[Dnsmasq-discuss] Cunning plan, or hideous hack?
simon at thekelleys.org.uk
Thu Mar 8 11:09:28 GMT 2012
As part the DHCPv6 work, I've fully enabled my home network for IPv6.
The workstation machines on my wired subnet are now running DHCPv6 and
get leases from dnsmasq. Their IPv6 addresses are now in the local DNS
in just the same way as has always worked with DHCPv4 DNS and DHCP.
I also have a wireless network, and on that I've not enabled DHCPv6,
just Router Advertisements, via the "ra-only" keyword. Hence, clients on
that network get a SLAAC, MAC-derived IPv6 address which is not in the DNS.
Since all these clients are dual-stack or IPv4-only, they do get DHCPv4
leases and names in the IPv4-DNS.
It occurs to me that dnsmasq has all the information it needs to put the
SLAAC addresses into the DNS. From the IPv4 DHCP lease it knows the name
of the client, which network segment it's on and it's MAC address. The
"ra-only" DHCP ranges tell dnsmasq the IPv6 subnet(s) corresponding to
the network segment, so combining this with the MAC address gives the
SLAAC address, ready to put into the DNS as an AAAA record along with
I've implemented this, and it works well: my Ubuntu netbook and Android
phone now have IPv6 names. (Andoid 2 has no DHCPv6 support.)
The downside is for clients which don't do IPv6 at all, or use privacy
extensions. They end up with AAAA records pointing to the SLAAC address,
which is wrong and could end-up delaying fall-back to IPv4. This has not
yet been a problem in practise.
I don't want to enable this by default, so I've added a new keyword,
"ra-names" to enable RA on a subnet plus the SLAAC names hack, thus
Is this a good idea, or am I blinded by my own idea into implementing a
nasty hack? Opinions?
More information about the Dnsmasq-discuss