Solved Local DHCPv6/DNS6 server, similar to DHCP/DNS for IPv4

[NonAlex]

Community,

is there a way to configure local DNS(masq) for IPv6 in a similar fashion like IPv4?
On IPv4 manual address assignment table for DHCP server also use to create local DNS zone for router's domain
For IPv6 it looks like there is no DHCPv6 server at all, let alone manual address assignment..
For SLAC router directly advertises public/ISP DNS6 address, i.e. there is no way to use local router DNS zone for local hosts
Any clue how to do it ?

 

[dave14305]

For DHCPv6 leases, you need to change “Auto Configuration Setting” to “Stateful” on the IPv6 page. Are you using Native mode?

To make a IPv6 “reservation”, you would probably need to use dnsmasq.conf.add customizations using dhcp-host options from the dnsmasq man page.

By default, dnsmasq will advertise the router’s LAN GUA from the prefix delegation as the DNS server, so again I suspect you are not using Native mode?

 

[NonAlex]

Thanks Dave!
I'm using Tunnelbroker

For DHCPv6 leases, you need to change “Auto Configuration Setting” to “Stateful” on the IPv6 page. Are you using Native mode?

To make a IPv6 “reservation”, you would probably need to use dnsmasq.conf.add customizations using dhcp-host options from the dnsmasq man page.

By default, dnsmasq will advertise the router’s LAN GUA from the prefix delegation as the DNS server, so again I suspect you are not using Native mode?

And to put it simple, I'd like Dnsmasq to re-use my IPv4 static bindings for IPv6 resolution. As I use SLAC/RA mode, "ra-names" option for dhcp-range should do the trick, but I'm not sure how to "override" dynamically created Dnsmasq.conf settings

 

[NonAlex]

I've tried to directly add dual-stack dhcp-host record
dhcp-host=00:90:XX:XX:XX:24,set:00:90:XX:XX:XX:24,test,192.168.111.20,[2001:470:xxxx:xxxx:xxxx:xxxx:xxxx:1454]
but it doesn't work for IPv6. Dnsmasq resolves IPv4 correctly, but IPv6 always gets forwarded to public DNS Server, and returns another address..

Here comes fun part: for internal hosts that do NOT have corresponding public DNS record, internal DNS resolves IPv6 just fine !
But if test.domain.com exists in both public and internal DNS - then for IPv4 internal A record (dhcp-host) takes precedence, while for IPv6 public AAAA record takes precedence... weird.

 

[Tech9]

What is the specific purpose of this connection? Your router's communication to the outside world is IPv4 only anyway.

 

[NonAlex]

What is the specific purpose of this connection? Your router's communication to the outside world is IPv4 only anyway.

Why would it be IPv4 only ? 6in4 tunelling works fine.
Internal devices get IPv6 addresses and can talk to external IPv6 hosts.
Specific arrangement, that works for IPv4 today and I'm trying to get working for IPv6 is split-horizon DNS, where test1.domain.com is resolved to the LAN IP address for internal client, and same test1.domain.com from public Internet is resolved to, for instance, Cloudflare proxy IP for external clients/devices. Works like charm for IPv4, however on IPv6 it always returns me a public Cloudflare IP, even when queried from the LAN

 

[Tech9]

Why would it be IPv4 only ?

Because Tunnelbroker service is exactly IPv6 tunneling over existing IPv4 and you have to have public IPv4 for this to work. It kind of makes this IPv6 connection pointless unless you have something very specific in mind for testing purposes. Whatever uses IPv6 through the tunnel will have your IPv4 connection properties plus added latency on top. The only benefit is eventual IPv6 connectivity pass on tests.

 

[NonAlex]

Because Tunnelbroker service is exactly IPv6 tunneling over existing IPv4 and you have to have public IPv4 for this to work. It kind of makes this IPv6 connection pointless unless you have something very specific in mind for testing purposes. Whatever uses IPv6 through the tunnel will have your IPv4 connection properties plus added latency on top. The only benefit is eventual IPv6 connectivity pass on tests.

Yeah, I have very specific application that requires IPv6. And it works, so all good here.
However, enabling IPv6 has had other side effects, like mobile apps that used IPv4 connectivity before, now automatically use IPv6 (as majority of 5G mobile networks are IPv6 enabled), as well as in internal LAN they prefer IPv6.
That's why I'd like to replicate same DNS scheme for both worlds.

And, rumours are that my ISP is going to enable IPv6 natively, so I may be able to get rid of 6in4 sometime

 

[Tech9]

Before you get true Native IPv6 support from your ISP everything using IPv6 outside of your network will be slower than IPv4. Your IPv4 routing and latency plus Tunnelbroker routing and latency on top and HE servers limit some connections for load balancing.

 

[NonAlex]

Before you get true Native IPv6 support from your ISP everything using IPv6 outside of your network will be slower than IPv4. Your IPv4 routing and latency plus Tunnelbroker routing and latency on top and HE servers limit some connections for load balancing.

For google.com it's 30ms difference, not a big deal
And again, this argument doesn't make sense, as I need IPv6, and for now the only method to get it is Tunnelbroker.

Do you have any ideas on how to make DNS6 split horizon work on Asuswrt Merlin ?

 

[Tech9]

No arguments. Good luck!

 

[NonAlex]

To close that question: Dnsmasq only seem to work for EUI64 generated GUA. Perhaps that has to do with how ra-names work there. Net-net - I couldn't local DNS6 working for stable-private generated IPv6, however for EUI64 it works instantly for standard dhcp-host entries