SOLVED: IPv6 -> DNS & DHCP

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Atheros WiSOC based Hardware
Goto page 1, 2  Next
Author Message
Acumen
DD-WRT User


Joined: 15 Nov 2014
Posts: 206

PostPosted: Thu Feb 25, 2016 8:39    Post subject: SOLVED: IPv6 -> DNS & DHCP Reply with quote
Hi,

Yesterday I did a quick check on IPv6 on my Netgear 4300v1 and that went pretty smooth. My provider is serving me an IPv6 /64 range and by enabling 'DHCPv6 with Prefix Delegation' and 'Radvd', I was Ready for the future of the Internet, according to Google Laughing

So, technically I fixed it in approximately 5 minutes, however... Since I am used to have some grip on my DHCP leases and am running my own DNS server (both DNSMasq), I missed some "grip" on what was happening and switched back to IPv4 for some further research.

And there I am, wondering if anyone has the described DNSMasq functionality running on IPv6. If so, I am interested in a rough description of your configuration.

_________________
Netgear WNDR4300v1 DD-WRT v3.0 BS r29837 | Netgear R6400 DD-WRT v3.0 KB r30700M | Tickets: 5429
IPv4 & IPv6-PD | Unbridged VAP | FreeRadius for WPA2-Enterprise | ProFTP & Samba to USB thumb | Access Restiction | DNSMasq DHCP & DNS

Found a bug, report it so the it can be fixed: http://svn.dd-wrt.com/


Last edited by Acumen on Thu Sep 29, 2016 10:26; edited 1 time in total
Sponsor
elreydetodo
DD-WRT Novice


Joined: 22 Mar 2015
Posts: 6

PostPosted: Thu Feb 25, 2016 13:23    Post subject: Reply with quote
Here's what I've got for my own dnsmasq config in the web ui:

Code:

server=2001:4860:4860::8888
server=2001:4860:4860::8844
server=8.8.8.8
server=8.8.4.4

enable-ra
dhcp-range=<removed prefix>, ra-stateless, ra-names, 12h
dhcp-option=option6:dns-server,[::]
dhcp-option=vendor:MSFT,2,1i

#dnssec
#trust-anchor=.,19036,8,2,49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5
#dnssec-check-unsigned


I'm running exclusively dnsmasq. I've disabled the normal dhcp server and radvd service, dnsmasq is taking care of it for me. I enabled all of the options except the one about logging mac address for dns queries.

Note that the dnssec lines are commented. Enabling it causes dnsmasq to exit with no messages, it seems to not be built correctly to support it.
Acumen
DD-WRT User


Joined: 15 Nov 2014
Posts: 206

PostPosted: Thu Feb 25, 2016 15:26    Post subject: Reply with quote
I tried your setup, but did not get it to work.
Based on sites like this I tried prefixes like:

  • NNNN:NNNN:NNNN:NNNN/xx
  • NNNN:NNNN:NNNN:NNNN::/xx
  • NNNN:NNNN:NNNN:NNNN::
  • NNNN:NNNN:NNNN:NNNN:HHHH:HHHH:HHHH:HHHH
  • NNNN:NNNN:NNNN:NNNN:HHHH:HHHH:HHHH:HHHH/xx
  • ::<start>,::<end>
  • etc

but non of them seem to work. Can you clear the sky on the syntax you used for your prefix?

