RT-AC66U B1 386.2_4 - Native IPv6 stateful autoconfig gives clients a /128 subnet

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

hartacus

New Around Here
I run a dual-stack home network with two Piholes running DNS. The Asus RT-AC66U B1 still runs DHCP for the network.

To get local DNS working (important for me), I have configured IPv6 with stateful autoconfig on the router and the Piholes are configured to do conditional forwarding of the internal domain to the router for both IPv4 and IPv6. I initially had it set up with stateless autoconfig, but that rendered DNS troubleshooting on the Piholes virtually impossible because the client names would resolve externally to some gibberish set by the ISP. Stateful autoconfig allows the router to know what hostnames match the IPv6 addresses assigned out to LAN clients (except for mobile phones) so that mostly solves the local DNS issue, except...

My ISP provides the LAN with a native /56 subnet through DHCP-PD. Stateless autoconfig grants clients an address in a /64 subnet as expected. However, stateful autoconfig grants clients an address in a /128 subnet, no matter whether anything is specified in the dhcp-range directive via dnsmasq.postconf. I would have expected that dnsmasq, using constructor:br0, would also grant addresses in the router's /64 subnet. Am I wrong on that?

The reason it has caused me a headache is that the Pihole setting to listen on all interfaces (necessary as one of the Piholes also runs a VPN) only permits queries from one hop away, which meant that it was only responding to DNS queries sent via IPv6 from link-local addresses, not those sent from an address provided to another client via DHCPv6 because all clients are in their own subnet and would have to connect via the router, which is two hops. Switching to listen on eth0 only seems to fix the issue, but could make the VPN config a bit tricky.

Sorry if this is all showing my ignorance. Just hoping to learn.
 
Last edited:

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top