[Dnsmasq-discuss] IPv6 on OpenWRT

Discussion:

Eric Luehrsen

2017-01-17 03:37:33 UTC

Hi Alec,

Have you tried setting `--dhcp-option=option6:dns-server,[fd00::]` for auto fill in of ULA or `--dhcp-option=option6:dns-server,[::]` auto ~ GA?

By default dnsmasq will send [fe80::] LL in RA and DHCPv6, but some clients do not like DNS on LL. It also can break down in some virtual-bridge situations. The client network driver forgets (or software resolver bug doesnt enter) which interface to route [fe80::] on. IT often requires %eth0 or some such. The above options will override this [fe80::] address, and make the situation more robust..

>2016-12-26 18:56 GMT-02:00 Alec Robertson <***@gmail.com>:
> Hi all,
>
> I am using dnsmasq on OpenWRT and I have configured the DHCPv6 server and
> it is working well with the clients connected to the router. However, the
> DNS is not working; IPv6 requests are not successful.
>
> The clients are given the router’s IP for DNS, like they are with IPv4 but
> the DNS is not working. How do I configure the DNS servers on dnsmasq
> correctly? I am using a 6in4 tunnel via Hurricane Electric.
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-***@lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>

Aaron Wood

2017-01-23 03:56:49 UTC

Permalink

On Mon, Jan 16, 2017 at 7:37 PM, Eric Luehrsen <***@hotmail.com>
wrote:

> Hi Alec,
>
> Have you tried setting `--dhcp-option=option6:dns-server,[fd00::]` for
> auto fill in of ULA or `--dhcp-option=option6:dns-server,[::]` auto ~ GA?
>
> By default dnsmasq will send [fe80::] LL in RA and DHCPv6, but some
> clients do not like DNS on LL. It also can break down in some
> virtual-bridge situations. The client network driver forgets (or software
> resolver bug doesnt enter) which interface to route [fe80::] on. IT often
> requires %eth0 or some such. The above options will override this [fe80::]
> address, and make the situation more robust..
>

I've realized that OSX has the same issue as a client, and so I've been
trying to get this to work on LEDE/OpenWRT. And all I'm getting from
dnsmasq is grief about the opt-spec being incorrect:

The following:
dhcp-option=option6,dns-server,[fd00::]
yields errors about invalid options

And the following:
dhcp-option=option6,6,[fd00::]
complains about an invalid ip address

It's v2.76.

But I see from the compile options, that IPv6 may only be partially
configured:
IPv6 GNU-getopt no-DBus no-i18n no-IDN DHCP *no-DHCPv6* no-Lua TFTP
no-conntrack no-ipset no-auth no-DNSSEC no-ID loop-detect inotify

And so I'm guessing that with the ipv6 option, RA works, but without
DHCPv6, none of the features like option6 work correctly??

-Aaron

Eric Luehrsen

2017-01-23 04:40:25 UTC

Permalink

Syntax error also. option/option6 statements need a colon before the option-name
--dhcp-option=option6:dns-server,[fd00::]

For OpenWrt/LEDE you can use dnsmasq-dhcp6 or dnsmasq-full. If you migrate over to LEDE and do your own builds, I have a pull on github to incorporate dnsmasq-dhcp6 into UCI when odhcpd is removed or disabled. Also LEDE dnsmasq.init script inspects the build options on dnsmasq and prevents you from trying to configure missing content. If you are concerned about stability. LEDE will be releasing 17.01 soon; my pull won't be in it, but its easy to hijack the init script from git hub.

ERIC

From: Aaron Wood <***@gmail.com>
Sent: Sunday, January 22, 2017 22:56
I've realized that OSX has the same issue as a client, and so I've been trying to get this to work on LEDE/OpenWRT. And all I'm getting from dnsmasq is grief about the opt-spec being incorrect:
The following:
dhcp-option=option6,dns-server,[fd00::]
yields errors about invalid options
And the following:
dhcp-option=option6,6,[fd00::]
complains about an invalid ip address
It's v2.76.
But I see from the compile options, that IPv6 may only be partially configured:
IPv6 GNU-getopt no-DBus no-i18n no-IDN DHCP no-DHCPv6 no-Lua TFTP no-conntrack no-ipset no-auth no-DNSSEC no-ID loop-detect inotify
And so I'm guessing that with the ipv6 option, RA works, but without DHCPv6, none of the features like option6 work correctly??
-Aaron

Aaron Wood

2017-01-23 05:46:29 UTC

Permalink

On Sun, Jan 22, 2017 at 8:40 PM, Eric Luehrsen <***@hotmail.com>
wrote:

> Syntax error also. option/option6 statements need a colon before the
> option-name
> --dhcp-option=option6:dns-server,[fd00::]
>
> For OpenWrt/LEDE you can use dnsmasq-dhcp6 or dnsmasq-full. If you migrate
> over to LEDE and do your own builds, I have a pull on github to incorporate
> dnsmasq-dhcp6 into UCI when odhcpd is removed or disabled. Also LEDE
> dnsmasq.init script inspects the build options on dnsmasq and prevents you
> from trying to configure missing content. If you are concerned about
> stability. LEDE will be releasing 17.01 soon; my pull won't be in it, but
> its easy to hijack the init script from git hub.
>

I needed to switch to dnsmasq-full to get the option6 parsing to work
(without it, it wanted the comma, not the colon).

