I have all LAN IPV4 hosts with a static lease so that I can reach them in a predictable manner from one another, by name.
I am aware that I cannot exactly replicate that situation with IPV6 since the prefix is outside my control (he.net gives me a /48) but I am fine with that: as long as I can somehow indirectly map each MAC to a name, I don't care what the actual address is.
What is really driving me up the wall is that the router somehow has a different /128 address for the hosts while the hosts all have multiple /64 addresses.
Given that I have the usual mix of Linux and Android hosts, plus the occasional Windows guest, how should I configure dnsmasq on the router? I'd rather not change anything on the hosts themselves, just like for IPV4.
Here are the configs:
/etc/config/dhcp (I removed most of the hosts, leaving just the two I am using for tests)
one way: use /etc/ethers ( and related dnsmasq option )
#readethers boolean 0 -Z Read static lease entries from /etc/ethers, re-read on SIGHUP
another way: adapt something like this to populate dnsmasq A records;
( excerpt from ipv4 script )
#!/bin/sh
while read timeS maC iP namE maC2; do
echo "$iP $namE"
#ADDandorREMOVE A RECORD or SETUP STATIX-RESERVO
sleep 1
done < dhcp6.leases #(/var/hosts/odhcpd)
service reload
exit
#schedule every 5-10mins in cron or trigger in /etc/dnsmasq.conf on lease
another way - most "official"
##########################################
#in /etc/dnsmasq.conf
#dhcp-script=/bin/updateDUID.sh
##########################################
#/bin/updateDUID.sh https://ashus.ashus.net/thread-175.html
#!/bin/sh
for I in $(uci show dhcp|awk -F '(\\[|\\]|\\.|=)' '{if ($2=="@host" && $5=="name") print $6}'); do
NAME=$(echo -ne $I | sed -r "s/'//g")
DUID=$(cat /var/hosts/odhcpd |awk -F ' ' "{if (\$1 == \"#\" && \$5 == \"$NAME\") print \$3 }"|head -n 1)
ID=$(uci show dhcp|awk -F '(\\[|\\]|\\.|=)' "{if (\$2==\"@host\" && \$6==\"$I\") print \$3}")
if [ "$DUID" != "0000000000000000000000000000" ]; then
echo Found: $NAME = $DUID
uci set dhcp.@host[$ID].duid=$DUID # Set DUID
fi
done
echo Commiting changes; uci commit; killall -HUP odhcpd
That is not at all... unlikely
I have a fair amount of confusion in my head regarding IPV6.
Adding to the confusion, one host (raspi running raspbian, afaik equivalent to wthat is now debian "oldstable") has a /128 which matches the DNS entry. The two Debian/testing machines have outdated entries.
If I understand you correctly, you're telling me that there is no way I can achieve my goal without some kind of intervention on the hosts if I still want every host to have an IPV6 address and a corresponding DNS entry.
If it helps, internally it would be perfectly acceptable for me if the entries in the DNS were those directly derived from the MAC address (SLAAC, is that it?). I wouldn't be answering queries from outside the network, of course.
Thanks, I'll have a look at the docs you linked, do some testing and come back when I have results.
For now, one question: how do I handle devices with multiple interfaces? I have two laptops, one W10 and one Linux, which have static IPV4 leases mapping both MACs (wired and wifi) to the same name, under the (reasonable for me) assumption that they're not going to be used concurrently.
config host
option name 'laptop'
option ip 'x.y.z.5'
option mac 'mac1 mac2'
client-side, either the cable is plugged in or I switch the wifi off. I could probably just let it be and ignore the extra address I get, sure, but it doesn't change the fact I need to list both MACs for the same lease if I want either of them to get the same hostname.
config host
option name 'desktop'
option ip 'x.y.z.4'
option mac 'mac'
option hostid '4'
option duid '0004blahblahblahdesktop'
config host
option name 'laptop'
option mac 'mac1 mac2'
option ip 'x.y.z.8'
option hostid '8'
option duid '0004blahblahblahlaptop'
config host
option name 'raspi'
option mac 'mac1 mac2'
option ip 'x.y.z.14'
option hostid '14'
option duid '0001blahblahblahraspi'
Debian (on desktop and laptop) creates type 4 DUIDs (option "Stable privacy" for "address generation" in NetworkManager seems to be the default when I create a new connection).
Raspbian creates type 1 DUIDs, no idea how to change it but it doesn't really matter, especially now.
Problem is, even after stopping multiple times dnsmasq, clearing the caches on clients and restarting....
only the raspi answers ping6 from the router and apparently it is not even using the correct hostid, since the last part of the address is ::514 (/128) instead of ::0014
Disabling the privacy extensions (tested on laptop) only removes the additional temporary addresses but the main one is still different and unknown. I guess I need to find out why the clients behave the way they do.
Oh and... how do I even handle Android devices? I thought of using "config domain" entries as if they were truly static addresses, instead of merely predictable, but this keyword does not support IPV6 according to the docs.
addr-gen-mode should apply to slaac addresses only, as I understand it; I tried changing the mode and reconnecting: different addresses but here the issue is that the lease is requested, obtained and then ignored. I've also tried disabling PE and nothing changed.
I'll call it a day, I've fixed PE on the raspi and the hostnames for Android devices... I don't have to learn everything TODAY
In the case of the laptop, the culprit was "ferm" (firewall): once I stopped it, it worked fine.... I'll need to punch a hole for dhcpv6.
My mistake here was taking the "solicit" message as confirmation that all was nominal, while there has to be a "request" as well. Once I saw in /var/log/messages that each dchp6 session was timing out, that was a huge clue. I'll see if the desktop is also timing out, though I don't recall ever installing any firewall there.
One thing I don't really understand yet is how the "hostid" works: if I set it to '0008', I'd expect the last group of the address to be ::8 but it's something else. This happened with the raspi, too, so it might just be me missing the point.
