[Dnsmasq-discuss] How to add AAAA record for host with dynamic prefix?
Fred F
frederik.vogelsang at gmail.com
Fri Feb 26 15:54:42 UTC 2021
Hi Simon,
thanks for your reply. Unfortunately ULA does not solve my problem, as
this host needs to be reachable through that address from the outside
world. And I'd like to use the DNS name as an alias in the firewall
(FreeBSD). So right now I am stuck with the following situation:
- My IPv6 prefix changes every 24 hours
- My machines change their global addresses every 24 hours
- I need to reference some of the machine's global addresses in
firewall rules (allow access from the outside)
- FreeBSD's packet filter does support DNS aliases in firewall rules
- dnsmasq is my primary DNS server but it does not seem to have any
option to statically define host records with dynamic IPv6 prefixes,
which would be super handy for firewall rules
Does this use-case sound legit to you? Maybe a feature like this
(semi-static host records with prefix from interface constructor) can
be considered?
Thanks and best regards,
Frederik
On Fri, 19 Feb 2021 at 01:06, Simon Kelley <simon at thekelleys.org.uk> wrote:
> There's a way to do this with DHCPv6-assigned addresses, bit not
> arbitrary DNS records setup using --host-record.
>
> If it was me, I'd use ULA to have an unchanging IPv6 address for each
> host, as well as the dynamically assigned prefix.
On Fri, 19 Feb 2021 at 01:06, Simon Kelley <simon at thekelleys.org.uk> wrote:
>
> On 13/02/2021 19:22, Fred F wrote:
> > Dear all,
> >
> > I'd like to bump this question. Isn't there anybody who is using
> > dnsmasq in IPv6 networks with dynamic prefixes?
> >
> > Regards,
> > Frederik
> >
> > On Sat, 10 Oct 2020 at 16:59, Fred F <frederik.vogelsang at gmail.com> wrote:
> >>
> >> Hi,
> >>
> >> I am using dnsmasq in an environment with a dynamic IPv6 prefix. On a
> >> few of my servers I am using statically assigned IP addresses for IPv4
> >> and static interface tokens for IPv6 (through systemd-networkd). This
> >> way the machines will always have predictable v4 and v6 addresses
> >> without DHCP or SLAAC in the following format:
> >>
> >> v4: 192:168.1.1
> >> v6: dead::beef:192:168:1:1 (where dead::beef if the current IPv6 prefix).
> >>
> >> Now I'd like to add AAAA records for these hostnames in dnsmasq. When
> >> defining DHCP/SLAAC ranges in dnsmasq there is the
> >> "constructor:infname" syntax which automagically uses the interface's
> >> current IPv6 prefix. Is there something like that for host records?
> >>
> >> Something like this would be super cool, but I cannot get it to work:
> >>
> >> host-record=laptop,laptop.thekelleys.org,192.168.1.1,::192.168.1.1,constructor:eth0
> >>
> >> Is there any other way to do what I am doing? I know about the
> >> "ra-names" feature but unfortunately it's not compatible with IPv6
> >> interface tokens other than the MAC address (a.k.a. default SLAAC).
> >>
> >>
> >
>
> There's a way to do this with DHCPv6-assigned addresses, bit not
> arbitrary DNS records setup using --host-record.
>
> If it was me, I'd use ULA to have an unchanging IPv6 address for each
> host, as well as the dynamically assigned prefix.
>
>
> Cheers,
>
> SImon.
>
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
More information about the Dnsmasq-discuss
mailing list