Hello @all,
Today i did a simple test to capture dhcpv6-client traffic from my routerboard Mikrotik hex_s (https://mikrotik.com/product/hex_s).
Router OS = 6.48 (stable)
1- i installed the dhcpv6-dibbler-server on ubuntu 20.04 (sudo apt update + sudo apt install dibbler-server) homepage: https://klub.com.pl/dhcpv6/
when it’s installed → modify the /etc/dibbler/server.conf to setup/configure the listening interface you want for dhcpv6 server function.
2- i installed the wireshark tool to capture traffic on my ubuntu 20.04 linux box (listening on the interface configured above) with the filter → udp portrange 546-547.
3- In the Mikrotik router i removed the sfp-fiber module and replaced it with a sfp-rj45 → Model Number: JT-C1GE-R01 (from JT-COM).
I did that to have a direct rj45 connection between the Mikrotik router and my linux box (unbuntu 20.04) running the dhcp server.
4- My dhcpv6-client configuration is in the following steps (physical interface sfp-rj45 + vlanxyz + bridge)
/interface vlan add interface=sfp1 loop-protect-disable-time=00:05:00 loop-protect-send-interval=00:00:05 name=VLANxyz vlan-id=xx
/interface bridge add name=bridge-wan
/interface bridge port add bridge=bridge-wan interface=VLANxyz
/interface bridge filter add action=set-priority chain=output dst-port=547 ip-protocol=udp log=yes log-prefix=“Set CoS on DHCP request” mac-protocol=ipv6 new-priority=x out-interface=VLANxyz passthrough=yes (x, xx, xyz, must be replaced by numerical of your needs).
/ipv6 firewall filter add chain=input comment=“allow dhcpv6 replies on WAN” action=accept protocol=udp src-address=fe80::/10 in-interface=bridge-wan dst-port=546 log=no log-prefix=“”
/ipv6 settings set accept-router-advertisements=yes
I also add 3 more lines (not displayed here) for my ISP specific mandatory options (option xx, option yy, option zz).
finally i add the dhcpv6-client:
/ipv6 dhcp-client add interface=bridge-wan dhcp-options=authentication,user-class,vendor-class request=prefix pool-name=pool_TEST_6 pool-prefix-length=64 add-default-route=yes disabled=no
Now everything is ready/setup for the wireshark capture:
- On Mikrotik router set your dhcpv6-client to disable status
- On the linux box start the dibbler-server (i start it with sudo dibbler-server start) → verify with ps -ef|grep dibbler if the daemon is running.
- On the linux box start wireshark capture tool (i start it with sudo wireshark &). Apply the filter → udp portrange 546-547 on the listening interface.
- Assuming that a direct rj45 cable is connected between your sfp-rj45 module and your linux box.
- on Mikrotik router set your dhcpv6-client to enable status and keep an eye on wireshark at the same time.
The traffic should appear very quickly as in attachment below:
You can see the first action “Solicit” coming from the router fe80::764d:28ff:xxxx:xxxx with a destination to the server ff02::1:2 (my linux box will answer in this case).
ps: I have not fully configured my dhcp-server config file to emule all my ISP mandatory behavior as this post is just for initiate the dhcpv6-client traffic in wireshark.
In a full working environment you shoud have at least tree more lines in the wireshark dhcpv6 client-server communication exchange:
- Solicit (client to server)
- Advertise (server to client)
- Request (client to server)
- Reply (server to client)
Hoping this tuto may help someone.
Kind regards,
Yann
![dhcpv6-hex_s[when I enable dhcpv6-client on hex_s].png](https://data-discourse.cdn.mikrotik.com/original/3X/1/2/12e306d1bf69fa47dd59f09a3487e7c6ffb0382f.png)