Arch Linux

Weytsengtang

Member

Registered: 2014-10-22

Posts: 8

Replace DHCPv6 server on home router with dnsmasq on second machine

Hello,

I got a router from my ISP which I cannot change (an AVM Fritz!Box 6360; usual configuration in Germany). Well it works generally fine, but I want to have some more options concerning the DNS server. So I thought about installing dnsmasq on my Raspberry Pi and having it handling all the DHCP and DNS stuff.

Well, the only problem is: IPv6. I only have Dual Stack Lite and thus I want to use IPv6 nicely.
Disabling DHCPv4 in the home router and replacing it with dnsmasq on IPv4 only works, but how do I do this with IPv6?

I see the problem that the router hands out the prefix (which changes sometimes a few months) which it gets via DHCPv6 from the ISP (or some other method; don't know) via RA; and additionally the DNS entry via its own DHCP6 server. How can I replace this, so that the Raspberry Pi sends out RA+DHCPv6 instead of the Fritz!Box? But the Raspberry Pi first needs to get the prefix from the Fritz!Box, while handling it out on its own.

I have several options on the Fritz!Box concerning IPv6:

Enable DHCPv6 server

• Only hand out DNS server

• Hand out DNS server + IPv6 prefix (IA_PD)

• Hand out DNS server + IPv6 prefix (IA_PD) + IPv6 address (IA_NA)

or

Disable DHCPv6 server:

• No other DHCPv6 servers in the subnet: Clients should use SLAAC

• Active the O flag in the RA messages of the Fritz!Box -> Clients should get every every non-IP address information (e.g. DNS server) from other DHCPv6 servers in the LAN

• Active the O and M flag in the RA messages of the Fritz!Box -> Clients should get their own IPv6 address and every non-IP address information from other DHCPv6 servers in the LAN

Also, I can check " Hand out DNSv6 server over Router Advertisement (RFC 5006)" and set a priority to the Fritz!Box DHCPv6-Server (currently 0).

So how do I do this? Basically I am fine that the clients get their addresses via SLAAC, I just want to distribute the dnsmasq DNS server to the clients. Also I would like that other routers can use prefix delegation. I guess this needs to be on the Fritz!Box because it has to set a route to another router, right?

Any help would be deeply appreciated

branch

Member

Registered: 2014-03-16

Posts: 209

Re: Replace DHCPv6 server on home router with dnsmasq on second machine

Router:
    - RA's: On, advertise prefix only, set "O" flag.
    - DHCPv6: Off.
RPi:
    - RA's: Off.
    - DHCPv6: On, serving "other" info only (eg. DNS and NTP servers, but not addresses).
Clients:
    - Address: SLAAC based on RA prefix.
    - Other info: DHCPv6 from RPi.

Only routers should send RA's. Also, you only want one DHCPv6 server on the subnet. Since you cannot configure the router's DHCPv6 server to do what you want, let the RPi serve DHCPv6 "other" info instead. Any normally configured client device should automatically work with this configuration.

Weytsengtang

Member

Registered: 2014-10-22

Posts: 8

Re: Replace DHCPv6 server on home router with dnsmasq on second machine

Hello branch,

thank you for your answer. Do you have any idea how to do the RPI config in dnsmasq?

I currently have

expand-hosts
bogus-priv
stop-dns-rebind
domain-needed
local=/privat.lan/
domain=privat.lan,192.168.10.0/24,local
server=/ad.privat.lan/192.168.10.201

dhcp-authoritative


dhcp-range=192.168.10.10,192.168.10.150,12h
dhcp-option=option:router,192.168.10.1

dhcp-range=::ba27:ebff:fe38:a7fd,constructor:eth0,ra-names,12h
dhcp-option=option6:dns-server,[fe80::]

But the DNS server is not distributed via IPv6. Windows 7, 8 or 10 does not show anything in the  "IPv6 DNS servers" row, and on IPv6 default gateway it shows both the link local address of my home router and the link local of my Raspberry Pi (which I guess is wrong, because the gateway should only be the Router). Network manager does it right, but I cannot imagine that Windows would do such a basic IP networking issue incorrectly, so I guess my configuration has some problem?

Last edited by Weytsengtang (2015-09-11 06:25:49)