[Dnsmasq-discuss] Suggested configuration best practices for home net with dynamic ipv6 prefix?
Stephen Riehm
dnsmasq at opensauce.de
Mon Sep 22 13:49:46 BST 2014
Hi,
I'm wondering if there are some 'typical' or 'best practice'
configuration norms for configuring dnsmasq to provide A and AAAA
DNS lookups for unqualified and qualified hostnames in an ipv6 home
network without a static ipv6 prefix?
Some things which are causing me headaches are:
My ISP gives me a new ipv4 address and ipv6 prefix whenever my router re-connects (daily).
(6to4 dual stack, ipv6 prefix = 2002:<ipv4>/56)
My router (fritzbox) provides DHCPv6 however it insists on using the domain name
fritz.box. and the name resolution seems to be very flakey. I'm hoping to replace
the router's DNS & DHCP services with dnsmasq on a separate server (freebsd).
I would like to access some of my servers via ipv6 from the internet, but not others.
(idea: add an NS record to my ISP's configuration, specifying my dnsmasq server as
the authoritative server for my sub-domain - arguments pro / contra?
I can access my network via dyndns & ipv4 just fine)
There seems to be a plethora of components required to get all this right,
any insights would be greatly appreciated! (I've read through the man pages and
they all seem to overlap - I'm a programmer but not a network expert, there's
lots of networking terms & acronyms in the man pages that I don't fully understand)
For example, assuming dnsmasq is running on a host in my local network:
Router configuration (fritzbox provides the following options):
Define a Unique Local Address? (fd00::... - currently off)
Should the DHCPv6 in the router be on?
with IA_PD? (prefix delegation? That's a good thing for me, right?)
with IA_PD and IA_NA?
or DHCPv6 turned off in the router and:
O-Flag?
O- and M-Flags?
On the dnsmasq server:
should rtsold be running?
and rtadvd?
and radvd?
does 'enable-ra' cover these?
can dnsmasq detect a (new) host's autoconfigured ipv6 address and add the name to its DNS tables? if so, how?
I tried using all combinations of ra-names, ra-stateless, slaac with dhcp-range=::,constructor:em0
but none worked.
I figure this could have something to do with the following from the dnsmasq manpage:
"Note that just any address on eth0 will not do: it must not
be an autoconfigured or privacy address, or be deprecated."
However, my global address *is* autoconfigured - what else could I try?
Is there a way to substitute "today's ipv6 prefix" into the dhcp-range somehow?
I have domain=example.com., local=/example.com./ and auth-zone=example.com.,em0
Do I need all three?
My hope was to continue using auto-configuration on all of the hosts (mac,linux,bsd,mobile devices),
but having them all reference a single DNS server for their fully qualified domain name and
NS lookups.
Or am I missing something obvious?
Thanks in advance,
Steve
More information about the Dnsmasq-discuss
mailing list