Using dnsmasq to serve IPv6 addresses with a bit of a twist.

[PatrickDickey]

Hi everyone,

I'm running an Amahi Home server (Fedora 19) that uses dnsmasq to handle dhcp/dns. Dnsmasq also has the capability to handle the IPv6 dhcp/dns, and I'd like to set it up with my tunnel. The "twist" is that my actual router also has an IPv6 address (Cisco 2514 router) on it's interface (as it's the gateway).

My network looks something like this:
                                                                               ---> Amahi Server
modem ---> Cisco 2514 Router ---> Cisco 2960 Switch ---|
                                                                               |--> Ubuntu Client
                                                                               |--> Windows Client
                                                                               |--> Ubuntu Client
                                                                               |--> etc (wireless, kindle, phone)

Right now the Cisco router has

Code Select Expand

ipv6 address 2001:470:1F11:830::/64 eui-64
ipv6 enable

on it's LAN facing interface.
Show ipv6 int brief gives me this:

Code Select Expand


show ipv6 int brief
Ethernet0                  [up/up]
    FE80::2E0:B0FF:FE63:CC86
    2001:470:1F11:830:2E0:B0FF:FE63:CC86
Tunnel0                    [up/up]
    FE80::4307:1AEE
    2001:470:1F10:830::2


The server has this:

Code Select Expand


enp2s5: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.2.98  netmask 255.255.255.0  broadcast 192.168.2.255
        inet6 fe80::21b:b9ff:fe83:e698  prefixlen 64  scopeid 0x20<link>
        inet6 2001:470:1f11:830:21b:b9ff:fe83:e698  prefixlen 64  scopeid 0x0<global>
        ether 00:1b:b9:83:e6:98  txqueuelen 1000  (Ethernet)
        RX packets 97837  bytes 28269021 (26.9 MiB)
        RX errors 0  dropped 29  overruns 0  frame 0
        TX packets 108059  bytes 76003909 (72.4 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

So my questions are, do I need to set a static address on that interface? Do I need to set a static address on the server? And what would I use for my range for the clients? Also is this a waste of time?

Ultimately, I'm hoping to get the IPv6 running seamlessly (as it uses the IPv4 DNS Servers to resolve addresses now). Also this will help others who don't have IPv4 (or don't want to use IPv4 dual-stack networks) to set it up on their servers. As far as the actual configuration of dnsmasq, I can handle that part. I just need to know what values to put in to make it all work.

Thanks for any insight, and have a great weekend.:)
Patrick.

[kasperd]

Dnsmasq also has the capability to handle the IPv6 dhcp/dns, and I'd like to set it up with my tunnel. The "twist" is that my actual router also has an IPv6 address (Cisco 2514 router) on it's interface (as it's the gateway).

If I understand correctly, you want the DHCPv6 server to just handle configuration of addresses, but you do not want it to be routing the IPv6 traffic between the LAN and WAN because you have a different device for that.

So my questions are, do I need to set a static address on that interface? Do I need to set a static address on the server?

I would expect this setup to work best, if you assign a static address to each of those two interfaces.

And what would I use for my range for the clients?

There are a few bits in the high end of the interface identifier, which should be zero for both the static addresses as well as for the DHCPv6 range. But apart from that you are free to choose addresses as you see fit.

For example you could use 2001:470:1F11:830::8000/113 for DHCPv6.

Also is this a waste of time?

That depends on what you are trying to achieve. If you learn something new from doing it, I don't think it is a complete waste of time. If you just want to get IPv6 working on your LAN, such that you can move on to working with IPv6 related stuff at higher levels (e.g. IPv6 support on the application layer), then you'd probably be better off by just configuring router advertisements on the router itself and not spend time on DHCPv6.

Ultimately, I'm hoping to get the IPv6 running seamlessly (as it uses the IPv4 DNS Servers to resolve addresses now).

The IPv6 address of your DNS resolver can be included in router advertisements, so you don't need DHCPv6 for that (as long as your clients support it). Even if the clients only get an IPv4 address of the DNS resolver, that DNS resolver could be on your LAN and be querying the outside world over IPv6. That way even though the clients use IPv4 to communicate with the DNS resolver, they will be IPv6 only on the WAN, and you won't be relying on any NAT either.