualified Domain Name
Option: Client Fully Qualified Domain Name (39)
Length: 21
Flags: 0x00 [CLIENT wants to update its AAAA RRs and SERVER to update its PTR RRs]
.... .0.. = N bit: Server SHOULD perform PTR RR updates
.... ...0 = S bit: Server SHOULD NOT perform AAAA RR updates
Client Domain Name: testclient.lein.io.
Identity Association for Non-temporary Address
Option: Identity Association for Non-temporary Address (3)
Length: 40
IAID: 2967427a
T1: 3600
T2: 5400
IA Address
Option: IA Address (5)
Length: 24
IPv6 address: 2001:db8:5678:0:8b7c:78f7:d5e4:64c5
Preferred lifetime: 7200
Valid lifetime: 7500
Client Link-Layer Address
Option: Client Link-Layer Address (79)
Length: 8
Hardware type: Ethernet (1)
Link-layer address: 00:0c:29:67:42:7a
Link-layer address (Ethernet): VMware_67:42:7a (00:0c:29:67:42:7a)
Interface-Id
Option: Interface-Id (18)
Length: 3
Interface-ID: 476931
Remote Identifier
Option: Remote Identifier (37)
Length: 22
Enterprise ID: ciscoSystems (9)
Remote-ID: 020000000000000a00030001001ebde08800
Frame 14: 252 bytes on wire (2016 bits), 252 bytes captured (2016 bits)
Ethernet II, Src: VMware_78:ef:07 (00:0c:29:78:ef:07), Dst: VMware_7b:28:ea (00:0c:29:7b:28:ea)
Internet Protocol Version 6, Src: 2001:db8:9876::30, Dst: 2001:db8:9876::100:1
User Datagram Protocol, Src Port: 547, Dst Port: 547
DHCPv6
Message type: Relay-reply (13)
Hopcount: 0
Link address: 2001:db8:5678::1
Peer address: fe80::20c:29ff:fe67:427a
Interface-Id
Option: Interface-Id (18)
Length: 3
Interface-ID: 476931
Relay Message
Option: Relay Message (9)
Length: 145
DHCPv6
Message type: Reply (7)
Transaction ID: 0xa3d236
Server Identifier
Option: Server Identifier (2)
Length: 14
DUID: 000100006498654c000c2978effd
DUID Type: link-layer address plus time (1)
Hardware type: NET/ROM pseudo (0)
DUID Time: Jun 24, 2053 19:03:24.000000000 FLE Summer Time
Link-layer address: 000c2978effd
Client Identifier
Option: Client Identifier (1)
Length: 14
DUID: 000100012d032346000c2967427a
DUID Type: link-layer address plus time (1)
Hardware type: Ethernet (1)
DUID Time: Dec 6, 2023 14:19:18.000000000 FLE Standard Time
Link-layer address: 00:0c:29:67:42:7a
Link-layer address (Ethernet): VMware_67:42:7a (00:0c:29:67:42:7a)
Identity Association for Non-temporary Address
Option: Identity Association for Non-temporary Address (3)
Length: 40
IAID: 2967427a
T1: 120
T2: 192
IA Address
Option: IA Address (5)
Length: 24
IPv6 address: 2001:db8:5678:0:8b7c:78f7:d5e4:64c5
Preferred lifetime: 240
Valid lifetime: 600
DNS recursive name server
Option: DNS recursive name server (23)
Length: 32
1 DNS server address: 2606:4700:4700::1111
2 DNS server address: 2606:4700:4700::1001
Client Fully Qualified Domain Name
Option: Client Fully Qualified Domain Name (39)
Length: 21
Flags: 0x04 [CLIENT SHALL update AAAA RRs; SERVER SHALL NOT perform any DNS updates]
.... .1.. = N bit: Server SHOULD NOT perform PTR RR updates
.... ..0. = O bit: Server HAS NOT overridden client's S bit preference
.... ...0 = S bit: Server SHOULD NOT perform AAAA RR updates
Client Domain Name: testclient.lein.io.
