Adding IPv6 DNS resolution to Amahi 7

[PatrickDickey]

Has anyone had any success in this at all? I have a dual-stack network set up (using Tunnelbroker to get my IPv6 addresses), and want to add native IPv6 DNS resolution to the mix.

So my questions are has anyone done this yet?
Is it a simple matter of adding the IPv6 DNS addresses to /etc/resolv.conf and /etc/dnsmasq.conf?
Do I need to add my server's IPv6 address to both files also (I figure yes, to /etc/resolv.conf)?

I'm adding my current ifconfig, /etc/resolv.conf, and the config files from /etc/dnsmasq, along with the IPv6 addresses for the OpenDNS servers, so anyone with ideas can chime in.

OpenDNS IPv6 DNS Servers:

2620:0:ccc::2
2620:0:ccd::2

ifconfig:

Code: Select all

[root@localhost etc]# ifconfig lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 0 (Local Loopback) RX packets 12911 bytes 2071378 (1.9 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 12911 bytes 2071378 (1.9 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 p4p1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.2.99 netmask 255.255.255.0 broadcast 192.168.2.255 inet6 fe80::2e0:4cff:fe8f:a56f prefixlen 64 scopeid 0x20<link> inet6 2001:470:...:2e0:4cff:fe8f:a56f prefixlen 64 scopeid 0x0<global> ether 00:e0:4c:8f:a5:6f txqueuelen 1000 (Ethernet) RX packets 46766 bytes 16184935 (15.4 MiB) RX errors 0 dropped 1546 overruns 0 frame 0 TX packets 25907 bytes 2777953 (2.6 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

amahi-common.conf

Code: Select all

[root@localhost dnsmasq.d]# cat amahi-common.conf # WARNING: Automatically generated by hda-ctl on 2013-09-29 19:03:16 # Use /etc/hdactl.conf for defaults and add any customizations at the very end of /etc/dnsmasq.conf # common configuration no-resolv no-poll domain-needed bogus-priv expand-hosts localise-queries

amahi-dhcp.conf

Code: Select all

[root@localhost dnsmasq.d]# cat amahi-dhcp.conf # WARNING: Automatically generated by hda-ctl on 2013-09-29 19:03:16 # Use /etc/hdactl.conf for defaults and add any customizations at the very end of /etc/dnsmasq.conf # DHCP configuration dhcp-authoritative dhcp-range=192.168.2.100,192.168.2.254,255.255.255.0,14400 dhcp-option=option:netmask,255.255.255.0 dhcp-option=option:time-offset,-18000 dhcp-option=option:router,192.168.2.1 dhcp-option=option:dns-server,192.168.2.99,192.168.2.99 dhcp-host=00:e6:4c:88:25:7e,192.168.2.5,dcky-mythbuntu,14400

amahi-dnsmasq.conf

Code: Select all

[root@localhost dnsmasq.d]# cat amahi-dns.conf # WARNING: Automatically generated by hda-ctl on 2013-09-29 19:03:16 # Use /etc/hdactl.conf for defaults and add any customizations at the very end of /etc/dnsmasq.conf # DNS configuration server=208.67.222.222 server=208.67.220.220 domain=local.lan ptr-record=99.2.168.192.in-addr.arpa,hda.local.lan address=/hda/hda.local.lan/192.168.2.99 address=/search/search.local.lan/192.168.2.99 address=/setup/setup.local.lan/192.168.2.99 address=/calendar/calendar.local.lan/192.168.2.99 address=/help/help.local.lan/192.168.2.99 ptr-record=1.2.168.192.in-addr.arpa,router.local.lan address=/router/router.local.lan/192.168.2.1 address=/dcky-mythbuntu/dcky-mythbuntu.local.lan/192.168.2.5

/etc/dnsmasq.conf (snipped down to only the portions that are uncommented, or that I think apply here)

Code: Select all

# Configuration file for dnsmasq. # # Format is one option per line, legal options are the same # as the long options legal on the command line. See # "/usr/sbin/dnsmasq --help" or "man 8 dnsmasq" for details. # Send DHCPv6 option. Note [] around IPv6 addresses. #dhcp-option=option6:dns-server,[1234::77],[1234::88] # Send DHCPv6 option for namservers as the machine running # dnsmasq and another. #dhcp-option=option6:dns-server,[::],[1234::88] # Include another lot of configuration options. #conf-file=/etc/dnsmasq.more.conf conf-dir=/etc/dnsmasq.d

/etc/hdactl.conf doesn't exist (not sure if this is a bug or not needed at all).

In glancing through the /etc/dnsmasq.conf file, I wonder if I don't need to add those entries somewhere in there, and uncomment the line(s) that refer to IPv6. Also one site that I'm looking at (for configuring dnsmasq with IPv6 resolution) shows the IP Addresses added to the resolv.conf file (where mine only has two that point to my server). So my question is, if hda-ctl is generating the dns.conf file and it's automatically adding in the external servers for OpenDNS, where is it getting these from (because that is probably where I need to add the addresses to)?

