Use IPv6 ULA addresses for Pi-hole

#1

Many users have reported that frequently changing IPv6 addresses cause page load to be slow or even prevent from working at all. The issues can be fixed by updating the IPv6 address in /etc/pihole/setupVars.conf followed by a run of pihole -g.

However, this solution turns out to be very inconvenient since it might be necessary to change the IPv6 address on a regular basis (maybe even multiple times a day). An alternative approach we are currently looking into is the usage of ULA addresses which should not be changing, even though the upstream GUA address may change.

Usually, there exists a setting in the router for enabling ULA addresses in the local network. Examples of how the corresponding settings look like on some routers are posted in this thread. As before, copy the address and replace it in your /etc/pihole/setupVars.conf

Hint: The following code snipet might come in handy

IPV6_ADDRESS=$(ip -6 a | grep 'fc\|fd' | awk -F " " '{gsub("/[0-9]*",""); print $2}')
echo ${IPV6_ADDRESS}
sed -i.setupVars.bak "/IPV6_ADDRESS/d;" "/etc/pihole/setupVars.conf"
echo "IPV6_ADDRESS=${IPV6_ADDRESS}" >> "/etc/pihole/setupVars.conf"
pihole -g
4 Likes

Verstehe IPv6 nicht so ganz
Why do blacklisted domains show IPv4 as "Pi-holed" but not IPv6 in the query log?
3 Tage pihole, naja
Slow / No Web Page Loading
Pi hole with Mac OS X not loading webpages (IPv6)
FritzBox und IPV6
Issues with IPv6 connectivity
Ipv6 in settings ist falsch
Pi Hole, Speedport, IPV6 - ich weiß nicht weiter
Local host querying api.github a lot
Link-Local-IPv6 as default
Why Some Pages Load Slow When Using Pi-hole And How To Fix It (for versions < v4.0)
Pi-hole v3.1 Has Been Released
Merkwürdiges Verhalten von Pi-Hole
Webpages are really slow or even not loading. windows 10, chrome
Deutsche Telekom, IPv6 and AAAA Querries
What is setupVars.conf and how do I use it?
Ipv6 error
Dns server ipv6 address
Blacklist problem
Trouble blacklisting and blocking ads
Pi Hole seems not to block ads although it's active
Blocked https links stall for 20 seconds
Pi-hole not blocking ads
"FTL offline" and "Lost connection to API"
"FTL offline" and "Lost connection to API"
Can't connect to web interface (I have no idea what I'm doing)
Why do some sites take forever to load when using Pi-hole? (for versions < v4.0)
Certain pages won't load in Safari
Pihole is not working - Help
Some websites are failing to load
Websites timing out
Pihole works after restarting dns but stops blocking ads after a few minutes
Temporary failure in name resolution
If you have a firewall enabled on your Pi open port 443 if you get timeouts, it might help
Pi-Hole Not Working (not resolving DNS)
Pi-hole funktioniert nicht
Web Interface not showing any queries
Pi-hole won’t work unless dns service is manually restarted after each boot
FRITZ!Box und mehrere IPv6 Adressen
PiHole randomly stop serving DNS
PiHole Stats increasing and decreasing erratically
Unable to access pihole admin interface
PiHole blockt nicht mehr
Comp missing from top client list (total)
Blocklist Clear
Queries time out - but actually take up to 3 minutes before Pi-hole resolves them
Pihole stops responding after a little while
DHCP Not working (docker)
DHCP Not working (docker)
Probleme mit Blacklist´s unter IPv6
High CPU, High RAM, not working, dnsmasq issues? - Solved
Not able to update to release 4.0
DEBUG not generating log only UI and CLI output: NO token
Unbound: Connnection times out
Hosts + local.list of PIHOLE?
Been having a couple problems on "Installation Complete" and DNS
Pi hole enabled but not blocking ads
Pi hole enabled but not blocking ads
IPv6 and privacy
Pihole blocking 0% of queries
PiHole has 2 ip addresses
HTTPS Slow, all known commands/patches have been applied without success :'(
I'm having trouble with my DNS and I don't know where to start troubleshooting
Why does my IPv6 address disappear after a little while?
More web site slow
Fails loading https sites on iOS
#2

Deutsche Telekom - Speedport W 723V

0 Likes

#3

Deutsche Telekom - Speedport W 724V

0 Likes

split this topic #4

A post was split to a new topic: IPv6 ULA and Fritzbox

0 Likes

Extrem lange Ladezeiten
#5

Fritzbox Cable 6490 (Firmware 6.51) Thanks @Dmx !

