Page 1 of 1
providing NTP server by using DHCPv6?
Posted: Thu Oct 21, 2021 3:44 pm
by lake6kn
Hello everyone,
I tried to publish the IPv6 ntp server using DHCPv6 to our client. But checking with wireshark, the information is not sent by the Mikrotik, only the DNS server.
This is my configuration:
/ipv6 dhcp-server option
add code=23 name=DNS value="'2001:db8:ca5e:cefe::53'" # this is dns server sent by stateless DHCPv6 to the clients, this works
add code=56 name=time.example.com value="0x0003001204'time'0x07'example'0x03'com'0x00"
# this is my understanding of RFC 8415 (DHCPv6) and RFC 5908 (NTP server option for DHCPv6)
/ipv6 dhcp-server
add dhcp-option=DNS,time.example.com interface=eth3 lease-time=29m name=IPv6test
Has anyone a hint for me why RouterOS is not publishing the NTPv6 server in DHCPv6 packets? DNS-server is published...
The very same value is sent by DHCPv6 after configuration on another network device...
Thanks for reading and looking forward to get interesting answers.
Re: providing NTP server by using DHCPv6?
Posted: Thu Oct 21, 2021 6:30 pm
by tdw
DHCP answers requests for options if they exist / have been configured on the server. There is generally little point pushing unrequested options to clients, if they were not asked for they are most likely going to be ignored.
For example the Windows 10 DHCPv6 client issues an information request with a client identifier, a vendor class of Microsoft, plus an option request for vendor-specific information, DNS recursive name server, domain search list and lifetime; the Mikrotik responds with client identifier, server identifier, plus DNS recursive name server.
Re: providing NTP server by using DHCPv6?
Posted: Fri Oct 22, 2021 9:16 am
by lake6kn
right now the question is how to configure RouterOS to really send the option. I'm checking DHCPv6 packets with wireshark. And there is no NTPv6 information within the DHCPv6 Packets
Re: providing NTP server by using DHCPv6?
Posted: Fri Oct 22, 2021 11:05 am
by lake6kn
just to add a new piece to the puzzle:
today I changed my configuration again. I added DNS search path (RFC 8415 calls type 24 DOMAIN_LIST) and now it looks like this:
/ipv6 dhcp-server option
add code=23 name=DNSsrv value="'2001:db8:ca5e:cefe::53'"
add code=24 name=DNSsearch value="0x07'example'0x03'com'0x00"
add code=56 name=NTPexample value="0x0003000b07'example'0x02'us'0x00"
/ipv6 dhcp-server
add dhcp-option=DNSsrv,DNSsearch,NTPexample interface=eth3 lease-time=29m name=IPv6test
Now I can see in a new wireshark trace the IPv6 address of the dns server and the dns search path, but never the a NTP information.
Exact this NTP information I copied out of a trace of another (with NTPv6 information) running system.
Any other hints than opening a ticket?
edited: :case: to :ca5e:
Re: providing NTP server by using DHCPv6?
Posted: Fri Oct 22, 2021 12:37 pm
by lake6kn
next (demotivating) information:
I'm even not able to send SNTP server as option
/ipv6 dhcp-server option
add code=23 name=DNSsrv value="'2001:db8:ca5e:cefe::53'"
add code=24 name=DNSsearch value="0x07'example'0x03'com'0x00"
add code=31 name=SNTP value="'2001:db8:ca5e::6:123'"
/ipv6 dhcp-server
add dhcp-option=DNSsrv,DNSsearch,SNTP interface=eth3 lease-time=29m name=IPv6test
It's still the same: in Wireshark I can see IPv6-address of dns server and domain search list, but NO sntp (or ntp) information
by the way:
to add TWO dns or sntp servers, this lines are accepted by the CLI:
add code=23 name=DNSsrv value="'2001:db8:ca5e:cafe::53''2001:db8:ca5e:fae::53'"
add code=31 name=SNTP value="'2001:db8:ca5e::6:123''2001:db8:ca5e::c:123'"
Re: providing NTP server by using DHCPv6?
Posted: Fri Oct 22, 2021 2:57 pm
by mkx
When doing wireshark traces, do you see DHCPv6 client requesting for those options?
Re: providing NTP server by using DHCPv6?
Posted: Fri Oct 22, 2021 7:09 pm
by nescafe2002
Options 31 and 56 are working for me..
Make sure you supply the adequate suboption (0x0001) and address length (0x0010) for each ntp server (when using option 56!).
Also 2001:db8:case:: is an invalid IPv6 prefix therefore the addresses are interpreted as a string. I changed case:: into cafe:: for the purpose of this example.
Server:
/ipv6 dhcp-server option
add code=23 name=dns value="'2001:db8:cafe:cefe::53''2001:db8:cafe:fae::53'"
add code=31 name=sntp value="'2001:db8:cafe::6:123'"
add code=56 name=ntp value="0x00010010'2001:db8:cafe::6:123'0x00010010'2001:db8:cafe::c:123'0x0003000c07'example'0x02'us'0x00"
/ipv6 dhcp-server
add dhcp-option=dns,sntp,ntp interface=ether3 name=default
Client:
/ipv6 dhcp-client option
add code=6 name="req: dns,sntp,ntp" value=0x0017001f0038
/ipv6 dhcp-client
add dhcp-options="req: dns,sntp,ntp" interface=ether1 request=info
Result after disable/enable dhcpv6-client:
DHCPv6
Message type: Reply (7)
Transaction ID: 0x517de2
Client Identifier (collapsed)
Server Identifier (collapsed)
DNS recursive name server
Option: DNS recursive name server (23)
Length: 32
1 DNS server address: 2001:db8:cafe:cefe::53
2 DNS server address: 2001:db8:cafe:fae::53
Simple Network Time Protocol Server
Option: Simple Network Time Protocol Server (31)
Length: 16
1 SNTP server address: 2001:db8:cafe::6:123
NTP Server
Option: NTP Server (56)
Length: 56
NTP Server Address
Suboption: NTP Server Address (1)
Length: 16
NTP Server Address: 2001:db8:cafe::6:123
NTP Server Address
Suboption: NTP Server Address (1)
Length: 16
NTP Server Address: 2001:db8:cafe::c:123
NTP Server FQDN
Suboption: NTP Server FQDN (3)
Length: 12
NTP Server FQDN: example.us.
Re: providing NTP server by using DHCPv6?
Posted: Tue Oct 26, 2021 9:40 am
by lake6kn
When doing wireshark traces, do you see DHCPv6 client requesting for those options?
you are right. The client (Windows 10 21H1) doesn't request the NTP or SNTP option, but option 24 (dns search list). And option 24 is sent, if configured...
By the way: on other DHCPv6 servers this options are sent, even if the client doesn't request them.
Right now I try to find a good way to send a DHCPv6 request with this options. Maybe there is a system where I can install ROS for a test of this; nescafe2002 already wrote the required commands.
Thanks for your hints
Re: providing NTP server by using DHCPv6?
Posted: Tue Oct 26, 2021 2:19 pm
by mkx
What kind of DHCPv6 client are you running? If you have a linux machine handy, you can try running dhclient manually ... you can specify the list of options to request from DHCP server.