And now I realize that I have odhcpd running, and not dnsmasq, for ipv6
connectivity configuration. This will be fun to switch to.

(and a link to that pull would be greatly appreciated, Eric)

-Aaron

Eric Luehrsen

2017-01-23 05:52:54 UTC

Permalink

https://github.com/lede-project/source/pull/674

- Eric

-------- Original message --------
From: Aaron Wood <***@gmail.com>
Date: 1/23/17 00:46 (GMT-05:00)
To: Eric Luehrsen <***@hotmail.com>
Cc: "BIZ: DNSMASQ List" <dnsmasq-***@lists.thekelleys.org.uk>
Subject: Re: [Dnsmasq-discuss] IPv6 on OpenWRT

On Sun, Jan 22, 2017 at 8:40 PM, Eric Luehrsen <***@hotmail.com<mailto:***@hotmail.com>> wrote:
Syntax error also. option/option6 statements need a colon before the option-name
--dhcp-option=option6:dns-server,[fd00::]

For OpenWrt/LEDE you can use dnsmasq-dhcp6 or dnsmasq-full. If you migrate over to LEDE and do your own builds, I have a pull on github to incorporate dnsmasq-dhcp6 into UCI when odhcpd is removed or disabled. Also LEDE dnsmasq.init script inspects the build options on dnsmasq and prevents you from trying to configure missing content. If you are concerned about stability. LEDE will be releasing 17.01 soon; my pull won't be in it, but its easy to hijack the init script from git hub.

I needed to switch to dnsmasq-full to get the option6 parsing to work (without it, it wanted the comma, not the colon).

And now I realize that I have odhcpd running, and not dnsmasq, for ipv6 connectivity configuration. This will be fun to switch to.

(and a link to that pull would be greatly appreciated, Eric)

-Aaron

Aaron Wood

2017-01-23 06:36:55 UTC

Permalink

Thanks much, Eric,

I've tried a few different options, and am still not getting the dns-server
option to work in my setup. The RAs don't contain the dns info.

Here's the latest setup (based on info from Eric's PR):

enable-ra
dhcp-range=lan6,::,constructor:br-lan,slaac,ra-names
dhcp-option=lan6,option6:dns-server,[fd00::]

I've also tried:
dhcp-range=lan6,::,constructor:br-lan,ra-only
and
dhcp-range=lan6,::,constructor:br-lan

Any pointers to what I might be doing wrong are greatly appreciated.

Thanks,
Aaron

Eric Luehrsen

2017-01-23 07:03:11 UTC

Permalink

/tmp/etc/dnsmasq.conf ... auto generated chunk

ra-param=br-lan,0,7200
dhcp-range=set:lan,::1000,::ffff,constructor:br-lan,slaac,ra-names,4h
dhcp-option=lan,option:ntp-server,0.0.0.0
dhcp-option=lan,option:dns-server,0.0.0.0
dhcp-option=lan,252,"\n"
dhcp-option=lan,option6:ntp-server,[fd00::]
dhcp-option=lan,option6:dns-server,[fd00::]
enable-ra
quiet-ra

/etc/config/dhcp ... lan chunk

config dhcp 'lan'
   option dhcpv4 'server'
   option dhcpv6 'server'
   option interface 'lan'
   option limit '150'
   option leasetime '4h'
   option ra 'server'
   option ra_management '1'
   option ra_preference 'medium'
   option start '100'
   list dhcp_option 'option:ntp-server,0.0.0.0'
   list dhcp_option 'option:dns-server,0.0.0.0'
   list dhcp_option '252,"\n"'
   list dhcp_option 'option6:ntp-server,[fd00::]'
   list dhcp_option 'option6:dns-server,[fd00::]'

With my pull request on LEDE....

-------- Original message --------
From: Aaron Wood <***@gmail.com>
Date: 1/23/17 00:46 (GMT-05:00)
To: Eric Luehrsen <***@hotmail.com>
Cc: "BIZ: DNSMASQ List" <dnsmasq-***@lists.thekelleys.org.uk>
Subject: Re: [Dnsmasq-discuss] IPv6 on OpenWRT