DynDNS not IPv6 capable?



  • Just tried to push the IPv6 address of my WAN tunnel out through DynDNS, but in the status page for DynDNS, instead of an IPv6 address, it just shows N/A.

    When I switch back to an IPv4 interface, it works just fine.

    Bug? or is there no support for IPv6 in the DynDNS protocol?


  • Rebel Alliance Developer Netgate

    http://redmine.pfsense.org/issues/1825

    We have yet to see a provider that supports it generally. Though he.net's DNS does support it, it requires directing DNS for an entire domain there, not exactly simple to setup/test.



  • DynDNS allows you to manually enter a IPv6 Address. For this to really work right, you would have to have a client on every machine I would think. Unless pfSense would have an interface that would allow you to enter the IPv6 address. Since i'musing HE.NET, let say pfSense updated DynDNS, wouldn't it update the LAN or the WAN IPv6 address? Since my Web server is behind pfsense and has its own IPv6 address I statically assign, I manually entered the IPv6 address on DynDNS host page…

    Maybe i've looking at this wrong, just my thoughts.


  • Rebel Alliance Developer Netgate

    Yeah that's another problem - It would mean the IP on whatever interface you have selected for the DynDNS entry really, same as now, but it would only help for the firewall's external IP on that segment.

    It's certainly not as useful as IPv4, but it's also not quite as necessary in many cases.



  • Well, not like I urgently need it. I have a pure IPv4 transport over which two tunnels (one for IPv4 and one for IPv6) route my entire traffic, whereby the tunneled address space is static and public.

    So I really at this point, only need IPv4 DynDNS, because that's what's used to bring the tunnels up, over which in the end all traffic flows.

    However, going forward, there may be a point when the ISP decides to dish out IPv6 addresses, and then the situation changes, and there will be some urgency, unless they then decide to switch to static addresses.
    In essence, it's all a question of how much of this dynamic address allocation over DHCP crap continues as IPv6 starts to spread. Obviously, there's no need for it, but ISPs may do it anyway, to force people to pay for "business grade" service if they want/need a fixed IP address.

    Right now, all I wanted to do was to create a host name entry that returns an AAAA record, so I could reach/test the web configurator over a forced IPv6 connection, because trying to access it with the IPv6 address fails, likely because of the vhosts thing running, and it doesn't know where it should direct IP address requests to, or something like that.



  • We'll support it as soon as the providers support it, they're the ones that need a push at this point.

    Though things will be a different world with IPv6 dyndns registration, unless you're looking to access the firewall itself, you're going to end up running dyndns clients directly on the clients so they can update their own IPs.


  • Rebel Alliance Developer Netgate

    FYI- Firefox has a bug where it will not connect to HTTPS on a IPv6 by IP, it must be by hostname. It will toss a cert error. You might be hitting that also.

    However, Chrome and others work fine.



  • @jimp:

    FYI- Firefox has a bug where it will not connect to HTTPS on a IPv6 by IP, it must be by hostname. It will toss a cert error. You might be hitting that also.

    However, Chrome and others work fine.

    I get a 404 not found error when accessing by IP, but as I said, I have both web configurator and a vhost web site on the same IP address, just different port.


  • Rebel Alliance Developer Netgate

    Ah, then it could be that. Last time I tried, I just got the SSL error.



  • @jimp:

    Ah, then it could be that. Last time I tried, I just got the SSL error.

    i still get that error, where you can't add the exception.. happen earlier today as this post got me playing with my dyndns account.

    Have you tried to manually update your account with an IPv6 address? Make sure your Ipv6WAN has what ever port your using open or you get blocked


Locked