[openwrt/openwrt] base-files: generate a global DHCP DUID
LEDE Commits
lede-commits at lists.infradead.org
Sun Oct 19 10:46:25 PDT 2025
robimarko pushed a commit to openwrt/openwrt.git, branch main:
https://git.openwrt.org/a660a076db5a419963e0429a71201d07445ba6ea
commit a660a076db5a419963e0429a71201d07445ba6ea
Author: David Härdeman <david at hardeman.nu>
AuthorDate: Thu Oct 9 16:16:53 2025 +0200
base-files: generate a global DHCP DUID
odhcp6c and odhcpd currently generate custom DUIDS on a per-interface basis
using the MAC address of the given interface.
This is contrary to how DUIDs are meant to be used, as the client identifier
will vary from interface to interface, while it is meant to remain stable for a
given host, no matter how the network hardware changes (see RFC8415, §11).
The same problem exists in odhcpd, which also generates server-side DUIDs on a
per-interface basis.
In order to support a stable per-device DUID, generate one on first boot and
store it via uci.
Currently, a DUID-UUID style clientid is generated. This is mostly meant as an
RFC, and we might consider using a different kind of DUID instead (DUID-LLT,
DUID-EN).
One drawback is that this will typically change the DUID used on existing
OpenWrt devices when upgrading to a new release. However, that seems
unavoidable and is a one-time pain in order to have stable DUIDs (and in many
cases, it shouldn't cause any issues).
v2: move the uci cfg generation outside of an IPv6-only block since this
is relevant to the DHCPv4 client as well
Signed-off-by: David Härdeman <david at hardeman.nu>
Link: https://github.com/openwrt/openwrt/pull/20359
Signed-off-by: Robert Marko <robimarko at gmail.com>
---
package/base-files/files/bin/config_generate | 15 ++++++++-------
.../files/etc/uci-defaults/14_network-generate-clientid | 9 +++++++++
2 files changed, 17 insertions(+), 7 deletions(-)
diff --git a/package/base-files/files/bin/config_generate b/package/base-files/files/bin/config_generate
index 7507aa612c..18fae054d4 100755
--- a/package/base-files/files/bin/config_generate
+++ b/package/base-files/files/bin/config_generate
@@ -44,14 +44,15 @@ generate_static_network() {
set network.loopback.device='lo'
set network.loopback.proto='static'
add_list network.loopback.ipaddr='127.0.0.1/8'
+ delete network.globals
+ set network.globals='globals'
+ set network.globals.dhcp_default_duid='auto'
EOF
- [ -e /proc/sys/net/ipv6 ] && {
- uci -q batch <<-EOF
- delete network.globals
- set network.globals='globals'
- set network.globals.ula_prefix='auto'
- EOF
- }
+ [ -e /proc/sys/net/ipv6 ] && {
+ uci -q batch <<-EOF
+ set network.globals.ula_prefix='auto'
+ EOF
+ }
if json_is_a dsl object; then
json_select dsl
diff --git a/package/base-files/files/etc/uci-defaults/14_network-generate-clientid b/package/base-files/files/etc/uci-defaults/14_network-generate-clientid
new file mode 100644
index 0000000000..70da185c20
--- /dev/null
+++ b/package/base-files/files/etc/uci-defaults/14_network-generate-clientid
@@ -0,0 +1,9 @@
+[ "$(uci -q get network.globals.dhcp_default_duid)" != "auto" ] && exit 0
+
+uci -q batch <<-EOF >/dev/null
+ # DUID-UUID - RFC6355
+ set network.globals.dhcp_default_duid="$(hexdump -vn 16 -e '"0004" 2/2 "%x"' /dev/urandom)"
+ commit network
+EOF
+
+exit 0
More information about the lede-commits
mailing list