I know this issue has been raised many times by others, but my debug log seems to be very different to all the others that I've read about. I scanned over it quickly and didn't notice anything obvious, but I'm not a networking expert by any means so any advice would be appreciated.
I'd also like to know why seven different IPv6 addresses are listed, only one of which matches the address in /etc/pihole/setupVars.conf. Especially since I don't even have IPv6 enabled on my router!
I can still access the admin console via the Pi's IP address, so this isn't really an urgent issue, but it would be nice to know why the hostname doesn't work when it seemingly should. MTIA!
First of all, it may soothe to know that it is perfectly normal that a network interface gets assigned multiple IPv6 addresses.
An IPv6 address in your home network falls into one of three different ranges:
range
description
visibility
fe80::/10
link-local
private network, same network segment only
fd00::/8
Unique Local Address (ULA)
private network, potentially all local segments
2000::/3
global unicast
all networks - public Internet and private network
Now, let's take a detailed look how that relates to your debug log (click for more)
IPv6 relies heavily on autonomous configuration of IP addresses through a device (rather than through a central instance). To that end, a device calculates a NIC's IPv6 address based on its MAC address.
Your debug log lists two of these addresses, as recognisable by their characteristic ff:fe codes spanning the sixth and seventh four digit hex block, out of 8 such blocks that define a 128bit IPv6 address.
As a MAC address is designed to be globally unique and normally doesn't change, it is considered sensitive data.
This gave rise to alternate calculation methods to hide the MAC address from prying eyes, most prominently stable private addresses for local network usage and Privacy Extensions for public network communications.
This makes it somehow difficult to tell which is which in your debug log, but I think it's safe to assume your link-local fe80: was calculated as a stable private address, while at least one global 2001: was using Privacy Extensions.
Edit: Since you've disabled IPv6 on your router, all of your global addresses should expire and vanish soon, regardless whether they are Privacy Extensions or not.
Contrary to a stable private address, a Privacy Extension address is strictly temporary and only ever valid for a limited period (commonly 24 hours). After it expires, a device will calculate a new address and only use that to initiate outgoing connections, but it may keep older addresses for a short period in case it still receives incoming traffic for the older address.
You can't tell by the debug log output, but a temporary address will be labeled as such when consulting ip address show for address details.
As several IPv6 addresses are listed for ULA and global scopes, I'd deduce that you (or your OS) have enabled privacy extensions.
So to sum it all up:
Your debug log looks normal.
Nothing strange happening in your network.
Whoaaaaa...thanks for totally overloading my feeble brain with technical jargon, about 5% of which made sense to me LOL. I completed a basic "Networking 101" style class for my B.Comp.Sci degree, but that was 6 or 7 years ago, and I only just barely passed (literally, my final scaled score for all assessments was bang on 50% LOL).
Having said that, it's good to know that nothing "bad" is going on per-se...but it still confuses me that disabling IPv6 in my router hasn't completely obliterated the entire concept of IPv6 addresses from my LAN.
Oh well, I guess it doesn't really matter...as long as my devices can talk to one another and the Internet, which they can And the problem that I initially posted here about was fixed by a simple browser cache flush LOL.
That won't disable link-local and ULA addresses, but you should see the global addresses expire at some stage.
Otherwise, you should revisit how to disable IPv6 on your router.
Because the people that came up with IPv6 didn't think to ask if they should, just did it because they could.
(My Bachelors is in Network Engineering and I held Cisco certs, I don't use IPv6 for home networking. Way to easy to expose your clients to the internet at large.)
But basically if the IPv6 starts with f then it's not going to leave your LAN without a router relaying it, similar to IPv4 NAT. https://ipv6-test.com will tell you if your client is using IPv6. Unless you know you have to have it then it's better to just turn it off completely. You don't need it for a LAN.
Good to know that my hatred of IPv6 is not unwarranted! Thanks for posting this!
Exactly what I thought! Thanks again for confirming my limited knowledge on the subject.
Hmm, it seems as though you're correct since
And that test confirms that my client is not using IPv6 on the WAN interface, but is still using it on the LAN. So I'll have to reconsult The Oracle to help me disable it there.