How to make Avahi pick ULA ipv6 address [dead]

ugjka · 2024-06-23 09:34:42

Context: A Short IPv6 Guide for Home IPv4 Admins

Concept 6
ULA (unique local addresses). These are like private addresses from IPv4, but with a much larger address space. Remember Concept 1: don’t pick numbers. Use a website to randomly generate a ULA prefix. For company level LANs, this will allow multiple LANs to be merged in the future without conflict.
Once you have a ULA, assign it to your LAN interface. Radvd will pick it up and advertise it to the rest of your LAN, giving all your hosts a second IPv6 address.
You want to use these ULA for all your LAN communication. If you want to reach your printer or a media server, put their ULAs in the DNS and not the globally routable one. The reasons are that 1) for residential internet, the globally routable prefix can change and 2) if your ISP goes down for some reason, your LAN can function without disruption.

I picked fd95:51d:60c1::/64 ULA in my Mikrotik router, 2a03:ec00:b1a3:b83::/64 is the prefix given by my isp

[ugjka@ugjka ~]$ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host noprefixroute 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel master br0 state UP group default qlen 1000
    link/ether 4c:72:b9:ad:d0:5b brd ff:ff:ff:ff:ff:ff
    altname enp3s0
3: wlan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether 5a:d9:a2:4c:b7:c2 brd ff:ff:ff:ff:ff:ff permaddr 74:e5:43:b0:22:dc
    altname wlp2s0
4: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether fe:f8:f2:4b:48:6a brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.20/24 brd 192.168.1.255 scope global dynamic noprefixroute br0
       valid_lft 7074sec preferred_lft 7074sec
    inet6 2a03:ec00:b1a3:b83:eb70:8dd9:2d95:2d7e/64 scope global temporary dynamic 
       valid_lft 3438sec preferred_lft 1638sec
    inet6 2a03:ec00:b1a3:b83:1f7b:4412:c740:6858/64 scope global dynamic mngtmpaddr noprefixroute 
       valid_lft 3438sec preferred_lft 1638sec
    inet6 fd95:51d:60c1:0:8013:8257:b569:241f/64 scope global temporary dynamic 
       valid_lft 595677sec preferred_lft 76777sec
    inet6 fd95:51d:60c1:0:4106:78dd:5968:948a/64 scope global dynamic mngtmpaddr noprefixroute 
       valid_lft 2591838sec preferred_lft 604638sec
    inet6 fe80::3df8:caec:4066:8426/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
5: wg0: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1420 qdisc noqueue state UNKNOWN group default qlen 1000
    link/none 
    inet 10.111.222.2/24 scope global wg0
       valid_lft forever preferred_lft forever
    inet6 fd2a:421:3819::2/64 scope global 
       valid_lft forever preferred_lft forever

[ugjka@ugjka ~]$ grep -v "^#" /etc/avahi/avahi-daemon.conf 


[server]
use-ipv4=yes
use-ipv6=yes
allow-interfaces=br0
enable-dbus=yes
disallow-other-stacks=no
ratelimit-interval-usec=1000000
ratelimit-burst=1000

[wide-area]

[publish]

[reflector]

[rlimits]

The problem is that when i ping my host.local sometimes i get my ISP's prefix my rather than my ULA prefix in response.

Any pointers on this would be appreciated!

Last edited by ugjka (2024-06-24 12:27:24)

Lone_Wolf · 2024-06-23 10:29:03

Please post the content of your /etc/nsswitch.conf and the output of host -t SOA local (host command comes with bind package)

What are you using as DNS resolver ?

ugjka · 2024-06-23 11:03:38

1)

[ugjka@ugjka ~]$ cat /etc/nsswitch.conf 
# Name Service Switch configuration file.
# See nsswitch.conf(5) for details.

passwd: files systemd
group: files [SUCCESS=merge] systemd
shadow: files systemd
gshadow: files systemd

publickey: files

hosts: mymachines mdns [NOTFOUND=return] resolve [!UNAVAIL=return] files myhostname dns
networks: files

protocols: files
services: files
ethers: files
rpc: files

netgroup: files

2)

