OPNsense Forum
Archive => 21.1 Legacy Series => Topic started by: doop on July 11, 2021, 03:30:11 pm
-
Hi folks!
I'm setting up OPNsense for the first time with pi-hole (running on a different machine) as my DNS server. So far, I have everything working smoothly with IPv4, but setting things up with IPv6 as well is a bit of a mystery to me.
What I'd like to do is something very similar to my IPv4 setup, where my pi-hole machine gets a fixed address in its DHCP lease, then OPNsense hands that address out as the DNS server address for all IPv6 queries.
OPNsense is able to get a delegated range of addresses from my ISP.
I've figured out how to advertise the pi-hole machine's IPv6 address (which, confusingly, is not within the delegated range) as the IPv6 DNS server. However, I can't get any machine on my network to lease an IPv6 address from OPNsense.
How do I (a) assign the pi-hole machine an address within the delegated range I've pulled from the ISP, and (b) have OPNsense hand out IPv6 leases within the same delegated range?
Any help would be greatly appreciated!
Please let me know if you need more information to help solve this issue.
Thank you very much in advance!
- doop -
-
There's no particular need for the pi-hole to be configured in IPv6, when properly configured it will server both IPv4 and IPv6 replies even if only working on a IPv4 IP.
-
All right...still, how do I get OPNsense to hand out IPv6 addresses within my delegated range?
-
I haven't seen a solution spelled out to assigning the pihole host an ipv6 address from the ISP assigned range. I get by using the link-local address from the pihole host but that only works on the subnet it's on. Since my primary LAN is the only segment I have ipv6 enabled on, it works for my situation.
Edit: OP - You're asking about using pihole as being a DHCPv6 server? On that topic, I don't use pihole for any dhcp since I have LAN/VLAN and I think it's just easier to let OPNsense handle that functionality. I also don't use a dhcpv6 server, I use SLAAC (unmanaged option in Services | Router Advertisements; note you have to enable manual configuration for the interface/ipv6).
-
I just use SLAAC on all my VLANs, both for GUAs and ULAs. The pihole generates IPv6 IPs in the same way as any other host. The pihole IPv6 ULA is included as a DNS server IP in OPNsense, along with the IPv4 address. Firewall rules allow all VLANs access to the pihole IPs.
-
I grabbed the link local address for my pihole (starts with fe) and configure the DHCP6 server to hand out that as the DNS server.
Set the " Use the DNS settings of the DHCPv6 server" in the Router Advertisements.
Make sure to set pihole to listen on all interfaces, and away you go.