Re: [Dnsmasq-discuss] Prefix delegation with DNSmasq

Sun, 12 Apr 2020 11:03:45 -0700 

Am 12.04.20 um 19:01 schrieb Simon Kelley:
> The first question is, how static are your global addresses? Making a
> network which can survive renumbering is a lot more difficult than one
> with known and fixed addresses.

Luckily, they are completely static :-). 

Cheers,
        Oliver

> 
> 
> Simon.
> 
> 
> 
> On 12/04/2020 17:20, Oliver Freyermuth wrote:
>> Dear DNSmasqers,
>>
>> I have a setup in mind and wonder whether dnsmasq is the correct tool (since 
>> I have not found the necessary functionality in the documentation yet). 
>>
>> We have a /56 IPv6 network, and plan to use pure DHCPv6 (no stateless 
>> autoconfiguration) in several /64 networks. 
>> There are several subnets (currently NATed IPv4), such as — for example — a 
>> WireGuard VPN network, or a local isolated subnet. 
>> While with IPv4, the answer was the use of private addresses and NAT every 
>> time, potentially using a DHCP fowarder, for IPv6, the answer should be to 
>> use Global Unicast addresses everywhere (right?). 
>> How do I approach this correctly? 
>>
>> Three options come to mind to handle such subnets:
>> - Use ULAs and NAT (but that does not feel like IPv6...). 
>> - Delegate a prefix from the large network (where we'd use dnsmasq) to the 
>> "gateway" machine, which then would be a router. 
>>   However, I am not aware if dnsmasq can delegate prefixes? 
>> - Use ProxyNDP (via npdpd or Linux kernel functionality). But I'm not sure 
>> if that scales well to a larger number of machines? 
>> - Use static routes on the central machine which send the /64 subnet to the 
>> "gateways" and use dnsmasq on the gateways. 
>>   Am I missing something here, or should that "just work"?
>>
>> Is anybody aware of a best-practice guide here (please RTFM me)? Is dnsmasq 
>> the correct tool? 
>>
>> Cheers and thanks for any guidance,
>>      Oliver
>>
>> _______________________________________________
>> Dnsmasq-discuss mailing list
>> Dnsmasq-discuss@lists.thekelleys.org.uk
>> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>>
> 
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
> 

_______________________________________________
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Reply via email to