I have actually written some scripts that update /etc/hosts with the IPv6 addresses that systems on my network are currently using. it's hacky but it gets the job done to see what systems are generating what traffic with e.g. iftop
See here for the scripts https://gist.github.com/eqhmcow/a85ac4197997be2876ef1f414e77676c -- Dan On Fri, Mar 6, 2026 at 8:22 AM Anssi Saari <[email protected]> wrote: > > Marco Moock <[email protected]> writes: > > > On 04.03.2026 14:20 Uhr Anssi Saari wrote: > > >> Turns out I apparently need to allow DHCPv6 explicitly in the firewall > >> at least on Debian 12? The stateful stuff in nftables doesn't seem to > >> cover DHCPv6 and in fact, I've done the same earlier on my router to > >> my ISP and the router is also running Debian 12. > > > > Enable firewall logging and look for rejections. > > > > Also use Wireshark and check if the router advertisement includes the M > > flag (otherwise clients will not try to contact it) > > Thanks but this was solved via the mentioned firewall change. And no, > apparently there's no support for DHCPv6 in kernel level connection > tracking, in practice DHCPv6 connection tracking would need userspace > support via conntrackd. Which seems fairly complicated so I don't think > I'm going to bother with it. > > Maybe as a comment to the question on the subject, if there's an easy > way in IPv6 to provide DNS to local host names, I guess the simplest > thing way would be SLAAC and just use EUI-64 addresses. Adding privacy > extensions to that limits MAC address leakage. >
