IPv6 address not allowed in DDNS Server IP field



  • These days I've been playing with bind and dynamic dns zones. I tried to enter an IPv6 address in DDNS Server IP field from DHCPV6 server but pfsense threw out the following error:
    "The following input errors were detected:
    A valid primary domain name server IPv4 address must be specified for the dynamic domain name."

    Is there any reason to limit that field to IPv4 only?

    And btw, why the IPv4 DDNS DHCP server doesn't have the DDNS Client Updates field? I think it defaults to "allow client-updates" and there is no way to set deny or ignore client-updates.

    Later edit:
    Almost forgot with the options exposed in gui you cannot instruct dhcpd to update static leases (update-static-leases on). Is there a way to add an custom options field in in dhcp?



  • I've been trying to understand why my reverse v6 dynamic zone doesn't get updated despite having "Add reverse dynamic DNS entries." checked and found out that the reverse v6 zone defined in dhcpdv6.conf doesn't have the key definition so all updates are denied by the dns server. The forward zone doesn't have this problem.

    Here is the relevant part of the dhcpdv6.conf:

    key DHCP_UPDATER {
    	algorithm hmac-md5;
    	secret <secret>;
    }
    zone example.com. {
    	primary 10.0.200.51;
    	key DHCP_UPDATER;
    }
    zone 0.0.1.2.3.4.5.6.7.8.9.a.b.0.c.d.ip6.arpa. {
    	primary 10.0.200.51;
    }
    ddns-update-style interim;</secret>
    

    The "ddns-update-style interim" is hard coded in the config, dhcpd version 4.3.3-P1 supports "ddns-update-style standard" with some nice additions
    https://deepthought.isc.org/article/AA-01091/0/ISC-DHCP-support-for-Standard-DDNS.html
    It would be nice to have a choice between standard and interim in gui.



  • Does it actually work if you put a v6 IP in the conf file? dhcpd used to only support doing those updates via IPv4, which is why that restriction exists. That could have changed in dhcpd v4.3.

    Thanks for the bug report on the other issue. Will get that fixed when time permits (or pull requests welcome).



  • It works only if you define the the the v6 primary with the correct statement. According to https://www.freebsd.org/cgi/man.cgi?query=dhcpd.conf&sektion=5&apropos=0&manpath=FreeBSD+9.0-RELEASE+and+Ports there are different statements for v6 and v4 addresses. The correct statement for v6 is "primary6". Right now pfsense only allows primary statement witch is v4 only.


Log in to reply