Package: dhcpcd
Version: 1:9.4.1-24~deb12u4
Severity: normal
X-Debbugs-Cc: dxld@darkboxed.org

Hi Martin,

I have the following RAs on my network including multiple DNSSL
options. According to [RFC 8106 section 5.2]

If it is desirable to have different Lifetime values, multiple DNSSL
options can be used.

[RFC 8106]: https://datatracker.ietf.org/doc/html/rfc8106#section-5.2

So this should be supported. However dhcpcd doesn't merge the
lists only installing the first one in /etc/resolv.conf:

search rack.dxld.at dyn.dxld.at pub.dxld.at

I tested against rdnssd (after undoing dhcpcd's sysctl mangling [#266]
another issue we'll have to deal with later) and it get's it right.
Looking at /var/run/rdnssd/resolv.conf:

search rack.dxld.at dyn.dxld.at pub.dxld.at inn.dxld.at

[#266]: https://github.com/NetworkConfiguration/dhcpcd/issues/266

Except... I actually wanted a different order, but we can't have
everything as that seems to be RFC compliant :-)

6.3. Synchronization between DNS Search List and Resolver Repository

When an IPv6 host receives the information of multiple DNSSL domain
names within a network through an RA message with DNSSL option(s), it
stores the DNSSL domain names (in order) in both the DNSSL and the
Resolver Repository.

RAs look like this:

```
# rdisc6 br0
Soliciting ff02::2 (ff02::2) on br0...

Hop limit : 64 ( 0x40)
Stateful address conf. : Yes
Stateful other conf. : No
Mobile home agent : No
Router preference : medium
Neighbor discovery proxy : No
Router lifetime : 1800 (0x00000708) seconds
Reachable time : unspecified (0x00000000)
Retransmit time : unspecified (0x00000000)
MTU : 1500 bytes (valid)
Prefix : 2001:678:4d8::/64
On-link : Yes
Autonomous address conf.: Yes
Valid time : 86400 (0x00015180) seconds
Pref. time : 14400 (0x00003840) seconds
Recursive DNS server : 2001:678:4d8:acdd::1
DNS server lifetime : 1800 (0x00000708) seconds
DNS search list : rack.dxld.at dyn.dxld.at pub.dxld.at
DNS search list lifetime: 1800 (0x00000708) seconds
DNS search list : inn.dxld.at
DNS search list lifetime: 1800 (0x00000708) seconds
from fe80::debb
```

I'll test this against dhcpcd from unstable later.

--Daniel

-- System Information:
Debian Release: 12.9
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable-debug'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.1.0-18-amd64 (SMP w/32 CPU threads; PREEMPT)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages dhcpcd depends on:
ii dhcpcd-base 9.4.1-24~deb12u4
ii lsb-base 11.6
ii sysvinit-utils [lsb-base] 3.06-4

dhcpcd recommends no packages.

Versions of packages dhcpcd suggests:
pn dhcpcd-gtk <none>

-- no debconf information

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Mon, 03 Mar 2025 17:37:21 +0100 =?utf-8?q?Daniel_Gr=C3=B6ber?= <dxld@darkboxed.org> wrote:

Package: dhcpcd
Version: 1:9.4.1-24~deb12u4
Severity: normal
X-Debbugs-Cc: dxld@darkboxed.org

Hi Martin,

I have the following RAs on my network including multiple DNSSL
options. According to [RFC 8106 section 5.2]

If it is desirable to have different Lifetime values, multiple DNSSL options can be used.

[RFC 8106]: https://datatracker.ietf.org/doc/html/rfc8106#section-5.2

So this should be supported. However dhcpcd doesn't merge the
lists only installing the first one in /etc/resolv.conf:

search rack.dxld.at dyn.dxld.at pub.dxld.at

I tested against rdnssd (after undoing dhcpcd's sysctl mangling [#266] another issue we'll have to deal with later) and it get's it right.
Looking at /var/run/rdnssd/resolv.conf:

search rack.dxld.at dyn.dxld.at pub.dxld.at inn.dxld.at

[#266]: https://github.com/NetworkConfiguration/dhcpcd/issues/266

Except... I actually wanted a different order, but we can't have
everything as that seems to be RFC compliant :-)

Does this upstream commit fix the issue for you:

https://github.com/NetworkConfiguration/dhcpcd/commit/dabdf5728e5b419c3a23f8e2bf21e344f29cbf43

Martin-Éric

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sun, 20 Apr 2025 19:58:53 +0300
=?UTF-8?Q?Martin=2D=C3=89ric_Racine?= <martin-eric.racine@iki.fi>
wrote:

Hey Daniel,
On Wed, 16 Apr 2025 07:55:52 +0300
=?UTF-8?Q?Martin=2D=C3=89ric_Racine?= <martin-eric.racine@iki.fi>
wrote:

On Mon, 03 Mar 2025 17:37:21 +0100 =?utf-8?q?Daniel_Gr=C3=B6ber?= <dxld@darkboxed.org> wrote:

Package: dhcpcd
Version: 1:9.4.1-24~deb12u4
Severity: normal
X-Debbugs-Cc: dxld@darkboxed.org

Hi Martin,

I have the following RAs on my network including multiple DNSSL
options. According to [RFC 8106 section 5.2]

If it is desirable to have different Lifetime values, multiple DNSSL options can be used.

[RFC 8106]: https://datatracker.ietf.org/doc/html/rfc8106#section-5.2

So this should be supported. However dhcpcd doesn't merge the
lists only installing the first one in /etc/resolv.conf:

search rack.dxld.at dyn.dxld.at pub.dxld.at

I tested against rdnssd (after undoing dhcpcd's sysctl mangling [#266] another issue we'll have to deal with later) and it get's it right. Looking at /var/run/rdnssd/resolv.conf:

search rack.dxld.at dyn.dxld.at pub.dxld.at inn.dxld.at

[#266]: https://github.com/NetworkConfiguration/dhcpcd/issues/266

Except... I actually wanted a different order, but we can't have everything as that seems to be RFC compliant :-)

Does this upstream commit fix the issue for you:

https://github.com/NetworkConfiguration/dhcpcd/commit/dabdf5728e5b419c3a23f8e2bf21e344f29cbf43

Can you confirm?

Ping?

Martin-Éric

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)