How to set up DNSmasq (or Kea if needed) such that some devices will have a static IPv6 address?
I want most of my devices to use SLAAC (possibly with privacy extension), but for some I want them to have stable static addresses, so that I can register them with a dynamic DNS client. It doesn't matter if they have SLAAC addresses as well.
I could achieve this via DHCP ranges ::1000 ~ ::2000, but that makes all the devices DHCPv6 (Managed).
If I use :: as range, the leases are not offer to the devices, as the M bit in Router Advertisement is 0. Even if I explicitly enable DHCPv6 solicitation in clients, the router does not respond with a reply, even though static leases are present.
Is it possible to somehow only make only those devices do DHCPv6?
Or can I not offer addresses in DHCPv6 except for those devices?
You don't need DHCPv6 for that. SLAAC addresses are static, too. Devices may create temporary privacy addresses for outbound connections, but the primary SLAAC address uses a static interface identifier and is always available for inbound connections.
If your prefix changes, you can still use Dynamic DNS. The OPNsense DynDNS client allows combining a dynamic prefix with a static interface identifier.
Cheers
Maurice
Quote from: Maurice on February 15, 2026, 09:52:49 PMSLAAC addresses are static, too.
...
The OPNsense DynDNS client allows combining a dynamic prefix with a static interface identifier.
I see, indeed! (Turns out what I meant was stable-privacy (https://www.networkmanager.dev/docs/api/latest/settings-ipv6.html) but it's stable as well.)
I found the token (https://www.freedesktop.org/software/systemd/man/latest/systemd.network.html#static:ADDRESS) option in systemd-networkd which lets SLAAC produce the simple static address I wanted.
Though I still prefer if there is a way to do this in OPNsense, so that these configurations are all in one place.