On 2021-02-13 20:22, Fred F wrote:
Dear all,
I'd like to bump this question. Isn't there anybody who is using
dnsmasq in IPv6 networks with dynamic prefixes?
Regards,
Frederik
On Sat, 10 Oct 2020 at 16:59, Fred F <[email protected]>
wrote:
Hi,
I am using dnsmasq in an environment with a dynamic IPv6 prefix. On a
few of my servers I am using statically assigned IP addresses for IPv4
and static interface tokens for IPv6 (through systemd-networkd). This
way the machines will always have predictable v4 and v6 addresses
without DHCP or SLAAC in the following format:
v4: 192:168.1.1
v6: dead::beef:192:168:1:1 (where dead::beef if the current IPv6
prefix).
Now I'd like to add AAAA records for these hostnames in dnsmasq. When
defining DHCP/SLAAC ranges in dnsmasq there is the
"constructor:infname" syntax which automagically uses the interface's
current IPv6 prefix. Is there something like that for host records?
Something like this would be super cool, but I cannot get it to work:
host-record=laptop,laptop.thekelleys.org,192.168.1.1,::192.168.1.1,constructor:eth0
Is there any other way to do what I am doing? I know about the
"ra-names" feature but unfortunately it's not compatible with IPv6
interface tokens other than the MAC address (a.k.a. default SLAAC).
Best regards
Frederik
Hello Frederik,
IPv4 and IPv6 have different philosophies and you may get seduced to
adopt your IPv4 knowledge to IPv6.
Took me some time to get this sorted out myself.
Actually your question is about IPv6 in general and not really dnsmasq
specific.
IPv6 is by default multi-homed with multiple IPv6 addresses (SLAAC,
temporary private, DHCPv6, etc.) of multiple IPv6 networks (GUA, ULA,
LLA).
In general GUAs are for WAN communications, ULAs for LAN/VPN
communications and LLA for configuration less on-link communication.
* LLA; Prefix fe80::/10; RFC 4291<3513<2373<1884
* ULA; Prefix fc00::/7 typcially fd00::/8; RFC 4193
* Side note: SLAs are deprecated and superseeded by ULAs.
* GUA; Prefix 2000::/3; RFC 4291<3513<2373<1884
For local IPv6 addresses define yourself a random(!) ULA network
(fdxx:xxxx:xxxx:xxxx::/64) and assign static IPv6 addresses to your
services/servers (SLAAC, temporary private, DHCPv6 in addition as it
fits your needs).
ULAs allow you to route traffic from/to ULAs (LAN/VPN) and also from/to
GUAs without having a WAN connection on the servers/services, while LLA
is not routed by design.
Even if you want the service to be reachable from outside via its GUA
address, then you should still define static ULA addresses to be locally
independent from your ISP service.
Static addresses also allow you to contact your services/servers even
when DHCP is down.
I myself additionally setup a DHCP entry for them with their static IP
addresses, so that they get their usual/planned IPv6 addresses during
their setup or when running a live system from USB/CD/DVD.
My private local home office setup has 2 ULAs (one "production" ULA from
my dnsmasq server, one fallback ULA from my FritzBox router) plus 1 GUA
(from my Fritzbox router). dnsmasq serves the static addresses from its
/etc/hosts. But these are just my personal preferences.
Hope this points you to the right directions.
Kind regards
Matthias Bücher
_______________________________________________
Dnsmasq-discuss mailing list
[email protected]
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
