[Dnsmasq-discuss] Windows ipv6 hostname

Pali Rohár pali.rohar at gmail.com
Tue Dec 20 11:53:34 GMT 2016 

On Tuesday 20 December 2016 12:14:19 Toke Høiland-Jørgensen wrote:
> Markus Hartung <mail at hartmark.se> writes:
> > On 2016-12-19 06:18, Toke Høiland-Jørgensen wrote:
> >> Markus Hartung <mail at hartmark.se> writes:
> >> 
> >> ...
> >> My guess is that Windows 10 implements RFC7217:
> >> https://tools.ietf.org/html/rfc7217
> >> 
> >> If this is the case, there is no way for dnsmasq to predict the
> >> IPv6 address of a new client (which is what ra-names relies on),
> >> and so you can't get the AAAA record.
> > 
> > It's a shame the windows 10 IPv6 implementation lacks those stuff.
> 
> Well, arguably the Windows 10 behaviour is a feature - RFC7217 was
> written because the EUI-64 based approach has privacy issues (the
> client will use the same address on every network). So I would
> expect more and more clients to adopt the privacy-preserving
> approach. I believe NetworkManager has support for it on Linux, but
> am not sure if it's enabled by default.

Another option is to stop using SLAAC and start using DHCPv6 where you 
have full control of assigned IPv6 addresses.

Such feature like host will "randomly" chose address is unsuitable for 
setup when you need to have control of which address is assigned to 
which device (e.g in this setup when you want to assign AAAA record).

> >> A way to get naming is to use ohybridproxy:
> >> https://github.com/sbyx/ohybridproxy - this will query mdns on the
> >> network for AAAA records when asked. However, I am not sure if
> >> there is a way to integrate this with the authoritative server in
> >> dnsmasq (but if there is, I would love to know about it).
> > 
> > Thanks for the information, but I have managed to compile
> > ohybridproxy and have no idea on how to use it.
> 
> Haven't had time to play with it myself yet, so can't be of much help
> there; but as I understand it, the idea is that you configure the
> proxy to use a particular domain, and then point dnsmasq at it with
> --server. Don't think this will integrate with the auth server
> mechanism in dnsmasq, though; not sure if there's a way to achieve
> that.
> 
> The alternative is to turn off the private addresses in Windows 10,

-- 
Pali Rohár
pali.rohar at gmail.com
> of course (as Michael suggested).
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20161220/b09e29fe/attachment.sig>

More information about the Dnsmasq-discuss mailing list