Pi-hole IPv6 Setup Questions

jst68 · October 7, 2020, 8:16pm

I am trying to setup IPv6 with Pi-hole. I already have a working local network. It is a dual stack environment and local clients can access IPv6 web pages just fine. However, IPv6 users are using gateway DNS instead of Pi-hole.

I am basically stuck with the following two questions:

How to assign a static IPv6 address to my Pi-hole appliance?
The Pi-hole appliance currently gets a DHCP IPv6 address from the gateway, but I would need a local static address update DHCPv6 on the local network for other clients.
Can I just increase the starting address of the DHCPv6 server and then use the "skipped" addresses for static devices?
Upstream Servers
I am using a custom IPv4 server that doesn't support IPv6.
Can Pi-hole use the IPv4 upstream server for IPv6 DNS queries or do I have to provide a working IPv6 upstream server? If I have to use a working IPv6 server for this to work, can I use a custom IPv4 server and a public IPv6 server in combination?

Any help is appreciated!

jfb · October 7, 2020, 8:40pm

An IPv4 DNS address can resolve AAAA entries. Example using a local instance of unbound configured for IPv4 only, on an IPv4 LAN.

dig -t AAAA cnn.com +short @127.0.0.1 -p5335
2a04:4e42:600::323
2a04:4e42:200::323
2a04:4e42:400::323
2a04:4e42::323

jst68 · October 7, 2020, 8:52pm

@jfb Thank you for answering my second question!

I think I will go ahead and just try my assumption on the first one.

jst68 · October 7, 2020, 9:11pm

My idea for the first question seems to work just fine. I basically changed the starting DHCP IPv6 address in the gateway from ::2 to ::80. With the gateway being at ::1 that give me 126 static IPv6 addresses on my local network. More than enough!

Then I updated the configuration on the Pi-hole appliance to static IPv6 using one of the local IPv6 addresses and rebooted the appliance. Worked as expected!

Only one odd thing. I was expecting that the Pi-hole Settings -> System tab would now show an IP address for "Pi-hole IPv6 address", but it doesn't.

Do I need to do anything else for Pi-hole to pickup the IPv6 address of the local machine?

Bucking_Horn · October 7, 2020, 10:04pm

To make Pi-hole aware of your changed network environment, you'd normally run

pihole -r

and choose Reconfigure.

As you've already manually configured your Pi-hole machine's network, manually changing your Pi-hole's IPv6 address in /etc/pihole/setupVars.conf and executing pihole restartdns may suffice in your case.

Also, what's the output for the following command when run from your Pi-hole machine:

ip -6 address show

jst68 · October 7, 2020, 10:29pm

@Bucking_Horn
Yes, that did the trick! Pi-hole now recognizes the IPv6 address and shows it in Settings -> System.

ip -6 address show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 state UNKNOWN qlen 1000
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
5: enp5s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
    inet6 2600:<redacted>::6/64 scope global noprefixroute
       valid_lft forever preferred_lft forever
    inet6 fe80::8a71:ed38:1e9f:b801/64 scope link noprefixroute
       valid_lft forever preferred_lft forever

It seems that everything for IPv6 is now in working order.

Now, I just need to solve my problem with Local DNS Records (separate post).

Thank you for everybody's help! It is appreciated.

Bucking_Horn · October 7, 2020, 10:42pm

Since you chose to manually configure a static IP address on your Pi-hole machine, you should be aware that this may shut down access to your Pi-hole if your ISP would change your public IPv6 prefix (2000::/3 range).

In such an event, you'd have to manually change your Pi-hole's IPv6 address to reflect that new prefix.

If your ISP would routinely assign new IPv6 prefixes, it may be worth considering to Use IPv6 ULA addresses for Pi-hole.

jst68 · October 7, 2020, 11:05pm

That sounds very interesting!

It would be nice to have an automated solution, but I am not sure if I can implement this on my UDM-PRO.

Thanks for sharing though. I will definitely read through all the posts and see if I can somehow implement it because I was already somewhat concerned about having to manually upgrade the address in the future.

Just trying to learn some more about IPv6...

Bucking_Horn · October 8, 2020, 3:11pm

Setting up a ULA address as recommended in the linked topic would be a one-time configuration, it doesn't need any further maintenance and wouldn't require any pihole -r unless your Pi-hole's interface identifier would change.

The user-provided script from the same topic aims to periodically update a changed public (or GUA) IPv6 address as an alternative to using a ULA address. This would be appropriate if your router doesn't support ULA configuration.

jst68 · October 8, 2020, 5:07pm

It seems that the UDM-PRO does not have ULA settings at the moment, but I will take a look at the script mentioned.

Thanks!

system · October 29, 2020, 5:07pm

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.