Static IPv6 for router

[kingamajick]

I currently have a proxmox cluster and I would like use unbound as my dns server which is running on OPNSense.

For ipv4, I can simply set the ip address of the router (in this case 192.168.1.1) and it works perfectly, however I don't know how I can do this with ipv6 as first /56 of the address is dynamic is given to me by the isp.

Whats the correct way to handle this. Is there way to give the LAN side a well know ipv6 address which I can configure in proxmox as the ipv6 dns server? (Possibly a UAC?)

Apologies I'm pretty new to use IPv6 so this may be kinda a daft question

[Patrick M. Hausen]

There is no real need to perform DNS over IPv6 if you run dual stack for all your hosts. IPv6 addresses can still be resolved over IPv4.

[dseven]

It's a reasonable question!

I think you could just create a loopback interface and give it a static IPv6 ULA, and point to that in any static DNS client config. From a quick test, it seems to work for me.

Another possible approach would be to use a ULA prefix for your LAN, and use NPTv6 to map this to a /64 from your delegated /56 dynamically. If you intend to run any services on your LAN and want to be able to give them static v6 addresses, it would work for that too...

[kingamajick]

There is no real need to perform DNS over IPv6 if you run dual stack for all your hosts. IPv6 addresses can still be resolved over IPv4.

It's possible that something is broken in my Proxmox configuration then (when I try to run Proxmox Helper Scripts I have to specify wget to use ipv4 as otherwise it just hangs). I can see this if I try to dig using the -6 flag

root@pve01:~# dig www.google.com

; <<>> DiG 9.18.28-1~deb12u2-Debian <<>> www.google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61643
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;www.google.com.                        IN      A

;; ANSWER SECTION:
www.google.com.         203     IN      A       142.250.200.36

;; Query time: 0 msec
;; SERVER: 192.168.1.1#53(192.168.1.1) (UDP)
;; WHEN: Wed Oct 23 16:40:18 BST 2024
;; MSG SIZE  rcvd: 59

root@pve01:~# dig -6 www.google.com
;; communications error to ::1#53: connection refused
;; communications error to ::1#53: connection refused
;; communications error to ::1#53: connection refused

; <<>> DiG 9.18.28-1~deb12u2-Debian <<>> -6 www.google.com
;; global options: +cmd
;; no servers could be reached

root@pve01:~#

[kingamajick]

I think you could just create a loopback interface and give it a static IPv6 ULA, and point to that in any static DNS client config. From a quick test, it seems to work for me.

Hopefully the follow up is as reasonable, how would I do this?

[Patrick M. Hausen]

"dig -6" means dig over IPv6.

To ask for the IPv6 address instead (over IPv4) you need to use "dig www.google.com aaaa".

[kingamajick]

"dig -6" means dig over IPv6.

To ask for the IPv6 address instead (over IPv4) you need to use "dig www.google.com aaaa".

Ah thanks for pointing that out, dig'in the aaaa record works fine (https://forum.proxmox.com/threads/strange-behavior-on-a-single-node-hanging-on-proxmox-helper-scripts-execution.145461/ this was the ipv6 issue with wget I was talking about, but I guess that's a proxmox question :) )

[dseven]

I think you could just create a loopback interface and give it a static IPv6 ULA, and point to that in any static DNS client config. From a quick test, it seems to work for me.

Hopefully the follow up is as reasonable, how would I do this?

Incase you still want to try it.... Interfaces -> Other Types -> Loopback, click '+", give it a description, then Interfaces -> Assignments, assign it, edit it, set IPv6 Configuration Type to Static, and give it a ULA, which should start with 'fd' - e.g. I  used fdd7::1/128 for testing.