Dear DNSmasqers,

I have a setup in mind and wonder whether dnsmasq is the correct tool (since I 
have not found the necessary functionality in the documentation yet). 

We have a /56 IPv6 network, and plan to use pure DHCPv6 (no stateless 
autoconfiguration) in several /64 networks. 
There are several subnets (currently NATed IPv4), such as — for example — a 
WireGuard VPN network, or a local isolated subnet. 
While with IPv4, the answer was the use of private addresses and NAT every 
time, potentially using a DHCP fowarder, for IPv6, the answer should be to use 
Global Unicast addresses everywhere (right?). 
How do I approach this correctly? 

Three options come to mind to handle such subnets:
- Use ULAs and NAT (but that does not feel like IPv6...). 
- Delegate a prefix from the large network (where we'd use dnsmasq) to the 
"gateway" machine, which then would be a router. 
  However, I am not aware if dnsmasq can delegate prefixes? 
- Use ProxyNDP (via npdpd or Linux kernel functionality). But I'm not sure if 
that scales well to a larger number of machines? 
- Use static routes on the central machine which send the /64 subnet to the 
"gateways" and use dnsmasq on the gateways. 
  Am I missing something here, or should that "just work"?

Is anybody aware of a best-practice guide here (please RTFM me)? Is dnsmasq the 
correct tool? 

Cheers and thanks for any guidance,

Dnsmasq-discuss mailing list

Reply via email to