IPv6 & DNS registration

Started by iguy, January 02, 2021, 06:12:16 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
January 02, 2021, 06:12:16 PM
I've setup my system with Opnsense 20.7, then updated to 20.7.7 & then did the patch fix for unbound stability issue of 1.13.0_1.   

My external interface is Spectrum linked.  I've setup prefix delegation of a /60 and that appears to be working. 
Internal interface is configured with Track interface.  The configuration type is "DHCPv6" & I've tried "Track Interface" also.   

I'm using unbound DNS with DHCP registration checked. 

All my client machines are getting proper IPv6 addresses and things appear to be working mostly correctly. 

When I configured a new box, it got the proper internal IPv6 address from DHCPv6.   Yet when I do a dig newmachine.home.mine.org or dig aaaa newmachine.home.mine.org it only returns an A record.

The question I have is what do I need to do to be able to have my IPv6 addresses that get assigned out (either via SLAAC or DHCPv6) to be registered as AAAA addresses in DNS?

What am I missing here? 
January 03, 2021, 09:57:47 AM #1
Run your hosts with multicast DNS. A few of them may already do that. Do a few <hostname>.local lookups from various sources.

What is your use case for widespread name resolution? The need for servers to have A(AAA) records is obvious and they can point to static IP addresses. Are you looking to have records for all your clients?

Bart...
January 04, 2021, 06:02:40 AM #2
I'd like to be able to SSH/RDP to hosts that have dynamic IP assignments and not need to hunt down what the IP is today.   

IPv4 works just fine.   IPv6 is my learning opportunity. 

I don't plan to setup static addresses with IPv6 unless I "have" to and I only do that for catch 22 scenarios such as my storage server, which hosts my DNS system, so for other systems as they come up to mount NFS/SMB mounts, they need to use the IP as DNS might not be up yet in the case of total environment power failure.   Otherwise I use the DNS names for 99% of the things that I do.   

I'd like to be able to use IPv6 with DNS names effectively.   

I haven't heard of multi-cast DNS.  Is there somewhere I can dig into that more that you'd recommend in the meantime?   Is that a pretty common setup for IPv6 internal networks?   Is it supported across most if not all OS? 
January 04, 2021, 09:15:41 AM #3
Quote from: iguy on January 04, 2021, 06:02:40 AM
I haven't heard of multi-cast DNS.  Is there somewhere I can dig into that more that you'd recommend in the meantime?   Is that a pretty common setup for IPv6 internal networks?   Is it supported across most if not all OS?

You'll likely know it by its implementations - avahi, bonjour, zeroconf. https://en.wikipedia.org/wiki/Zero-configuration_networking

Windows has an enterprise equivalent in Active Directory integrated DNS. Member computers register their hostname into DNS when they boot. Windows Server based DHCP servers also register their non-Windows clients in DNS. Although this is more secure than mDNS, it is of course monoculture and paid for.

If you have loads of hosts, you could also consider managing through their underlying infrastructure - hypervisor, cloud orchestration, kubernetes, etc.

Bart...
January 08, 2021, 05:36:35 AM #4
I did a bunch of reading and that's fine.  It isn't DNS though.   Not everything supports that natively today.   

What do we need to do to have it work with the local DNS I have running on opnsense is the goal so it's a single source of truth to manage and consistently maintain versus broadcast traffic approaches of zeroconf?   
Print
Go Up Pages1
User actions