Dear DNSmasqers,
I have a setup in mind and wonder whether dnsmasq is the correct tool (since I
have not found the necessary functionality in the documentation yet).
We have a /56 IPv6 network, and plan to use pure DHCPv6 (no stateless
autoconfiguration) in several /64 networks.
There are several subnets (currently NATed IPv4), such as — for example — a
WireGuard VPN network, or a local isolated subnet.
While with IPv4, the answer was the use of private addresses and NAT every
time, potentially using a DHCP fowarder, for IPv6, the answer should be to use
Global Unicast addresses everywhere (right?).
How do I approach this correctly?
Three options come to mind to handle such subnets:
- Use ULAs and NAT (but that does not feel like IPv6...).
- Delegate a prefix from the large network (where we'd use dnsmasq) to the
"gateway" machine, which then would be a router.
However, I am not aware if dnsmasq can delegate prefixes?
- Use ProxyNDP (via npdpd or Linux kernel functionality). But I'm not sure if
that scales well to a larger number of machines?
- Use static routes on the central machine which send the /64 subnet to the
"gateways" and use dnsmasq on the gateways.
Am I missing something here, or should that "just work"?
Is anybody aware of a best-practice guide here (please RTFM me)? Is dnsmasq the
correct tool?
Cheers and thanks for any guidance,
Oliver
_______________________________________________
Dnsmasq-discuss mailing list
[email protected]
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