Any assistance in this will be greatly appreciated. My ultimate hope is to be able to completely pass the tests at http://www.test-ipv6.com

My current results at the site are

Code: Select all

Your IPv4 address on the public Internet appears to be 67.7.31.48 (ASN-QWEST-US NOVARTIS-DMZ-US) Your IPv6 address on the public Internet appears to be 2001:470:1f11:830:f49b:956b:fcb0:18f2 (HURRICANE - Hurricane Electric, Inc.) Since you have IPv6, we are including a tab that shows how well you can reach other IPv6 sites. [more info] It appears that you use a tunnel mechanism for either IPv4 or IPv6. Good news! Your current configuration will continue to work as web sites enable IPv6. Your DNS server (possibly run by your ISP) appears to have no access to the IPv6 Internet, or is not configured to use it. This may in the future restrict your ability to reach IPv6-only sites. [more info]

The last line is the one that I'm trying to fix.

Have a great day.
Patrick.

[PatrickDickey]

In the /etc/dnsmasq.conf file, I see these lines:

Code: Select all

# Send DHCPv6 option. Note [] around IPv6 addresses. #dhcp-option=option6:dns-server,[1234::77],[1234::88] # Send DHCPv6 option for namservers as the machine running # dnsmasq and another. #dhcp-option=option6:dns-server,[::],[1234::88]

I'm wondering if I need to uncomment these, and put the OpenDNS addresses here (along with the IPv6 address of my hda).

Edit with additional information, and with possible things to try

I found that in the hda-ctl script, the OpenDNS servers are specified. Specifically they are here (line numbers are on the left side)

Code: Select all

[root@localhost dnsmasq.d]# cat /usr/bin/hda-ctl | grep -n 208.67 270: return ("208.67.222.222", "208.67.220.220"); 274: return ("208.67.222.222", "208.67.220.220"); 768: printf $dhcpd "\toption domain-name-servers %s, %s;\n", $dns1, "208.67.222.222";

So now my question is, going on the assumption that I shouldn't add the IPv6 DNS entries in this script (as it's probably overwritten on updates), do I need to add them somewhere in /etc/dnsmasq.conf or in /etc/resolv.conf? (I'm leaning towards somewhere in /etc/dnsmasq.conf myself)

Have a great day.
Patrick.

[PatrickDickey]

Ok, an update on this...

I added two server= lines at the end of my /etc/dnsmasq.conf file (per the comments inside of amahi-dns.conf and per a discussion on the dnsmasq mailing list). I restarted both the hdactl service and dnsmasq service then rebooted (just to make sure). When I check amahi-dns.conf, the servers don't appear there at all. So my assumption is that they are hard-coded inside of hda-ctl (as I found the OpenDNS servers listed in that file), and that it really doesn't read the dnsmasq.conf file.

My next step will be to add my IPv6 address (for my server) to it's /etc/resolv.conf file. Then I'll try restarting the services/rebooting again. If that doesn't work, then I'll try adding the IPv6 DNS Servers into the hda-ctl script (in the lines that contain the IPv4 DNS server information). Hopefully that will work--although the next time the hda-ctl script is updated, I'll lose those servers again.

I'll post back with whatever works. Unless someone else has suggestions, this will basically become my guide for how to get this working.

Have a great day.
Patrick.

P.S. for anyone asking why, it's simple. Because I can. Because the servers should be there (for people who have IPv6 addresses). And finally because if I ever lose (or turn off) IPv4 connectivity, at least I'll still be able to surf SOME websites.

[bigfoot65]

Thanks for the update. Once you get it sorted out, please add some guidance to the wiki. We would greatly appreciate it

[PatrickDickey]

So, what I did to make sure everything works is this: I ran the amahi-change-dns script, and put in the two IPv6 DNS Servers. Then I rebooted everything to make sure that they all are using my server for DNS. I can surf and ping both IPv4 and IPv6 sites.

Now, I wonder if it would be a good suggestion to change the External DNS Servers from the 208.67.222.222 and 208.67.220.220 that OpenDNS uses for IPv4 to their IPv6 servers that I listed in the original post (inside of the amahi-ctl script I mean). This would accomplish two things (three if you want to look at it in a different way). First, it would make Amahi useable for those persons who are either in IPv4/IPv6 dual-stack or are only receiving IPv6 addresses from their Internet Providers. Second, it would future-proof Amahi for the time when most (if not all) ISP's start giving out IPv6 addresses.

