On 29/01/14 19:22, Dave Taht wrote:
I have been (mostly) happily fiddling with my new comcast ipv6 connection,
trying to route all dns queries over ipv6 in particular, by disabling
requesting the ipv4 dns addrs and relying on the dhcpv6 request to

config interface eth0
         option 'ifname' 'eth0'
         option 'proto'  'dhcp'
         option 'peerdns' '0'

config interface wan6
         option ifname   @eth0
         option proto    dhcpv6
         option 'broadcast' '1'
         option 'metric' '2048'

works. yea! no more nat holes for ipv4 dns.

Problem is, I also have a hurricane electric tunnel. When I try to use
both, addresses from one get used on the other and dns forward
lookups fail.

I think the right answer is to abandon resolv.conf.auto
and instead explicitly assign ipv6 source addrs in dnsmasq...


yes? (I'll be trying this in a bit)

One thing of possible useful note is that (yea!) we can just
select some arbitrary new ipv6 address within the assigned range,
add it to the local dnsmasq server box, and source dns lookups from
that, using up just that port space.

then my own /etc/resolv.conf just points to localhost
for hm.armory.com,

so I fix that with


But this doesn't help in terms of reverse lookups (I think),
where I might or might not have my own delegated subdomain.


comcast.assigned.ipv6.address.range/60 lookup via 2001:558:feed::1 or ::2
he.assigned.ipv6.address.range/48 lookup via 2001:470:20::2

I'm not sure I follow all of this, but for reverse DNS  something like
server=/<hex, lots of hex>.ip6.arpa/2001:558:feed::1

Will work.

and then there's splitting dns... where I might want nuc.hm.armory.com
AAAAs available to the outside universe. somehow.

Have you looked at the dnsmasq auth stuff for this?



My brain hurts.

Dnsmasq-discuss mailing list

Reply via email to