Frame 23: 272 bytes on wire (2176 bits), 272 bytes captured (2176 bits)
Ethernet II, Src: VMware_7b:28:ea (00:0c:29:7b:28:ea), Dst: VMware_78:ef:07 (00:0c:29:78:ef:07)
Internet Protocol Version 6, Src: 2001:db8:9876::100:1, Dst: 2001:db8:9876::30
User Datagram Protocol, Src Port: 547, Dst Port: 547
DHCPv6
Message type: Relay-forw (12)
Hopcount: 0
Link address: 2001:db8:5678::1
Peer address: fe80::20c:29ff:fe67:427a
Relay Message
Option: Relay Message (9)
Length: 127
DHCPv6
Message type: Release (8)
Transaction ID: 0x3f54da
Client Identifier
Option: Client Identifier (1)
Length: 14
DUID: 000100012d032346000c2967427a
DUID Type: link-layer address plus time (1)
Hardware type: Ethernet (1)
DUID Time: Dec 6, 2023 14:19:18.000000000 FLE Standard Time
Link-layer address: 00:0c:29:67:42:7a
Link-layer address (Ethernet): VMware_67:42:7a (00:0c:29:67:42:7a)
Server Identifier
Option: Server Identifier (2)
Length: 14
DUID: 000100006498654c000c2978effd
DUID Type: link-layer address plus time (1)
Hardware type: NET/ROM pseudo (0)
DUID Time: Jun 24, 2053 19:03:24.000000000 FLE Summer Time
Link-layer address: 000c2978effd
Option Request
Option: Option Request (6)
Length: 8
Requested Option code: DNS recursive name server (23)
Requested Option code: Domain Search List (24)
Requested Option code: Client Fully Qualified Domain Name (39)
Requested Option code: Simple Network Time Protocol Server (31)
Elapsed time
Option: Elapsed time (8)
Length: 2
Elapsed time: 0ms
Client Fully Qualified Domain Name
Option: Client Fully Qualified Domain Name (39)
Length: 21
Only the following message types are permitted to use OPTION_CLIENT_FQDN:\nSOLICIT, REQUEST, RENEW, REBIND, ADVERTISE, and REPLY
This message type is not permitted to use OPTION_CLIENT_FQDN
[Expert Info (Error/Protocol): This message type is not permitted to use OPTION_CLIENT_FQDN]
[This message type is not permitted to use OPTION_CLIENT_FQDN]
[Severity level: Error]
[Group: Protocol]
Identity Association for Non-temporary Address
Option: Identity Association for Non-temporary Address (3)
Length: 40
IAID: 2967427a
T1: 0
T2: 0
IA Address
Option: IA Address (5)
Length: 24
IPv6 address: 2001:db8:5678:0:8b7c:78f7:d5e4:64c5
Preferred lifetime: 0
Valid lifetime: 0
Client Link-Layer Address
Option: Client Link-Layer Address (79)
Length: 8
Hardware type: Ethernet (1)
Link-layer address: 00:0c:29:67:42:7a
Link-layer address (Ethernet): VMware_67:42:7a (00:0c:29:67:42:7a)
Interface-Id
Option: Interface-Id (18)
Length: 3
Interface-ID: 476931
Remote Identifier
Option: Remote Identifier (37)
Length: 22
Enterprise ID: ciscoSystems (9)
Remote-ID: 020000000000000a00030001001ebde08800
Frame 24: 191 bytes on wire (1528 bits), 191 bytes captured (1528 bits)
Ethernet II, Src: VMware_78:ef:07 (00:0c:29:78:ef:07), Dst: VMware_7b:28:ea (00:0c:29:7b:28:ea)
Internet Protocol Version 6, Src: 2001:db8:9876::30, Dst: 2001:db8:9876::100:1
User Datagram Protocol, Src Port: 547, Dst Port: 547
DHCPv6
Message type: Relay-reply (13)
Hopcount: 0
Link address: 2001:db8:5678::1
Peer address: fe80::20c:29ff:fe67:427a
Interface-Id
Option: Interface-Id (18)
Length: 3
Interface-ID: 476931
Relay Message
Option: Relay Message (9)
Length: 84
DHCPv6
Message type: Reply (7)
Transaction ID: 0x3f54da
Server Identifier
Option: Server Identifier (2)
Length: 14
DUID: 000100006498654c000c2978effd
DUID Type: link-layer address plus time (1)
Hardware type: NET/ROM pseudo (0)
DUID Time: Jun 24, 2053 19:03:24.000000000 FLE Summer Time
Link-layer address: 000c2978effd
Client Identifier
Option: Client Identifier (1)
Length: 14
DUID: 000100012d032346000c2967427a
DUID Type: link-layer address plus time (1)
Hardware type: Ethernet (1)
DUID Time: Dec 6, 2023 14:19:18.000000000 FLE Standard Time
Link-layer address: 00:0c:29:67:42:7a
Link-layer address (Ethernet): VMware_67:42:7a (00:0c:29:67:42:7a)
Identity Association for Non-temporary Address
Option: Identity Association for Non-temporary Address (3)
Length: 40
IAID: 2967427a
T1: 0
T2: 0
IA Address
Option: IA Address (5)
Length: 24
IPv6 address: 2001:db8:5678:0:8b7c:78f7:d5e4:64c5
Preferred lifetime: 0
Valid lifetime: 0
Appendix 3: The IPv6 configurations on the DHCPv6 relay
interface GigabitEthernet1 description VLAN 60 ipv6 address 2001:DB8:5678::1/64 ipv6 nd prefix 2001:DB8:5678::/64 300 120 no-autoconfig ipv6 nd managed-config-flag ipv6 nd ra lifetime 120 ipv6 nd ra interval 60 45 ipv6 dhcp relay destination 2001:DB8:9876::30 interface GigabitEthernet2 description VLAN 41 ipv6 address 2001:DB8:9876::100:1/64 ipv6 nd prefix default no-advertise ipv6 nd ra suppress all