Local network IPv6 addresses

Mark Andrews marka at isc.org
Mon Sep 4 03:00:30 UTC 2023 

Just use dynamic DNS to add the addresses to the DNS.  RFC 2136 with
RFC 2931 (SIG(0)) or RFC 2845 (TSIG).

zone example.com {
	type primary;
	update-policy {
		grant * self * ANY;             // For the node to update it’s own records.
		grant admin-key subzone * ANY;  // For adding the initial KEY records.
	};
};

Add public key using KEY record at the node’s name for SIG(0) or use
a TSIG key with the node’s name.

For reverse zone use TCP as the authenticator by forcing the update to
come from the address that matches the PTR record to be updated.

zone 0.0.0.0.0.0.0.0.8.b.8.0.1.0.0.2.ip6.arpa {
	type primary;
	update-policy {
		grant * tcp-self . PTR(1).
	};
	...
};
  
> On 4 Sep 2023, at 04:30, Marco <mo01 at posteo.de> wrote:
> 
> Am 03.09.2023 um 18:36:53 Uhr schrieb Alessandro Vesely:
> 
>> DHCP server has options to insert leased addresses in a dynamic zone.
>> That works for IPv4.  PCs connected to the LAN somehow discover the
>> gateway has a routable IPv6 address and self-assign an address in
>> that range, besides the fe80:: thing, without talking to a DHCP
>> server.
>> 
>> Is there a method to get those addresses into the DNS?
> 
> This is the SLAAC - it doesn't use DHCPv6.
> No domain name will be assigned by this method, so I see no reason for
> DNS.

Why do you think you need to use DHCP to assign a domain name?  Doing that
with the DHCPv4 server was just a matter of convenience rather than setting
the domain name when the machine was commissioned as you only had to read
the ethernet address on the side of the box and add a entry in the DHCP server
for it.  Doing the DNS updates from the DHCP server also has the convenience
that you only had to deal with authentication between 2 entities rather than
hundreds or thousands.

A lot of this also comes from not having enough address to give every machine
its own public addresses.  If you are behind a NAT you don’t have a public
address so you don’t have the ability to have a presence in the public DNS.
IPv6 corrects this.

> You can configure your router to advertise the prefix without the A
> flag, so no SLAAC happens.
> YOu need then to configure a DHCPv6. Then it should me possible to pass
> the lease information into a dynamic DNS zone.
> -- 
> Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
> 
> ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.
> 
> 
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742              INTERNET: marka at isc.org

More information about the bind-users mailing list