Android and DHCPv6 again

Mailman List Mirror (Read Only)
1

Hi

I noticed that my Nexus 9 tablet did not have any IPv6 although everything
else in my house is IPv6 enabled. Then I noticed that my Samsung S6 was
also without IPv6. Hmm.

A little work with tcpdump and I got this:

03:27:15.978826 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 120)
fe80::222:7ff:fe49:ffad > ip6-allnodes: [icmp6 sum ok] ICMP6, router
advertisement, length 120
hop limit 0, Flags [*managed*, other stateful], pref medium, router
lifetime 1800s, reachable time 0s, retrans time 0s
source link-address option (1), length 8 (1): 00:22:07:49:ff:ad
mtu option (5), length 8 (1): 1500
prefix info option (3), length 32 (4): 2a00:7660:5c6::/64, Flags [onlink,
*auto*], valid time 7040s, pref. time 1800s
unknown option (24), length 16 (2):
0x0000: 3000 0000 1b80 2a00 7660 05c6 0000

So my CPE is actually doing DHCPv6 and some nice people at Google decided
that it will be better for me to be without IPv6 in that case :-(.

But it also has the auto flag, so Android should be able to do SLAAC yes?

My Macbook Pro currently has the following set of addresses:

en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether 3c:15:c2:ba:76:d4
inet6 fe80::3e15:c2ff:feba:76d4%en0 prefixlen 64 scopeid 0x4
inet 192.168.1.214 netmask 0xffffff00 broadcast 192.168.1.255
inet6 2a00:7660:5c6::3e15:c2ff:feba:76d4 prefixlen 64 autoconf
inet6 2a00:7660:5c6::b5a5:5839:ca0f:267e prefixlen 64 autoconf temporary
inet6 2a00:7660:5c6::899 prefixlen 64 dynamic
nd6 options=1<PERFORMNUD>
media: autoselect
status: active

To me it seems that the Macbook has one SLAAC address, one privacy
extension address and one DHCPv6 managed address.

In fact the CPE manufacturer is a little clever here. They gave me an easy
address that I can use to access my computer ("899") while still allowing
SLAAC and privacy extensions. If I want to open ports in my firewall I
could do that to the "899" address.

But why is my Android devices without IPv6 in this setup?

Regards,

Baldur

2

Your device may be getting an address, but without a recursive DNS server
it may be useless.

If you're going to do SLAAC you'll also need to supply your client with a
recursive DNS server. Android prefers RFC 6106. As you mentioned, Google
has decided not to support DHCPv6 in Android. Unfortunately some router
manufacturers are only now getting around to implementing RFC 6106.

BH

3

Hello,
  This is a question a should test myself but anyhow I would like to
hear your comments.
  What happen (on the client side/Android maybe) if I advertise the DNS
information in the RA and I also enable the O bit?

Thanks,

Alejandro,

4

The Android client should ignore the O-flag and just use the information in
the RA. Windows clients will ignore the DNS option in the RA and do a DHCP
request for the Other information.

My understanding is you can enabled the O-flag for stateless DHCPv6 and set
the RA DNS option at the same time. This configuration should work on
networks that have a mix of Windows and Android clients (seeing as Windows
clients do not natively support RFC6106).

BH

5

Hi,

Hello,
  This is a question a should test myself but anyhow I would like to
hear your comments.
  What happen (on the client side/Android maybe) if I advertise the DNS
information in the RA and I also enable the O bit?

depends on the OS the client is running, see
https://www.ernw.de/download/ERNW_Whitepaper_IPv6_RAs_RDNSS_DHCPv6_Conflicting_Parameters.pdf &
https://www.ernw.de/download/ERNW_RIPE70_IPv6_Behavior_Conflicting_Environments_v0_92_short.pdf

best

Enno

6

it may be useless.

It is dual stack. You will get DNS info via DHCPv4.

