What's new

IPv6 dns server ips broadcast

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Ellenswamy

Regular Contributor
Question, I am running Merlin latest. If I turn on ipv6 can I set it to list my ipv6 dns servers instead of showing the router ipv6 address? Like you can do with ipv4 and turning off broadcast router IP address.

thanks!
 
It requires custom scripting, but @SomeWhereOverTheRainBow has an example in this post:
keep in mind I have not updated this, but I am glad @dave14305 has tagged me because it gives me the time now to share additional findings.

Don't go the full IPV6 address length for your local=/some.ipv6address/

instead just go prefix length.

The benefit is this incorporates "ALL" possibilities due to DNSMASQ built in wildcard incorporation. I noticed leaks when going the full /128 length, where as only doing the prefix will cover all with negligible length requirements.
 
I just posted a script this week to automatically mirror your LAN IPv4 DNS to the IPv6 DNS setting
 
I just posted a script this week to automatically mirror your LAN IPv4 DNS to the IPv6 DNS setting
This would work great as well, in situations where ipv6 and ipv4 play nicely together. While it may work locally with no additional problems, ISP incomplete IPV6 implementations on the other hand can pose some issues in regards to this method, and dual stack situations are not always compatible to this approach as well. IPV6 is meant to behave unhindered. substituting a mapped ipv4 to ipv6 can pose some potential translation issues outside of a network, hence IPV4 is behind a NAT, and IPV6 is not.


For example, if a PiHole is allowed unhindered IPV6 DNS addressing, it could then potentially locally communicate to clients locally via mapped ipv4 to ipv6 addressing. While this may appear to work, the IPV4 network is most likely behind a nat, while the IPV6 network is not and does not necessarily know how to translate this NATTED information.
 
Last edited:
keep in mind I have not updated this, but I am glad @dave14305 has tagged me because it gives me the time now to share additional findings.

Don't go the full IPV6 address length for your local=/some.ipv6address/

instead just go prefix length.

The benefit is this incorporates "ALL" possibilities due to DNSMASQ built in wildcard incorporation. I noticed leaks when going the full /128 length, where as only doing the prefix will cover all with negligible length requirements.
so is this any config on the router through ssh? Sorry for the question, I have experienc with raspberry pi but not router configs through command line. Worried I’ll break something…
 
so is this any config on the router through ssh? Sorry for the question, I have experienc with raspberry pi but not router configs through command line. Worried I’ll break something…
the easiest thing to do is this via ssh command line on your router.

Code:
printf "%s\n" "local=/$(nvram get ipv6_prefix | awk -F: '{for(i=1;i<=NF;i++)x=x""sprintf (":%4s", $i);gsub(/ /,"0",x);print x}' | cut -c 2- | cut -c 1-20 | sed 's/://g;s/^.*$/\n&\n/;tx;:x;s/\(\n.\)\(.*\)\(.\n\)/\3\2\1/;tx;s/\n//g;s/\(.\)/\1./g;s/$/ip6.arpa/')/" >> /jffs/configs/dnsmasq.conf.add; service restart_dnsmasq

you can then use the previous post to follow the specific directions for setting up reverse lookups for your ipv6 on your pihole. (skip the router portion).

Edit: had to change scripts to configs.
 
Last edited:
Here is MY current How to.


/jffs/scripts/dnsmasq.postconf

should include ( you need to include the appropriate shebang if you don't have one already followed by chmod 755 /jffs/scripts/dnsmasq.postconf in the terminal and a service restart_dnsmasq)

Code:
printf "%s\n" "local=/$(nvram get lan_ipaddr | awk 'BEGIN{FS="."}{print $2"."$1".in-addr.arpa"}')/" "local=/$(nvram get ipv6_prefix | awk -F: '{for(i=1;i<=NF;i++)x=x""sprintf (":%4s", $i);gsub(/ /,"0",x);print x}' | cut -c 2- | cut -c 1-20 | sed 's/://g;s/^.*$/\n&\n/;tx;:x;s/\(\n.\)\(.*\)\(.\n\)/\3\2\1/;tx;s/\n//g;s/\(.\)/\1./g;s/$/ip6.arpa/')/" "add-mac" "add-subnet=32,128" >> $1

as a single line this will cover adding Pihole to support both reverse lookups for ipv4 and ipv6

Users can set IPv4 pihole address in WAN and IPv6 DNS addresses inside their respective DNS GUI options. ( do not modify DHCP DNS).

Updated to include @ColinTaylor findings.
 
Last edited:
Here is MY current How to.


/jffs/scripts/dnsmasq.postconf

should include ( you need to include the appropriate shebang if you don't have one already followed by chmod 755 /jffs/scripts/dnsmasq.postconf in the terminal and a service restart_dnsmasq)

Code:
printf "%s\n" "local=/$(nvram get lan_ipaddr | awk 'BEGIN{FS="."}{print $2"."$1".in-addr.arpa"}')/" "local=/$(nvram get ipv6_prefix | sed "s/://g;s/^.*$/\n&\n/;tx;:x;s/\(\n.\)\(.*\)\(.\n\)/\3\2\1/;tx;s/\n//g;s/\(.\)/\1./g;s/$/ip6.arpa/")/" "add-mac" "add-subnet=32,128" >> $1

as a single line this will cover adding Pihole to support both reverse lookups for ipv4 and ipv6

Users can set IPv4 pihole address in WAN and IPv6 DNS addresses inside their respective DNS GUI options. ( do not modify DHCP DNS).
@SomeWhereOverTheRainBow I'm not an IPv6 expert but I don't think that code is creating a valid IPv6 reverse lookup. For example:
Code:
# nvram get ipv6_prefix
2001:470:1f09:154::