Thx![/list]

_________________
Netgear WNDR4300v1 DD-WRT v3.0 BS r29837 | Netgear R6400 DD-WRT v3.0 KB r30700M | Tickets: 5429
IPv4 & IPv6-PD | Unbridged VAP | FreeRadius for WPA2-Enterprise | ProFTP & Samba to USB thumb | Access Restiction | DNSMasq DHCP & DNS

Found a bug, report it so the it can be fixed: http://svn.dd-wrt.com/
elreydetodo
DD-WRT Novice


Joined: 22 Mar 2015
Posts: 6

PostPosted: Thu Feb 25, 2016 15:32    Post subject: Reply with quote
In my config it looks like the third option. That line should look like:

dhcp-range=1234:1234:1234:1234::, ra-stateless, ra-names, 12h
elreydetodo
DD-WRT Novice


Joined: 22 Mar 2015
Posts: 6

PostPosted: Thu Feb 25, 2016 15:33    Post subject: Reply with quote
If you are receiving a prefix designated by your ISP I actually don't know how to get that info into your dnsmasq config... I'm using a sixx tunnel, so my prefix is unchanging.
Acumen
DD-WRT User


Joined: 15 Nov 2014
Posts: 206

PostPosted: Thu Feb 25, 2016 16:08    Post subject: Reply with quote
According to "the documentation" you can construct it from the interface its IPv6 address. If I am right it should/could look something like this:
Code:
dhcp-range=::1,::500,constructor:eth0, ra-stateless, ra-names, 12h

Where the 1 is the starting address and 500 is the end. However, I am experimenting with a /65 of the /64 I got at the WAN side of the router.

Config is [Internet] --- [WAN | ISP Router | LAN] --- [WAN | DD-WRT | LAN] --- [clients]

But.... the good news... Since I was switching configs rapidly, I might stressed the router or my client... while writing this post, I (re)set the config with the prefix like you said, reconnected (wireless) and it all of a sudden works like it should...

So.... Thanks for your fast reply and config!

_________________
Netgear WNDR4300v1 DD-WRT v3.0 BS r29837 | Netgear R6400 DD-WRT v3.0 KB r30700M | Tickets: 5429
IPv4 & IPv6-PD | Unbridged VAP | FreeRadius for WPA2-Enterprise | ProFTP & Samba to USB thumb | Access Restiction | DNSMasq DHCP & DNS

Found a bug, report it so the it can be fixed: http://svn.dd-wrt.com/
Acumen
DD-WRT User


Joined: 15 Nov 2014
Posts: 206

PostPosted: Thu Feb 25, 2016 17:02    Post subject: Reply with quote
Perhaps interesting, if you (as in anyone) want to configure one hostname with a fixed IPv4 and IPv6 address, the syntax to add to your 'Additional DNSMasq Options' is:
Code:
host-record=<name>[,<name>....],[<IPv4-address>],[<IPv6-address>]

Another handy thing could be to "alias" a DHCP host by name. This is done by cname
Code:
cname=<cname>,<target>

For more handy stuff about DNSMasq -> http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html

Next stop, delivering IPv6 to my br1 interface. Suggestions are welcome Very Happy

_________________
Netgear WNDR4300v1 DD-WRT v3.0 BS r29837 | Netgear R6400 DD-WRT v3.0 KB r30700M | Tickets: 5429
IPv4 & IPv6-PD | Unbridged VAP | FreeRadius for WPA2-Enterprise | ProFTP & Samba to USB thumb | Access Restiction | DNSMasq DHCP & DNS

Found a bug, report it so the it can be fixed: http://svn.dd-wrt.com/
Acumen
DD-WRT User


Joined: 15 Nov 2014
Posts: 206

PostPosted: Sun Feb 28, 2016 18:39    Post subject: Reply with quote
I believe to have tried every configuration I can imagine and find online. Could it be that there must be added some explicit ACCEPT rules in the firewall.

As as test I removed all custom rules, but no IPv6 Address was served at the clients on br1, where br0 works flawless.

Any help is welcome!

_________________
Netgear WNDR4300v1 DD-WRT v3.0 BS r29837 | Netgear R6400 DD-WRT v3.0 KB r30700M | Tickets: 5429
IPv4 & IPv6-PD | Unbridged VAP | FreeRadius for WPA2-Enterprise | ProFTP & Samba to USB thumb | Access Restiction | DNSMasq DHCP & DNS

Found a bug, report it so the it can be fixed: http://svn.dd-wrt.com/
Mile-Lile
DD-WRT Guru


Joined: 24 Feb 2013
Posts: 1142
Location: Belgrade

PostPosted: Sun Feb 28, 2016 19:03    Post subject: Reply with quote
You have to use constructor directive for that interface (br1) too. Just repeat it and replace interface...