For the record, here are the results from the tests at http://www.test-ipv6.com now:

Code: Select all

Your IPv4 address on the public Internet appears to be 67....48 (ASN-QWEST-US NOVARTIS-DMZ-US) Your IPv6 address on the public Internet appears to be 2001:...:830:15c1:90d0:33eb:4a5d (HURRICANE - Hurricane Electric, Inc.) Since you have IPv6, we are including a tab that shows how well you can reach other IPv6 sites. [more info] It appears that you use a tunnel mechanism for either IPv4 or IPv6. Good news! Your current configuration will continue to work as web sites enable IPv6. Your DNS server (possibly run by your ISP) appears to have IPv6 Internet access. Your readiness score 10/10 for your IPv6 stability and readiness, when publishers are forced to go IPv6 only Click to see test data

(I've altered the IP addresses for security purposes)

I haven't tried altering the hda-ctl script at all, but from a grep for "208.", I found three lines that would need to be changed (270, 274, and possibly 768).

It would also need to be changed in the hda-install script

These are all of the lines which refer to the current OpenDNS addresses:

Code: Select all

hda-ctl:270: return ("208.67.222.222", "208.67.220.220"); hda-ctl:274: return ("208.67.222.222", "208.67.220.220"); hda-ctl:768: printf $dhcpd "\toption domain-name-servers %s, %s;\n", $dns1, "208.67.222.222"; hda-install:1005: dns1 = '208.67.222.222' hda-install:1006: dns2 = '208.67.220.220'

If you want me to, I can submit this as a feature request. As for updating the wiki, I don't think there's enough information here to warrant that. It would simply be run hda-change-dns with the IPv6 addresses that you want to use. You won't need to change your internal setup at all, as they'll still point to your server.

Thanks, and have a great day.
Patrick.

[bigfoot65]

Please do a feature request. As for the wiki, maybe a small tutorial that would guide a new user through the process. Keep in mind that many users are inexperienced.

[jaybea]

This is great information, so thanks for your work in pulling it together. I have had a IPv6 allocation for several years but I have not been able to use it because of DNS issues related to IPv6 and Amahi.

I am planning to upgrade to Amahi 7 soon, and when I do, I will follow your guidance for IPv6.

[PatrickDickey]

This is great information, so thanks for your work in pulling it together. I have had a IPv6 allocation for several years but I have not been able to use it because of DNS issues related to IPv6 and Amahi.

I am planning to upgrade to Amahi 7 soon, and when I do, I will follow your guidance for IPv6.

Hi Jaybea,

When you upgrade to Amahi 7 and you go into the Setup tab on the dashboard, you have an option in there to change your DNS Servers also. Click on Network --> Settings and then change the DNS dropdown to "Custom DNS" and enter your IPv6 addresses in there, then click "Update DNS IPs". You may have to restart everything afterwards to make sure it takes. I haven't tried this method, as I didn't see it until afterwards.

Have a great day.
Patrick.

[CobaltPhoenix]

This is great information, so thanks for your work in pulling it together. I have had a IPv6 allocation for several years but I have not been able to use it because of DNS issues related to IPv6 and Amahi.

I am planning to upgrade to Amahi 7 soon, and when I do, I will follow your guidance for IPv6.

Hi Jaybea,

When you upgrade to Amahi 7 and you go into the Setup tab on the dashboard, you have an option in there to change your DNS Servers also. Click on Network --> Settings and then change the DNS dropdown to "Custom DNS" and enter your IPv6 addresses in there, then click "Update DNS IPs". You may have to restart everything afterwards to make sure it takes. I haven't tried this method, as I didn't see it until afterwards.

Have a great day.
Patrick.

As a heads up, I tried to do this and it didn't work. It resulted in "Format of DNS IP Secondary is wrong"

I tried using IPv6 address in all combinations of primary and secondary, using both IPv6 and IPv4 address, and only IPv6 addresses, it kicked it back every time. No go on that idea.

[PatrickDickey]

This is great information, so thanks for your work in pulling it together. I have had a IPv6 allocation for several years but I have not been able to use it because of DNS issues related to IPv6 and Amahi.

I am planning to upgrade to Amahi 7 soon, and when I do, I will follow your guidance for IPv6.

Hi Jaybea,

When you upgrade to Amahi 7 and you go into the Setup tab on the dashboard, you have an option in there to change your DNS Servers also. Click on Network --> Settings and then change the DNS dropdown to "Custom DNS" and enter your IPv6 addresses in there, then click "Update DNS IPs". You may have to restart everything afterwards to make sure it takes. I haven't tried this method, as I didn't see it until afterwards.

Have a great day.
Patrick.

As a heads up, I tried to do this and it didn't work. It resulted in "Format of DNS IP Secondary is wrong"

I tried using IPv6 address in all combinations of primary and secondary, using both IPv6 and IPv4 address, and only IPv6 addresses, it kicked it back every time. No go on that idea.

Yep, I'm running into the issue about the Format being wrong also. For some strange reason, my Amahi went back to using the default (Open DNS IPv4) addresses. I think it was in an update to the amahi hda files. I'll have to go back and redo it via the command line again.

Personally, this is why I suggested (and created an issue in the tracker) that they use the IPv6 addresses by default. Those addresses will still work, even if you don't have an IPv6 network set up, and it doesn't "break" our installations when they push updates.

Have a great day.
Patrick.