What's new

RT-AC66U B1 386.2_4 - Native IPv6 stateful autoconfig gives clients a /128 subnet

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

hartacus

New Around Here
I run a dual-stack home network with two Piholes running DNS. The Asus RT-AC66U B1 still runs DHCP for the network.

To get local DNS working (important for me), I have configured IPv6 with stateful autoconfig on the router and the Piholes are configured to do conditional forwarding of the internal domain to the router for both IPv4 and IPv6. I initially had it set up with stateless autoconfig, but that rendered DNS troubleshooting on the Piholes virtually impossible because the client names would resolve externally to some gibberish set by the ISP. Stateful autoconfig allows the router to know what hostnames match the IPv6 addresses assigned out to LAN clients (except for mobile phones) so that mostly solves the local DNS issue, except...

My ISP provides the LAN with a native /56 subnet through DHCP-PD. Stateless autoconfig grants clients an address in a /64 subnet as expected. However, stateful autoconfig grants clients an address in a /128 subnet, no matter whether anything is specified in the dhcp-range directive via dnsmasq.postconf. I would have expected that dnsmasq, using constructor:br0, would also grant addresses in the router's /64 subnet. Am I wrong on that?

The reason it has caused me a headache is that the Pihole setting to listen on all interfaces (necessary as one of the Piholes also runs a VPN) only permits queries from one hop away, which meant that it was only responding to DNS queries sent via IPv6 from link-local addresses, not those sent from an address provided to another client via DHCPv6 because all clients are in their own subnet and would have to connect via the router, which is two hops. Switching to listen on eth0 only seems to fix the issue, but could make the VPN config a bit tricky.

Sorry if this is all showing my ignorance. Just hoping to learn.
 
Last edited:

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top