8 thoughts on - How To Display/create DUID?

• –Good question. I’m trying to do the same for my OpenWRT router to force my ISP to give me a new allocation. (It’s stuck on a /64 and a Reddit thread suggests that changing the DUID will “kick” the DHCPv6 server into honoring my /60 request.) The DUID does the same for IPv6 that the MAC address does for IPv4. It’s the key for the lease in the DHCP database.

  I’m reading that DUIDs can get recomputed when containers are started, and this causes headaches for VM operators who are seeing “new” assignments appear extremely frequently.

• —<https://redhatlinux.guru/2019/07/01/find-duid-on-rhel-and-CentOS-servers/>

  <https://askubuntu.com/questions/712159/how-can-i-find-out-my-systems-dhcpv6-duid>

  My desktop has it in /var/lib/NetworkManager. I haven’t yet figured out what generates it or how it gets set on a server, as my servers don’t have one (that I can find). My suspicion is that it gets generated from the UUID
  setting for the interface in /etc/sysconfig/network-scripts/ifcfg-*.

• None of this is working because the server isn’t running a DHCPv6
  server, and there seems to be no file in /var/lib/NetworkManager that would seem to be helpful.

  Isn’t there a tool that creates the DUID and prints it? This can’t be too difficult …

• –I found this thread that suggests that NetworkManager computes it every time unless it’s manually overridden:

  <https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/135>

  Based on that, nmtui-connect might do what you want.

• That might mean that I would need to extract the functions from the soruces of dhclient to make a program that prints DUID(s) for the machine you run it on.
  … But that isn’t so easy. Maybe I can find out how to create a DUID and write something in perl; it doesn’t seem to be too complicated in the source.

  The comment is interesting:

  /*
  * The “best” default DUID, since we cannot predict any information
  * about the system (such as whether or not the hardware addresses are
  * integrated into the motherboard or similar), is the “LLT”, link local
  * plus time, DUID. For real stateless “LL” is better.
  *
  * Once generated, this duid is stored into the state database, and
  * retained across restarts.
  *
  * For the time being, there is probably a different state database for
  * every daemon, so this winds up being a per-interface identifier…which
  * is not how it is intended. Upcoming rearchitecting the client should
  * address this “one daemon model.”
  */

  I don’t understand what the point of a DUID is which is /not/ a per-interface identifier. When I assign addresses via DHCP, I don’t want them to end up being assigned anywhere else than to the interface they need to be assigned to. What is intended with these DUIDs?

  That seems to only allow to bring up or down a connection but doesn’t display DUIDs?

• Hm, ok, here’s an explanation: https://www.juniper.net/documentation/en_US/
  junose15.1/topics/concept/dhcp-unique-id-servers-clients-overview.html

  IIUC, this means that I could create a DUID (of type 1) with an arbitrary time value (Or where would I get the “correct” one?) and enter it into the configuration of a static lease in OPNsense (or any other DHCPv6 server), and it would be totally pointless unless I manage to force the client beforehand to use this DUID to ask for an IP address and unless I can make sure that the client always uses this DUID for a particular interface — which isn’t intended because the DUIDs aren’t supposed to identify particular interfaces.

  Is that my lack of understanding or are these DUIDs really a rather stupid idea?

  And how are we actually supposed to set up static leases with DHCPv6?

• –I recommend asking over on the ISC DHCP lists where you’re likely to find much more expertise on the subject in these dark corners of the standards.

• Hm ok, maybe I’ll try that, thanks.