I have been using Dnsmasq for many years and I am now trying to include
ipv6. Unfortunately, I cannot seem to get DHCPv6 to work, which I
believe I need in order to be able to look up hosts using DNS.
My ISP has allocated me with a /48 prefix and I am using dhcpcd to
delegate a /64 prefix to the LAN interface. This all seems to work fine.
My dnsmasq.conf settings are:
----------------------
filterwin2k
domain-needed
bogus-priv
#ipv6 stuff
enable-ra
dhcp-range=::1,constructor:enp3s0,24h
dhcp-host=fc:aa:14:c8:9c:3e,hadrian,[::5]
except-interface=ppp0
except-interface=enp4s0
interface=enp3s0
expand-hosts
bind-interfaces
domain=osburn-sharp.ath.cx
local=/osburn-sharp.ath.cx/
no-resolv
server=127.0.0.1#553
address=...
cname=...
dhcp-range=192.168.0.64,192.168.0.127,24h
read-ethers
bogus-nxdomain=212.82.32.48
dhcp-option=252,"\n"
dhcp-option=121,...
dhcp-option=3,192.168.0.1
mx-host=...
------------------------
I have included everything but truncated some entries where the info is
unlikely to be relevant. Some things are historical and probably could
be removed but they are not the issue.
I have tried various combinations of dhcp-range and dhcp-host and I have
tried it without the enable-ra.
I have a firewall in place that allows ipv6 on 546/7, which is needed
anyway for the ISP side to work. I log dropped packets. I do have a rule
for accepting broadcast packets for dhcpv4 but I am not sure if it is
needed, given that 67/8 are open anyway:
---------------------
-A INPUT -i enp3s0 -p udp -m addrtype --src-type UNSPEC --dst-type
BROADCAST --dport 67 -j ACCEPT
-A In-from-main-lan -i enp3s0 -s 192.168.0.0/24 -p tcp -m multiport
--dports 53,67,68,123 -j ACCEPT
---------------------
The dhcpcd on a client logs that it is soliciting a DHCPv6 lease but all
I get is either a SLAAC address or just local link if I have disabled
slaac. Using tcpdump I can see the dhcpv6 requests on the router's LAN
interface but there is no response. There are no dropped packets either.
Using lsof I cannot see that dnsmasq is listening on 547 but then I
cannot see it listening for DHCPv4 either.
My instinct suggests a routing problem? I know this can cause packets to
simply disappear. The DHCPv6 request appears to be multicast to ff08.
The routing table on the router is:
---------------------
2001:8b0:17a2::/64 dev enp3s0 proto dhcp metric 1002 pref medium
unreachable 2001:8b0:17a2::/48 dev lo proto dhcp metric 1001 pref medium
fe80::203:97ff:fe41:c000 dev ppp0 proto kernel metric 256 pref medium
fe80::b47c:2ce7:fc94:2eb0 dev ppp0 proto kernel metric 256 pref medium
fe80::/64 dev enp3s0 proto kernel metric 256 pref medium
fe80::/64 dev enp4s0 proto kernel metric 256 pref medium
default via fe80::203:97ff:fe41:c000 dev ppp0 proto ra metric 1006 pref
medium
--------------------
I don't have multicast forwarding enabled but I dont think that is
relevant. I am not doing anything explicit with the ipv6 routes - as I
understand it, they sort themselves out?
I would be very grateful if anyone can help. I have been searching
google for clues for weeks now to little avail. If you need any more
info I can provide it.
Thanks,
Robert Sharp
_______________________________________________
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
