Hi Michal
Thanks for replying
Sorry for late response...some how I have problems sending til the
list..takes forever before my mails arrives
See my replies below
Knud
On 05/08/2019 22.40, Michal Zatloukal wrote:
Hi there.
On Fri, 2 Aug 2019 at 18:21, Knud <knud.skr...@guldberg.info> wrote:
Hi
I have tried to get IPv6 setup running for my internal LAN (at home)
With a lot of tries and no really luck.
What do I want:
Have dnsmasq running on a server (Linux fedora f30), do Ipv6 DHCP/DNS
with local names.
Where is the DHCPv4 server running? ra-names assumes the same instance
of dnsmasq is running both DHCPv4 and v6.
Personally, I haven't been able to get local names to work with IPv6
even in that configuration. The assumption of hosts using EUI-64 is
not met too often these days.
On a local server
Want to proceed that for IPv6, let my router make a IPv6 tunnel to a HE
tunnelbrooker.
Are server (DHCPv6) and router (6-in-4 tunnel) 2 different hosts? RAs
must be sent by the host acting as the gateway, there's no way around
this in IPv6 AFAIK. You must configure the gateways's RAs to enable
clients to look for DHCPv6 server (M, O bits set to 1).
yes dnsmasq on one machine router is a physical other box doing only
IPv4 routing/NAT and IPv6 tunnel 6rd4
Right now I how made a test setup consisting of 2 Vbox guest (Fedora
F30) running in internal network on the Vbox host just to get things
working and learn.
So first step is get dnsmasq hand out a IP address and register it in
the DNS.
Hold it - Do you have an address from the specified range (fd17:...)
manually assigned to the interface on the DHCP server? (Not sure if
it's necessary, but that's what I did) - if you don't, I could see how
dnsmasq would consider the range non-local (see below)
Yes fixed address with /64
1st problem: Client get correct address from dnsmasq but not the right
mask eg. it get's an IP /128
enable-ra is there
IIRC "/128" happens when the prefix is not flagged as on-link in its
options. Check the advertisements with tcpdump/wireshark/rdisc6. As
for cause, you config doesn't specify prefix length so the correct
length must be set on the interface.
2nd problem: Client get DNS ip from the fe80:: adress range
If you mean "the DNS server address the client gets is in the
fe80::/10 range", then this is normal.
3th problem: the adress which registered in the dns is the fe80:: adress
Not sure where this comes from (are you sure this is provided by
dnsmasq, rather than avahi/mDNS/LLMNR?). If I'm reading the manual
correctly - ra-name only intended for SLAAC-enabled networks, and even
then only works with hosts that don't do private interface
identifiers. So you won't get name resolution to your fd17... range
regardless. Just to check - set loq-query and see if it's actually
dnsmasq responding to the query. The leases file might also be
helpful.
I could write a long story about what I have tried....
Please advise..
OK. From your config:
dhcp-range=fd17:625c:f037:a80f::10, fd17:625c:f037:a80f::ffff, ra-names
According to the manual, omitting the prefix length will cause dnsmasq
to use prefixlen of the interface. As noted above - is this set?
yes
As for me - I'm still on debian with ifupdown, so I do it this way (my
HE tunnel endpoint is on a host behind NAT, rather than on the v4
router, but that host also does DHCPv4 so I can do ra-names; 6in4
requires that router is configured to treat this host as DMZ):
1. /e/n/i for eth0:
iface eth0 inet static
... # Private IPv4 config
up ifup 6in4
down ifdown 6in4
iface eth0 inet6 manual
2. /e/n/i for the tunnel:
iface 6in4 inet6 v4tunnel
... # Endpoint addresses
up ip route add ::/0 dev 6in4
up ip add add 2001:.../64 dev eth0 # internal ip6 range
down ip route del ::/0 dev 6in4
down ip add del 2001:../64 dev eth0
3. dnsmasq for v6:
dhcp-range=::,constructor:eth0,ra-names
ra-param=eth0,mtu:6in4,0
I'm not sure how/if dnsmasq can do DHCPv6-only assignment, but google
search results suggest a range like this should get you going:
dhcp-range=::1, ::FFFF:FFFF, constructor:br*, 64, 12h
I would suggest you start with the easier SLAAC setup, then tweak it
once you have that running.
In my test environment I start with DHCP and DNS registre names
Otherwise is everything else use less.
On my "production LAN I can get the 6rd4 tunnel working with I guess
SLAAC (the router does advertising) and get the clients to connect to
IPv6 host on internet...but I am missing the my local DNS registration.
I shifted to the test environment due to the impact of playing around
with "production" LAN
MZ
Knud
_______________________________________________
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
_______________________________________________
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
