[Dnsmasq-discuss] How to add AAAA record for host with dynamic prefix?

M. Buecher maddes+debian at maddes.net
Fri Feb 19 22:58:18 UTC 2021 

On 2021-02-13 20:22, Fred F wrote:
> Dear all,
> 
> I'd like to bump this question. Isn't there anybody who is using
> dnsmasq in IPv6 networks with dynamic prefixes?
> 
> Regards,
> Frederik
> 
> On Sat, 10 Oct 2020 at 16:59, Fred F <frederik.vogelsang at gmail.com> 
> wrote:
>> 
>> Hi,
>> 
>> I am using dnsmasq in an environment with a dynamic IPv6 prefix. On a
>> few of my servers I am using statically assigned IP addresses for IPv4
>> and static interface tokens for IPv6 (through systemd-networkd). This
>> way the machines will always have predictable v4 and v6 addresses
>> without DHCP or SLAAC in the following format:
>> 
>> v4: 192:168.1.1
>> v6: dead::beef:192:168:1:1 (where dead::beef if the current IPv6 
>> prefix).
>> 
>> Now I'd like to add AAAA records for these hostnames in dnsmasq. When
>> defining DHCP/SLAAC ranges in dnsmasq there is the
>> "constructor:infname" syntax which automagically uses the interface's
>> current IPv6 prefix. Is there something like that for host records?
>> 
>> Something like this would be super cool, but I cannot get it to work:
>> 
>> host-record=laptop,laptop.thekelleys.org,192.168.1.1,::192.168.1.1,constructor:eth0
>> 
>> Is there any other way to do what I am doing? I know about the
>> "ra-names" feature but unfortunately it's not compatible with IPv6
>> interface tokens other than the MAC address (a.k.a. default SLAAC).
>> 
>> 
>> Best regards
>> Frederik

Hello Frederik,

IPv4 and IPv6 have different philosophies and you may get seduced to 
adopt your IPv4 knowledge to IPv6.
Took me some time to get this sorted out myself.
Actually your question is about IPv6 in general and not really dnsmasq 
specific.

IPv6 is by default multi-homed with multiple IPv6 addresses (SLAAC, 
temporary private, DHCPv6, etc.) of multiple IPv6 networks (GUA, ULA, 
LLA).
In general GUAs are for WAN communications, ULAs for LAN/VPN 
communications and LLA for configuration less on-link communication.
* LLA; Prefix fe80::/10; RFC 4291<3513<2373<1884
* ULA; Prefix fc00::/7 typcially fd00::/8; RFC 4193
   * Side note: SLAs are deprecated and superseeded by ULAs.
* GUA; Prefix 2000::/3; RFC 4291<3513<2373<1884

For local IPv6 addresses define yourself a random(!) ULA network 
(fdxx:xxxx:xxxx:xxxx::/64) and assign static IPv6 addresses to your 
services/servers (SLAAC, temporary private, DHCPv6 in addition as it 
fits your needs).
ULAs allow you to route traffic from/to ULAs (LAN/VPN) and also from/to 
GUAs without having a WAN connection on the servers/services, while LLA 
is not routed by design.
Even if you want the service to be reachable from outside via its GUA 
address, then you should still define static ULA addresses to be locally 
independent from your ISP service.
Static addresses also allow you to contact your services/servers even 
when DHCP is down.
I myself additionally setup a DHCP entry for them with their static IP 
addresses, so that they get their usual/planned IPv6 addresses during 
their setup or when running a live system from USB/CD/DVD.

My private local home office setup has 2 ULAs (one "production" ULA from 
my dnsmasq server, one fallback ULA from my FritzBox router) plus 1 GUA 
(from my Fritzbox router). dnsmasq serves the static addresses from its 
/etc/hosts. But these are just my personal preferences.

Hope this points you to the right directions.

Kind regards
Matthias Bücher

More information about the Dnsmasq-discuss mailing list