Understanding how to get hostnames in IPv6 leases

Gooberpatrol66

So according to this,

https://gitlab.isc.org/isc-projects/dhcp/-/issues/87

in order to get hostnames to appear in IPv6 leases, I need to enable DDNS on the DHCP server. So I go to Services > DHCPv6 Server > Dynamic DNS, click Enable Registration, then in the DDNS Domain, I put the domain name that my registrar has assigned to my network, and in Primary DDNS address, I put 10.0.0.1, then I set the Key Algorithm to SHA512, then I put something I generated in KeePass as the DDNS Domain Key Secret.

Does all of that sound correct?

JKnott

@Gooberpatrol66

Is there some specific reason you're using DHCPv6? You generally don't need it as SLAAC provides for automatic addressing. With SLAAC you get at least a consistent address that you configure the DNS server to point to. Also, if you use DHCPv6, Android devices won't work, as for some stupid reason Android does not support it.

dotdash

@JKnott said in Understanding how to get hostnames in IPv6 leases:

Also, if you use DHCPv6, Android devices won't work, as for some stupid reason Android does not support it.

You mean, Android doesn't support DHCPv6 because Lorenzo Colitti is a %#$%! who thinks just because a standard doesn't fit into his use case, that no one should have the option to decide if they want to use it.

As for the OP- what are you trying to do exactly? It sounds like you want to push an AAAA record to your public DDNS zone for every host that gets a lease. Normally, you'd just send the dynamic updates to a private DNS server, either on pfSense, or elsewhere on your LAN.

kiokoman

he's a bully
he wants to impose his ideas instead of allowing the user to choose
it is a shame that he is an Italian engineer to be NOT proud of

Gooberpatrol66

@JKnott SLAAC means IPv6 addresses won't appear in the leases page, right?

kiokoman

right, there are no lease state associated with SLAAC users.

JKnott

@Gooberpatrol66

Correct. Since DHCPv6 isn't used, there are no leases.

MikeV7896

The only way to get DHCPv6 hostnames with pfSense is with client self-registration using dynamic DNS. Unfortunately the ISC DHCPv6 server (used by FreeBSD, and thus pfSense) does not track hostnames for IPv6 leases, like it does for IPv4.

I've never implemented such DDNS self-registration, so can't say for certain, but as long as your 10.0.0.1 device is running an authoritative DNS Server, like BIND, that sounds relatively correct what you've done. Of course, there's likely configuration needed on the DNS server side to accept the DDNS data from the clients.

As far as SLAAC goes...

SLAAC is completely stateless. It's fully on the client to determine the IPv6 address it will use, and to make sure it's not in use before using it. There is no definitive list of what addresses are being used. The closest list available is the Diagnostics > NDP Table list, which is a list of all IPv6 addresses found through network discovery. No hostnames are included on the list (though MAC addresses are included), and if you do use DHCPv6, those addresses will also appear on the list, since it's ALL IPv6 addresses discovered on the network(s).

As far as a "consistent" address with SLAAC... if you don't want a SLAAC address to change, you need to disable privacy extensions on each client device. Windows, MacOS, and many Linux distros have privacy extensions enabled by default, so the host portion of the IPv6 address will change on a relatively regular interval (often at least once a day). It's possible to disable privacy extensions in all three of those operating systems, but not so much in Apple's iOS devices. I don't think Android allows disabling them either. With privacy extensions disabled, the address will usually be generated based on the MAC address of the interface. Do be aware that this can easily enable tracking across networks, since in theory your MAC address is unique to your device, so no one else will have it.

JKnott

@virgiliomi said in Understanding how to get hostnames in IPv6 leases:

s far as a "consistent" address with SLAAC... if you don't want a SLAAC address to change, you need to disable privacy extensions on each client device.

Regardless of whether privacy addresses are used, you will have one consistent address, either MAC or random number based. On my Linux system it's MAC based. On Windows 10, it was random number, which I changed to MAC. You only use the consistent address for DNS, as the privacy addresses only last for a week and you'll have up to 7 of them.

Gooberpatrol66

And if I have an ethernet bond and use SLAAC then the address of the bond will remain consistent?

JKnott

@Gooberpatrol66

What do you mean by "ethernet bond"? When you get an IPv6 address with SLAAC you will get at least a consistent address.

Gooberpatrol66

LACP Link aggregation

Bob.Dig

@virgiliomi said in Understanding how to get hostnames in IPv6 leases:

Unfortunately the ISC DHCPv6 server (used by FreeBSD, and thus pfSense) does not track hostnames for IPv6 leases, like it does for IPv4.

At least Static DHCP > Register DHCP static mappings in the DNS Resolver in Unbound does work for the DHCPv6 Server & RA too, for Static Mappings and the Hostname defined there. But often it takes a little bit longer.