[Dnsmasq-discuss] Suggested configuration best practices for home net with dynamic ipv6 prefix?

Mon Sep 22 13:49:46 BST 2014

Hi,

I'm wondering if there are some 'typical' or 'best practice'
configuration norms for configuring dnsmasq to provide A and AAAA
DNS lookups for unqualified and qualified hostnames in an ipv6 home
network without a static ipv6 prefix?

Some things which are causing me headaches are:

My ISP gives me a new ipv4 address and ipv6 prefix whenever my router re-connects (daily).
(6to4 dual stack, ipv6 prefix = 2002:<ipv4>/56)

My router (fritzbox) provides DHCPv6 however it insists on using the domain name
fritz.box. and the name resolution seems to be very flakey. I'm hoping to replace
the router's DNS & DHCP services with dnsmasq on a separate server (freebsd).

I would like to access some of my servers via ipv6 from the internet, but not others.
(idea: add an NS record to my ISP's configuration, specifying my dnsmasq server as
the authoritative server for my sub-domain - arguments pro / contra?
I can access my network via dyndns & ipv4 just fine)

There seems to be a plethora of components required to get all this right,
any insights would be greatly appreciated! (I've read through the man pages and
they all seem to overlap - I'm a programmer but not a network expert, there's
lots of networking terms & acronyms in the man pages that I don't fully understand)

For example, assuming dnsmasq is running on a host in my local network:

Router configuration (fritzbox provides the following options):
	Define a Unique Local Address? (fd00::... - currently off)
	Should the DHCPv6 in the router be on?
		with IA_PD? (prefix delegation? That's a good thing for me, right?)
		with IA_PD and IA_NA?
	or DHCPv6 turned off in the router and:
		O-Flag?
		O- and M-Flags?

On the dnsmasq server:
	should rtsold be running?
	and rtadvd?
	and radvd?
	does 'enable-ra' cover these?

	can dnsmasq detect a (new) host's autoconfigured ipv6 address and add the name to its DNS tables? if so, how?
	I tried using all combinations of ra-names, ra-stateless, slaac with dhcp-range=::,constructor:em0
	but none worked.
	I figure this could have something to do with the following from the dnsmasq manpage:

		"Note that just any address on eth0 will not do: it must not
		be an autoconfigured or privacy address, or be deprecated."

	However, my global address *is* autoconfigured - what else could I try?
	Is there a way to substitute "today's ipv6 prefix" into the dhcp-range somehow?

	I have domain=example.com., local=/example.com./ and auth-zone=example.com.,em0
	Do I need all three?

My hope was to continue using auto-configuration on all of the hosts (mac,linux,bsd,mobile devices),
but having them all reference a single DNS server for their fully qualified domain name and
NS lookups.

Or am I missing something obvious?

Thanks in advance,

Steve