Changing DUID to get new IPv6 assignment

SpareSimian · September 18, 2021, 11:33am

I think Comcast is giving me only a /64 and I think I need a /60 for Luci to properly delegate a /64 to the LAN side. According to this old Reddit thread, I should be able to get a new assignment with the proper prefix by changing the DUID. How do I do that?

How do I know if I got a /60 or /64? What settings do I need to get addresses assigned on the LAN side?

OpenWrt 18.06.4 r7808-ef686b7292 / LuCI openwrt-18.06 branch (git-19.170.32094-4d6d8bc)
Zyxel NBG6716

(It's probably due for an update, if a new build is available for the old hardware.)

slh · September 18, 2021, 11:55am

ifstatus wan, ifstatus wan6.

SpareSimian · October 23, 2021, 7:58am

After lots of looking at source code, I found that my router is running odhcp6c and its -c option sets the DUID. The DUID's format is defined in section 11 of RFC 8415: https://datatracker.ietf.org/doc/html/rfc8415#section-11

odhcp6c uses the DUID-LL format by default. This sends the 8-byte MAC address of the WAN interface as the DUID. (8 because the first 2 bytes are the value 1 for Ethernet. The rest is the 6-byte MAC most of us are familiar with.)

Luci offers a Client ID setting but doesn't specify its structure. It should be a hex string in network order (ie. MSB of multi-byte values first). The first two bytes are the DUID type. The rest are the DUID value. See the RFC for how to structure it. For example, 00030001xxxxxxxxxxxx where the x's are your 6-byte MAC would be the default DUID.

jaromanda · October 23, 2021, 8:11am

if DUID is based on MAC ... could you not override the MAC?

SpareSimian · October 23, 2021, 8:52am

DUID can be based on MAC, and is in the default configuration. I wasn't sure, and I could indeed change just the MAC. I did just test with a client ID based on my MAC and got the same /64 prefix. I incremented the client ID by 1 (equivalent to incrementing the MAC by 1) and got a new prefix.

Alas, I'm still getting a /64 from Comcast. Looking at the LAN DHCP config page on their modem, it looks like it's only going to assign a /64. I've got the lower tier modem so I might need the newer one, which I have staged to swap in.

Alfie-Bui · March 5, 2024, 7:59am

If i want to change DUID type to LLT (link layer address plus time)(DUID type 1 as reference: https://datatracker.ietf.org/doc/html/rfc8415#section-11.2)

So how can i implement that on my device which run on openwrt.
I must to make script to create DUID then write to /etc/config/dhcp

config host
   option duid "<gen_duid_using_MAC+timestamp>"

Or has any simple way to just modify /etc/config/dhcp file to archieve my requirement.

Thank you guys so much !!

olitoutlemonde · March 28, 2024, 2:56pm

Hello @Alfie-Bui ,
Based on this article: https://openwrt.org/docs/guide-user/network/ipv6/configuration , I tried to add the duid option to my wan6 interface in /etc/config/network:

config interface 'wan6'
        option ifname 'eth4'
        option proto 'dhcpv6'
        option peerdns '0'
        list dns 'xxx'
        list dns 'xxx'
        option ip_int_instance '4'
        option clientid '00030001xxxxxxxxxx42'

I took tcpdump catpures of the DHCP requests before and after the change. Note that my MAC address, which the duid is based on, ends up with 70. For the duid change test, I replaced these 2 digits with 42 and here is the result:

On the left, you can see the request with original duid and on the right the request with the modified duid.
Note that I ran /etc/init.d/network restart to apply the apply the change but there may be something cleaner to do, I just did not want to bother with that part