# printf "%s\n" "local=/$(nvram get ipv6_prefix | sed "s/://g;s/^.*$/\n&\n/;tx;:x;s/\(\n.\)\(.*\)\(.\n\)/\3\2\1/;tx;s/\n//g;s/\(.\)/\1./g;s/$/ip6.arpa/")/"
local=/4.5.1.9.0.f.1.0.7.4.1.0.0.2.ip6.arpa/
The first thing it does is remove all the ":" thereby loosing the ability to cope with suppressed leading zeros in any of the hex digits. So the result ought to have been:
Code:
local=/4.5.1.0.9.0.f.1.0.7.4.0.1.0.0.2.ip6.arpa/
 
@SomeWhereOverTheRainBow I'm not an IPv6 expert but I don't think that code is creating a valid IPv6 reverse lookup. For example:
Code:
# nvram get ipv6_prefix
2001:470:1f09:154::

# printf "%s\n" "local=/$(nvram get ipv6_prefix | sed "s/://g;s/^.*$/\n&\n/;tx;:x;s/\(\n.\)\(.*\)\(.\n\)/\3\2\1/;tx;s/\n//g;s/\(.\)/\1./g;s/$/ip6.arpa/")/"
local=/4.5.1.9.0.f.1.0.7.4.1.0.0.2.ip6.arpa/
The first thing it does is remove all the ":" thereby loosing the ability to cope with suppressed leading zeros in any of the hex digits. So the result ought to have been:
Code:
local=/4.5.1.0.9.0.f.1.0.7.4.0.1.0.0.2.ip6.arpa/
Dnsmasq should still recognize with or without leading zeros.
 
Dnsmasq should still recognize with or without leading zeros.
That's not the point. The sed command is returning the wrong address. The command appears to be the example string reversal taken from the sed manual. It's not intended to reverse hex numbers where leading zeroes in individual elements are suppressed.

In my example above it returned:
4.5.1.9.0.f.1.0.7.4.1.0.0.2.ip6.arpa

which is the reverse of

2001:4701:f091:4500:: and not 2001:470:1f09:154::
 
That's not the point. The sed command is returning the wrong address. The command appears to be the example string reversal taken from the sed manual. It's not intended to reverse hex numbers where leading zeroes in individual elements are suppressed.

In my example above it returned:
4.5.1.9.0.f.1.0.7.4.1.0.0.2.ip6.arpa

which is the reverse of

2001:4701:f091:4500:: and not 2001:470:1f09:154::
Change the code to

local=/$(host -t ptr $(nvram get ipv6_prefix) | cut -d' ' -f 2 | cut -c 33-)/
 
Since it took me a bit of searching, the "host" command is in bind-host or you can do bind-tools for all the common dns commands.

Code:
opkg install bind-tools

Also, to make sure I am understands this right, the local= statements in the dnsmasq.conf basically tell the router those are local domains and not to forward them upstream correct? This would be used in conjunction with conditional forwarding at the DNS server (Pihole or otherwise) to forward those queries to the router instead of sending them elsewhere.

So far in testing out AdGuard Home it does not seem to want to do anything with IPv6 lookups, it just shows the IPv6 address and doesn't even try to reverse it. Might have to test it out with Pihole now that you taught me how to manually add forwarding to it.
 
Since it took me a bit of searching, the "host" command is in bind-host or you can do bind-tools for all the common dns commands.

Code:
opkg install bind-tools

Also, to make sure I am understands this right, the local= statements in the dnsmasq.conf basically tell the router those are local domains and not to forward them upstream correct? This would be used in conjunction with conditional forwarding at the DNS server (Pihole or otherwise) to forward those queries to the router instead of sending them elsewhere.

So far in testing out AdGuard Home it does not seem to want to do anything with IPv6 lookups, it just shows the IPv6 address and doesn't even try to reverse it. Might have to test it out with Pihole now that you taught me how to manually add forwarding to it.
AGH does not support reverse lookups of SLAAC addressing assignments. Your network would have to be set strictly to stateful. Pihole is able to parse the information from add-mac options. it then associates the hostname to the mac.
 
Code:
local=/$(nvram get ipv6_prefix | awk -F: '{for(i=1;i<=NF;i++)x=x""sprintf (":%4s", $i);gsub(/ /,"0",x);print x}' | cut -c 2- | cut -c 1-20 | sed 's/://g;s/^.*$/\n&\n/;tx;:x;s/\(\n.\)\(.*\)\(.\n\)/\3\2\1/;tx;s/\n//g;s/\(.\)/\1./g;s/$/ip6.arpa/')/

@ColinTaylor

This will expand the prefix first before using sed. Can you verify if it works?
 
Hopefully OP got a solution one way or another, I have an off topic question since we are talking about PiHole now.
@SomeWhereOverTheRainBow, is there any way you have found to have "friendly" client names listed in Pihole, instead of the just the hostnames, when NOT using it as the DHCP server? Example instead of amazon-hdas568567 I want it to say "Kitchen Echo Show". I want to bind the names to the MAC, not the IP, since the IP may change.
 
Hopefully OP got a solution one way or another, I have an off topic question since we are talking about PiHole now.
@SomeWhereOverTheRainBow, is there any way you have found to have "friendly" client names listed in Pihole, instead of the just the hostnames, when NOT using it as the DHCP server? Example instead of amazon-hdas568567 I want it to say "Kitchen Echo Show". I want to bind the names to the MAC, not the IP, since the IP may change.
/etc /hosts on the parent dhcp network is my best thought. you would want to configure dnsmasq on the parent dhcp to prefer names inside /etc /hosts if available over using regular device names.

look at DNSmasq manpage, from my understanding there are ways to marry the hostrecords to the mac. (or an extension of the mac).
 

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top