DOKK / manpages / debian 12 / wide-dhcpv6-server / dhcp6s.conf.5.en
DHCP6S.CONF(5) File Formats Manual DHCP6S.CONF(5)

dhcp6s.confDHCPv6 server configuration file

/etc/wide-dhcpv6/dhcp6s.conf

The dhcp6s.conf file contains configuration information for KAME's DHCPv6 server, dhcp6s. The configuration file consists of a sequence of statements terminated by a semi-colon (`;'). Statements are composed of tokens separated by white space, which can be any combination of blanks, tabs and newlines. In some cases a set of statements is combined with a pair of brackets, which is regarded as a single token. Lines beginning with ‘#’ are comments.

There are some statements that may or have to specify interface. Interfaces are specified in the form of "name unit", such as fxp0 and gif1.

An include statement specifies another configuration file to be included. The format of an include statement is as follows:

"filename";
Where "filename" is the name (full path) of the file to be included.

An option statement specifies configuration parameters provided for every client. The format of the statement is as follows.

option-name [option-value] ;
The following options can be specified in an option statement.
dns-address [dns-addresses...];
provides DNS server address(es). Each dns-address must be a numeric IPv6 address. Multiple server addresses can also be specified by a sequence of these statements.
"dns-name";
provides a domain name of a DNS search path. Multiple names in the path can be specified by a sequence of these statements.
ntp-address [ntp-addresses...];
provides NTP server address(es). Each ntp-address must be a numeric IPv6 address. Multiple server addresses can also be specified by a sequence of these statements.
sip-server-address [sip-server-addresses...];
provides SIP server address(es). Each sip-server-address must be a numeric IPv6 address. Multiple server addresses can also be specified by a sequence of these statements.
"sip-server-domain-name";
provides a domain name of a SIP server. Multiple names in the path can be specified by a sequence of these statements.
nis-server-address [nis-server-addresses...];
provides NIS server address(es). Each nis-server-address must be a numeric IPv6 address. Multiple server addresses can also be specified by a sequence of these statements.
"nis-domain-name";
provides a NIS domain name. Multiple names in the path can be specified by a sequence of these statements.
nisp-server-address [nisp-server-addresses...];
provides NIS+ server address(es). Each nisp-server-address must be a numeric IPv6 address. Multiple server addresses can also be specified by a sequence of these statements.
"nisp-domain-name";
provides a NIS+ domain name. Multiple names in the path can be specified by a sequence of these statements.
bcmcs-server-address [bcmcs-server-addresses...];
provides BCMCS server address(es). Each bcmcs-server-address must be a numeric IPv6 address. Multiple server addresses can also be specified by a sequence of these statements.
"bcmcs-server-domain-name";
provides a domain name of a BCMCS server. Multiple names in the path can be specified by a sequence of these statements.
interval;
specifies the refresh time of stateless information that does not have particular lease duration in seconds. This option is only applicable to stateless configuration by information-request and reply exchanges.

An interface statement specifies configuration parameters on the interface. The generic format of an interface statement is as follows:

interface { substatements };
The followings are possible substatements in an interface statement.
allow-options ;
This statement specifies DHCPv6 options accepted by the server. Currently only rapid-commit can be specified in an allow statement, which specifies the server to accept a rapid-commit option in solicit messages.
pref;
This statement sets the server's preference value on the interface to the value pref. The specified value will be contained in a preference option of advertise messages. The preference value must be a decimal integer and be between 0 and 255 (inclusive.)
pool pltime [vltime];
This statement assigns an address pool pool to the interface. When dhcp6s.conf receives a allocation request for an IA-NA, it assigns one IPv6 address from this pool. The specified pool name will be defined in a pool statement. Regarding the pltime and vltime , please see the explanation in the prefix substatement in host statement section.

A host statement specifies configuration parameters for a particular client. The generic format of a host statement is as follows:

name { substatements };
name is an arbitrary string. It does not affect server's behavior but is provided for readability of log messages. Possible substatements are as follows.
ID;
This statement defines the client's DHCP unique identifier (DUID). ID is a colon-separated hexadecimal sequence where each separated part must be composed of two hexadecimal values. This statement is used to identify a particular host by the server and must be included in a host statement.
ipv6-prefix pltime [vltime];
This statement specifies an IPv6 prefix to be delegated to the client. ipv6-prefix is a string representing a valid IPv6 prefix (see the example below). pltime and vltime are preferred and valid lifetimes of the prefix, respectively. When the latter is omitted, it will be set to the same value of pltime. A positive decimal number or a special string infinity can be specified as a lifetime. A decimal number provides the lifetime in seconds, while infinity means the corresponding lifetime never expires. When both lifetimes are specified, pltime must not be larger than vltime. Multiple prefixes can be specified, each of which is given by a single prefix statement. In that case, all or some of the specified prefixes will be delegated to the client, based on required parameters by the client.
ipv6-address pltime [vltime];
This statement specifies an IPv6 address to be assigned to the client. Everything is same as prefix option, except that you do not need specify prefix length.
keyname;
This statement specifies a secret key shared with the client for the DHCPv6 delayed authentication protocol. keyname is a string that identifies a particular set of key parameters. A separate keyinfo statement for keyname must be provided in the configuration file. When this statement is specified and the client includes an authentication option for the delayed authentication protocol in a Solicit message, dhcp6s will perform the authentication protocol for succeeding message exchanges.

A pool statement specifies an address pool for a particular interface. The generic format of a pool statement is as follows:

name { substatements; };
name is an arbitrary string. It does not affect server's behavior but is provided for readability of log messages. Possible substatements are as follows.
min-addr to max-addr
This substatement defines the range of addresses allocated for the pool, i.e. from min-addr to max-addr.

This statement defines a secret key shared with a client to authenticate DHCPv6 messages. The format and the description of this statement is provided in dhcp6c.conf(5). One important difference in the server configuration is, however, the keyname is referred from a host statement as described above.

The followings are a sample configuration to provide a DNS server address for every client as well as to delegate a permanent IPv6 prefix 2001:db8:1111::/48 to a client whose DUID is 00:01:00:01:aa:bb.

option domain-name-servers 2001:db8::35;

host kame {
	duid 00:01:00:01:aa:bb;
	prefix 2001:db8:1111::/48 infinity;
};

If a shared secret should be configured in both the server and the client for DHCPv6 authentication, it would be specified in the configuration file as follows:

keyinfo kame {
        realm "kame.net";
        keyid 1;
        secret "5pvW2g48OHPvkYMJSw0vZA==";
};

And the host statement would be modified as follows:

host kame {
	duid 00:01:00:01:aa:bb;
	prefix 2001:db8:1111::/48 infinity;
        delayedkey kame;
};

dhcp6c.conf(5) dhcp6s(8)

The dhcp6s.conf configuration file first appeared in the WIDE/KAME IPv6 protocol stack kit.

July 29, 2004 KAME