You have it here http://www.dd-wrt.com/phpBB2/viewtopic.php?t=257493&postdays=0&postorder=asc&start=330

or if is 5Ghz netowrk (meaning not guests) I would try:

Code:
bridge-interface=br0,br1


Quote:
bridge-interface=<interface>,<alias>[,<alias>]
Treat DHCP (v4 and v6) request and IPv6 Router Solicit packets arriving at any of the <alias> interfaces as if they had arrived at <interface>. This option allows dnsmasq to provide DHCP and RA service over unaddressed and unbridged Ethernet interfaces, e.g. on an OpenStack compute host where each such interface is a TAP interface to a VM, or as in "old style bridging" on BSD platforms. A trailing '*' wildcard can be used in each <alias>.
Acumen
DD-WRT User


Joined: 15 Nov 2014
Posts: 206

PostPosted: Sun Feb 28, 2016 20:02    Post subject: Reply with quote
Well -beep- me... After reading several config files and pages of documentations without any decent clue, and all it took was:
Code:
bridge-interface=br0,br1

Next stop is getting online with the IPv6 address, like it does on 'br0', but that's for another day.

Thanks for time and answers Mile-Lile and elreydetodo!

_________________
Netgear WNDR4300v1 DD-WRT v3.0 BS r29837 | Netgear R6400 DD-WRT v3.0 KB r30700M | Tickets: 5429
IPv4 & IPv6-PD | Unbridged VAP | FreeRadius for WPA2-Enterprise | ProFTP & Samba to USB thumb | Access Restiction | DNSMasq DHCP & DNS

Found a bug, report it so the it can be fixed: http://svn.dd-wrt.com/
Acumen
DD-WRT User


Joined: 15 Nov 2014
Posts: 206

PostPosted: Mon Feb 29, 2016 19:11    Post subject: Reply with quote
Update:

I added the following to the DNS config:
Code:
bridge-interface=br0,br1
ra-param=*,10,300
enable-ra
quiet-ra
quiet-dhcp
quiet-dhcp6

dhcp-range=br0,xxxx:yyyy:zzzz:69e0::1, xxxx:yyyy:zzzz:69e0::7FFF, ra-stateless, ra-names, 4h
dhcp-range=br1,xxxx:yyyy:zzzz:69e0::8000, xxxx:yyyy:zzzz:69e0::FFFF, ra-stateless, ra-names, 4h

Where off course xxxx:yyyy:zzzz represents my prefix. Now I get an IP address, strangely enough always in the br1 range, even when I am connected to br0, and I get results from DNS, but somehow am not able to get on the Internet. I can when I connect to br0.

The first add-ons come from the script mentioned by Mile-Lile.

If anyone has a clue, I am very much willing to hear it... Probably something silly again

_________________
Netgear WNDR4300v1 DD-WRT v3.0 BS r29837 | Netgear R6400 DD-WRT v3.0 KB r30700M | Tickets: 5429
IPv4 & IPv6-PD | Unbridged VAP | FreeRadius for WPA2-Enterprise | ProFTP & Samba to USB thumb | Access Restiction | DNSMasq DHCP & DNS

Found a bug, report it so the it can be fixed: http://svn.dd-wrt.com/
IsaacFL
DD-WRT Novice


Joined: 12 Jan 2016
Posts: 20
Location: Palm Springs, CA

PostPosted: Mon Feb 29, 2016 20:53    Post subject: Reply with quote
Acumen wrote:
Update:

I added the following to the DNS config:
Code:
bridge-interface=br0,br1
ra-param=*,10,300
enable-ra
quiet-ra
quiet-dhcp
quiet-dhcp6

dhcp-range=br0,xxxx:yyyy:zzzz:69e0::1, xxxx:yyyy:zzzz:69e0::7FFF, ra-stateless, ra-names, 4h
dhcp-range=br1,xxxx:yyyy:zzzz:69e0::8000, xxxx:yyyy:zzzz:69e0::FFFF, ra-stateless, ra-names, 4h

Where off course xxxx:yyyy:zzzz represents my prefix. Now I get an IP address, strangely enough always in the br1 range, even when I am connected to br0, and I get results from DNS, but somehow am not able to get on the Internet. I can when I connect to br0.

The first add-ons come from the script mentioned by Mile-Lile.

If anyone has a clue, I am very much willing to hear it... Probably something silly again


Mine works, and is:

enable-ra
dhcp-range=::1000,::FFFF,constructor:br0,ra-names,5m
dhcp-option=option6:dns-server,[fe80::226:f2ff:fefd:b511],[2001:4860:4860::8844]
ra-param=br0,10,300

I don't have a br1 is the only difference.
Acumen
DD-WRT User


Joined: 15 Nov 2014
Posts: 206

PostPosted: Tue Mar 01, 2016 7:10    Post subject: Reply with quote
Hi Isaac,

Thanks for your reply. My config works fine on BR0, but does not on BR1. I don't know if it has anything to do with this, but I cannot seem to get it to route BR1 with IPv6, where IPv4 works perfect.
Quote:
My ISP offers me a /64 IPv6 range (xxxx:yyyy:zzzz:9600::/64)
My DD-WRT got the IPv6 address within that range, like I expect it should.

I configured IPv6 with 'DHCP with Prefix Delegation' and a Prefix length of '65' and my DD-WRT LAN devices get addresses within the range 'xxxx:yyyy:zzzz:69e0::' which seems logical to me. The interesting part though is that 'ifconfig' says my br0 interface has: 'inet6 addr: xxxx:yyyy:zzzz:69e0::0/59 Scope:Global'

59 equals 32 networks of /64.

Anyway, there is still some exploring to do since IPv6 seems that new to most people, that I cannot find an applicable example or guide either.

_________________
Netgear WNDR4300v1 DD-WRT v3.0 BS r29837 | Netgear R6400 DD-WRT v3.0 KB r30700M | Tickets: 5429
IPv4 & IPv6-PD | Unbridged VAP | FreeRadius for WPA2-Enterprise | ProFTP & Samba to USB thumb | Access Restiction | DNSMasq DHCP & DNS

Found a bug, report it so the it can be fixed: http://svn.dd-wrt.com/
Mile-Lile
DD-WRT Guru


Joined: 24 Feb 2013
Posts: 1142
Location: Belgrade

PostPosted: Tue Mar 01, 2016 7:19    Post subject: Reply with quote
Ask help from JAMESMTL... find him on broadcom ddwrt forum. He is ipv6 guru and he helped me many times...
Acumen
DD-WRT User


Joined: 15 Nov 2014
Posts: 206

PostPosted: Tue Mar 01, 2016 8:05    Post subject: Reply with quote
Mile-Lile wrote:
Ask help from JAMESMTL... find him on broadcom ddwrt forum. He is ipv6 guru and he helped me many times...

Just did: https://www.dd-wrt.com/phpBB2/viewtopic.php?p=1011395#1011395

Thanks

_________________
Netgear WNDR4300v1 DD-WRT v3.0 BS r29837 | Netgear R6400 DD-WRT v3.0 KB r30700M | Tickets: 5429
IPv4 & IPv6-PD | Unbridged VAP | FreeRadius for WPA2-Enterprise | ProFTP & Samba to USB thumb | Access Restiction | DNSMasq DHCP & DNS

Found a bug, report it so the it can be fixed: http://svn.dd-wrt.com/
Goto page 1, 2  Next Display posts from previous:    Page 1 of 2
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Atheros WiSOC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum