Hi, folks when we have been working with nsh and domains, each daemon has its own personality / instance config in each rdomain.
one place where we have found problems is the DHCP server (which goes through all interfaces if I recall correctly) and sees that it doesnt have a valid config for a given interface and skips it... (rather than checking the interface rdomain (if i recall correctly) I agree that Dhcpdleased or dhcpd6leasedshould not cross rdomain boundaries, if you have a routing domain with an interface(s) with dhcpleased, dhcpleased in that routing domain (should) be able to assign an new address and routes within the new rdomain, the trick of creating an instance of a daemon using symlinks and rcctl symlink flags, for each rdomain is quite elegant, see url below, https://unfriendlygrinch.info/posts/openbsd-routing-tables-and-routing-domains/ there was another one which had dhcp server examplse but I cant find the url right now tldr eg. for a new bgpd daemon bgpd in rtable 1 $ doas ln -s /etc/rc.d/bgpd /etc/rc.d/bgpd1 $ doas rcctl enable bgpd1 $ doas rcctl set bgpd1 rtable 1 $ doas rcctl set bgpd1 flags "-f /etc/bgpd1.conf" $ doas vi /etc/bgpd1.conf $ doas /etc/rc.d/bgpd1 start any leaking could be done after wards..... (we have done this for multi tenenanted voice routers with DHCP servers in different Rdomains and leaking afteerwards... but that is a bit different to DHCP client and leaking (and what happens when you get a different address from your provider you would need to update your PF to do the leaking .. .it would be a bit messy I hope this helps, Sorry for the long email, I was rushing to get it out to you On Thu, 4 Jun 2026 at 16:33, Claudio Jeker <[email protected]> wrote: > On Thu, Jun 04, 2026 at 03:56:36PM +0100, Florian Obser wrote: > > On 2026-06-03 23:35 UTC, "Landy, Brian" <[email protected]> > wrote: > > > Should dhcp6leased automatically install routes for delegated prefixes > > > in the source interface’s rdomain when the assigned interfaces are in > > > different rdomains? If not, what is a good way to monitor dhcp6leased > > > for changes so I can automate adding those routes when needed? Or I > > > could use dhcpcd since it has hooks, but I’d like to use dhcp6leased > > > if possible. > > > > dhcp6leased(8) should to the right thing[tm] automagically. > > Hooks are to be avoided at all costs, to wit: CVE-2026-42512, > > CVE-2026-42511 > > > > I need to re-read your email when I'm less tired to figure out what the > > right thing is. > > > > I'd also be interested in the opinion of other people familiar with > > rdomains. > > This is a complex question. In general I would expect that dhcp6leased > does not cross rdomain boundaries. I would expect that for > request prefix delegation on em0 for em1 > to work that both em0 and em1 run in the same rdomain. > Delegating a prefix from one rdomain to a different one is certainly not > common and requires extra config to work since you can't trivally jump > rdomains so why would you delegate a prefix. > > -- > :wq Claudio > > -- Kindest regards, Tom Smyth.
