[strongSwan-dev] Query about ikev2/dhcp-static-mac

Fan Du fan.du at windriver.com
Wed Apr 2 10:49:15 CEST 2014

On 2014年04月02日 15:36, Martin Willi wrote:
> Hi,
>>     hardware ethernet            7a:a7:93:70:2b:21;<-- How does this mac coming in advance?
> As the test description says:
>> The IP addresses are assigned statically by venus based on the
>> user-defined MAC address derived by the dhcpplugin from a hash over
>> the client identity. This deterministic MAC generation is activated
>> with the strongswan.conf setting charon.plugins.dhcp.identity_lease =
>> yes.
> This is not a real MAC address, but one generated on behalf of the
> client, based on its identity. With that identity_lease option, the
> generation is deterministic, so you'll get the same MAC for the same
> client identity. This makes the DHCP server handing out the same IP for
> the same client identity each time.

Thanks for your explanation, but my question is: If I want to add another host,
i.e., Tina along with Dave, who also need a static mac address in DHCP server configuration,
how does this static mac address come out in the first place before any IKE contact?

I read the code, chunk_mac_inc performs SipHash-2-4 when IKE contact actually happens.

> Alternatively, you may assign addresses for specific client identities
> on your DHCP server using the dhcp-client-identity option; see
> ikev2/dhcp-static-client-id.

Yes, dhcp-static-client-id test is quite straight forward.

> Regards
> Martin



More information about the Dev mailing list