[ugjka@ugjka etc]$ host -t SOA local
Host local not found: 5(REFUSED)

3)

[ugjka@ugjka etc]$ resolvectl 
Global
         Protocols: +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
  resolv.conf mode: stub
Current DNS Server: 127.0.0.1
       DNS Servers: 127.0.0.1

Link 2 (eth0)
    Current Scopes: none
         Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported

Link 3 (wlan0)
    Current Scopes: none
         Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported

Link 4 (br0)
    Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6
         Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 192.168.1.1
       DNS Servers: 192.168.1.1 88.198.92.222 192.71.166.92 2a01:4f8:1c0c:82c0::1 2a03:f80:30:192:71:166:92:1

Link 5 (wg0)
    Current Scopes: none
         Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported

[ugjka@ugjka etc]$ nmcli 
br0: connected to bridge-br0
        "br0"
        bridge, FE:F8:F2:4B:48:6A, sw, mtu 1500
        ip4 default, ip6 default
        inet4 192.168.1.20/24
        route4 192.168.1.0/24 metric 425
        route4 default via 192.168.1.1 metric 425
        inet6 2a03:ec00:b1a3:b83:952:6688:eec4:ebe1/64
        inet6 2a03:ec00:b1a3:b83:1f7b:4412:c740:6858/64
        inet6 fd95:51d:60c1:0:25ee:824f:f9e:6339/64
        inet6 fd95:51d:60c1:0:4106:78dd:5968:948a/64
        inet6 fe80::3df8:caec:4066:8426/64
        route6 2a03:ec00:b1a3:b83::/64 metric 425
        route6 fd95:51d:60c1::/64 metric 425
        route6 fe80::/64 metric 1024
        route6 default via fe80::a55:31ff:fe1f:cc31 metric 425

eth0: connected to bridge-slave-eth0
        "Realtek RTL8111/8168/8211/8411"
        ethernet (r8169), 4C:72:B9:AD:D0:5B, hw, mtu 1500
        master br0

lo: connected (externally) to lo
        "lo"
        loopback (unknown), 00:00:00:00:00:00, sw, mtu 65536
        inet4 127.0.0.1/8
        inet6 ::1/128

Lone_Wolf · 2024-06-23 11:55:43

resolvectl, so systemd-resolved is probably your DNS resolver .

edit the hosts line of /etc/nsswitch.conf as described on https://wiki.archlinux.org/title/Avahi# … resolution

Then rerun host -t SOA local .
Incase it responds with NXDOMAIN, everything should work and you can (re-)test avahi functionality.

If it doesn't respond with nxdomain, see https://wiki.archlinux.org/title/Avahi# … om_working

ugjka · 2024-06-24 12:26:39

I abandoned the whole thing because resolvers will pick at random from the list of addresses it gets. I tested on multiple machines with different OSes, i even tested systemd-resolved's built in mdns thingy. Sometimes the resolver will pick link local ipv6 address, sometimes the ULA address and sometimes the globally routable address. The thing is that all addresses are actually broadcasted which i could verify with resolvectl query host.local it is just there is no way to tell which one to prefer...

There really is no burning need to have ipv6 mdns on my network, i just wanted to to see whether ipv6 is still a mess...

[edit] actually the problem is that i can't tell avahi which addresses to broadcast, it just does everything

Last edited by ugjka (2024-06-24 13:12:42)

Arch Linux

#1 2024-06-23 09:34:42

How to make Avahi pick ULA ipv6 address [dead]

#2 2024-06-23 10:29:03

Re: How to make Avahi pick ULA ipv6 address [dead]

#3 2024-06-23 11:03:38

Re: How to make Avahi pick ULA ipv6 address [dead]

#4 2024-06-23 11:55:43

Re: How to make Avahi pick ULA ipv6 address [dead]

#5 2024-06-24 12:26:39

Re: How to make Avahi pick ULA ipv6 address [dead]

Board footer