IPv6 DNS registration best practices?



  • Hello,

    I configured IPv6 connectivity over Prefix Delegation and Interface Tracking of the WAN Interface for my LAN Networks.

    I use the DNS Resolver for name resolution.

    The first thing I tried was using SLAAC to configure the IPv6 addresses on my clients. This worked good (including DNS Server and DNS search domain) but the clients was not registered in my DNS Resolver on the pfsense.
    Is there a way to achieve this?

    I tried then an DHCPv6 configuration. My clients used successfully the DHCPv6 Server to obtain the IPv6 configuration including the DNS Server and I'm able to see the DHCPv6 Lease in pfsense.
    I configured in the DNS Resolver:

    • Register DHCP leases in the DNS Resolver
      This works fine with IPv4 DHCP Leases but my IPv6 DHCP Leases are not registered.

    Next try was to fix the problem over the DHCPv6 Option

    • Enable registration of DHCP client names in DNS.
      Here I need several other information like DDNS Domain Key secret etc.
      This is not configurable in DHCP Resolver therefore I guess this options are for external DNS Servers and not for the pfsense DNS Servers. Is this right?

    What are the best practices to register the client IPv6 addresses in DNS?

    Thank you for your help.



  • @tux1337:


    What are the best practices to register the client IPv6 addresses in DNS?

    I'm using he.net myself for IPv6, which means the prefix is always the same.
    So, the good old 'static MAC/DUID' reservation works great - DNS registration included.



  • @Gertjan:

    I'm using he.net myself for IPv6, which means the prefix is always the same.
    So, the good old 'static MAC/DUID' reservation works great - DNS registration included.

    Thanks for the hint. I found this redmine entry:
    https://redmine.pfsense.org/issues/2017
    and can confirm, that DNS registration for static DHCPv6 leases works fine.

    But this is not an option for my setup. The clients are dynamic and the network is to big to maintain static dhcp leases.

    I've done some further research to the topic.
    In the redmine request the developer mentioned that the hostname is not send from the dhclient. I found out that this was an issue in the isc dhclient which is solved in version 4.3.
    See: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=670865

    I checked the Debian dhclient.conf and can confirm that there is an entry with:
    send host-name = gethostname();

    So I guess the hostname should be send now.

    I checked then the dhcp6.leases file and found out that isc-dhcpd has no field for the hostname for ipv6.
    I found nothing in the ISC DHCPd tracker if they are working on this to add the hostname on the dhcp6.leases file.

    I found out that if dnsmasq is used as DHCP and DNS Server it should be possible to have DNS client registration with ipv6 out of the box.
    Unfortunately pfsense uses isc-dhcpd and I think there is no option to change this from a user perspective.