Regards

Baldur

7

El 10/7/2015 a las 12:50 AM, Enno Rey escribi�:

Hi,

Hello,
  This is a question a should test myself but anyhow I would like to
hear your comments.
  What happen (on the client side/Android maybe) if I advertise the DNS
information in the RA and I also enable the O bit?

depends on the OS the client is running, see
https://www.ernw.de/download/ERNW_Whitepaper_IPv6_RAs_RDNSS_DHCPv6_Conflicting_Parameters.pdf &
https://www.ernw.de/download/ERNW_RIPE70_IPv6_Behavior_Conflicting_Environments_v0_92_short.pdf

Thanks a lot. Great documents, nice job, congrats.

Alejandro,

8

Android does not have a complete IPv6 implementation and should not be IPv6
enabled. Please do your part and complain to Google that Android does not
support DHCPv6 for address assignment.

9

I use android devices on my network with IPv6 connectivity, and no
issues at all. It gets an address. Does DNS via IPv6, and can send
packets over IPv6. I don't use or need DHCPv6.

You may not be able to roll out IPv6 to them because you need DHCPv6.
In this case I suggest you complain to Google. Other people may not be
able to roll out IPv6 to them because they need DHCPv6. They should
also complain to Google. Suggesting that nobody rolls out IPv6 on them
because they don't support one feature they may not even need is
absurd. DHCPv6 is not a prerequisite for IPv6.

Regards,
Dave

10

Hi,

Android does not have a complete IPv6 implementation and should not be IPv6
enabled. Please do your part and complain to Google that Android does not
support DHCPv6 for address assignment.

no different to other devices historically.... it can get IPv6 connectivity via
SLAAC and then rely on DHCP (v4!) for getting IPv4 DNS servers to which it can send
AAAA records.

very much like OSX used to be.....

alan

11

Excuse my ignorance, but can DHCPv6 and SLAAC be run in parallel?

Thank you,
- Nich

12

Yes,

SLAAC by default provides the address and default gateway (RA)
If SLAAC managed flag is set, then DHCPv6 is used get the address and other configs (DNS, etc..)
If SLAAC other flag is set, then SLAAC provides the address, and uses DHCPv6 to get the other configs (DNS, etc..)

With SLAAC and without DHCPv6 the device has no way of knowing the DNS server and other configs such as search domain, etc...

RFC 6106 provides a new feature that allows devices to obtain DNS from RA, but not all devices and network equipment support it yet.

For devices that don't support RFC 6106 or DHCPv6, then it has to use IPv4 (DHCPv4) to get the IPv4 DNS address.

13

Yes but Android refuses to do IPv6 if there is any DHCPv6 on the network.
It is a bug.

Regards

Baldur

14

Hi,

SLAAC by default provides the address and default gateway (RA)
If SLAAC managed flag is set, then DHCPv6 is used get the address and other configs (DNS, etc..)
If SLAAC other flag is set, then SLAAC provides the address, and uses DHCPv6 to get the other configs (DNS, etc..)

It's even more flexible than that :slight_smile:

The Managed flag indicates if there is a DHCPv6 server that can provide addresses and other config
The Other Config flag indicates if there is a DHCPv6 server that can provide other config

Besides those flags each prefix that is advertised in the RA has an Autonomous flag which tells the clients if they are allowed to do SLAAC.

So you can do all kinds of nice setups. For example you can advertise both the Managed and the Autonomous flags so that devices can get a DHCPv6-managed address (maybe for running services or for remote management) and get SLAAC addresses (for example for privacy extensions so they cannot be identified by their address when connecting to the internet). Or you can advertise multiple prefixes and allow Autonomous configuration in one and provide addresses in the other with DHCPv6.

I admit that you can also make things extremely complex for yourself, but it's certainly flexible! :wink:

Cheers,
Sander

15

That would indeed be a bug, but I'm not aware of such a bug. As long as the
network provides SLAAC as well as DHCPv6, IPv6 should work. If anyone can
reproduce this on a Nexus device, please file a bug.

Android 5.x does have a bug where if you send the device a default route
via RA and don't provide addressing via SLAAC (i.e., if you do
DHCPv6-only), and also have IPv6 on the cellular network, the device gets
confused. That should be fixed in 6.0.