DNS ipv6 with dynamic prefix

rsq · Apr 18, 2018, 7:44 PM

Hi *,

I am having configuration issues on my freshly installed pfsense, I hope someone can help me.

My ISP supplies us with a /56 prefix with prefix delegation. This prefix is dynamic, it changes on reboots of the firewall/cablemodem.

I operate a raspberry pi on my network to run some services. Among them is pihole. The purpose is to block DNS lookups to advertising domains.

For IPv4 it is simple, the pihole is configured to use the pfsense as upstream lookup, and the DHCP supplies the pihole's IP to IPv4 clients.

For IPv6, I have defined a static mapping for the pihole ( ::22 ) and I can see that the DHCPv6 server assigns this IP to the pihole, so far so good.

I cannot however configure the DHCPv6 server to hand out ::22 as DNS server address. How can I configure this?

A possible alternative is to configure the pfsense as a forwarder, and let it forward to the pihole. I also don't know how to do this.

All help is appreciated.

Best regards, Erik

JKnott · Apr 18, 2018, 8:17 PM

My ISP supplies us with a /56 prefix with prefix delegation. This prefix is dynamic, it changes on reboots of the firewall/cablemodem.

Do you have "Do not allow PD/Address release" on the WAN interface selected? That should keep the prefix from changing.

rsq · Apr 19, 2018, 7:13 AM

I enabled the setting. The prefix no longer changes when I reboot the pfsense box, but a power cycle of the cable modem still changes the prefix.

I am considering sending the fe80:: address of the pihole as DNS ip since that won't change.

Still does not solve the problem, but it is a possible workaround.

Thanks for the input.