This option is also available in the Fritzbox 7490 and @Erdnussknacker suggests that it should be available on all Fritzboxes running FRITZ!OS firmware greater equal version 6.50.

2 Likes

split this topic #6

A post was merged into an existing topic: IPv6 ULA and Fritzbox

0 Likes

#7

So I started getting IPv6 from my ISP recently. And here’s how I got ULA working with pi-hole and pfsense router.
I get IPv6 by DHCP6 on the WAN interface with “Use IPv4 connectivity as parent interface” & “Send IPv6 prefix hint” checked, and a prefix size of 64. On the LAN side it’s set to track-interface (wan).

  1. Set ULA in RA subnet (pfsense)
    In Services > DHCPv6 > RA, under Advertisements, add a subnet fd00:: and prefix /64
    Note: We don’t need DHCPv6 server. It’s disabled by default - it’s ok to leave it as it is.
  2. Set static pihole IPv6 (ULA)
    On the pihole, set a static IPv6 (Debian in my case) fd00::20/64 without any gateway or DNS. Refresh your interface “ifdown ens160; ifup ens160” and check your IP with ifconfig. Ideally you should see an fe (link-local),fd(static ULA)and 2000 (GLA) IP, and you should be able to ping6 google.
  3. Check connectivity
    Now you should be able to ping pihole’s IPv6 (fd00::20) from your computer.
  4. Add pihole ULA in pfsense DNS
    In pfsense System > General, assuming you have already entered pihole’s IPv4 address there, add pihole’s IPv6 address as well with the gateway as none. RA will send the LAN interfaces’ IPv6 to clients (which changes on boot).
    Note: This is assuming that you have DNS forwarder enabled.
  5. A reboot maybe required to realize the setting done in step 1 and/or 4
1 Like

#8

For all users of the Speedport Hybrid router by Deutsche Telekom: take a look at the above screenshot for the Speedport W 724V, it’s the same as for the Hybrid.

Home network -> Home network (LAN) -> Name and address of the router -> Use local IPv6 address (ULA)

0 Likes

#9

What is the suggested way if the router does not have the option to turn on ULA? I’m having a “Connect Box” from my ISP (UPC). :frowning:

1 Like

#10

I wonder this as well. I have an Arris gateway from Spectrum and am using the Pi-hole as a DHCP server. Is there any way the Pi can handle this, or does it need to be the gateway?

0 Likes

#11

Anyone know how to do this with a Ubiquiti Edgerouter-X? I have one of those behind a XB3 set to bridge mode and I appear to be getting IPv6 and really slow page loads sometimes.

0 Likes

#12

If you have slow page loads, take a look at our guide for IPTables rules and see if those help. I have an ER-X SFP and just have a few rules to handle things. I’m not sure offhand how to set up ULA but I do know it’s possible, but done via command line when setting up the DHCP server portion.

0 Likes

#13

Literally following the same guide you linked. I’ll skip to that section if you think that’s the issue though.

0 Likes

#14

I noticed my IPv6 GUA changes, whenever I reboot my router and found @DL6ER script here, unfortunately, this script runs ‘pihole -g’ (and restarts dnsmasq or FTLDNS), even if the IPv6 address didn’t change, so I improved the script.

Using GUA: Replace the first few digits (‘2a02’ in my case) in the grep command to match your own!!!
Using LUA: Replace ‘2a02’ in the grep command with ‘fc\|fd’ (see @DL6ER script)

#!/bin/bash

# read current IPv6 address from file
CURRENT_IPV6_ADDRESS=$(ip -6 a | grep '2a02' | awk -F " " '{gsub("/[0-9]*",""); print $2}')

# read/compare previous IPv6 address from file
file=/etc/pihole/setupVars.conf
if ! grep -q "$CURRENT_IPV6_ADDRESS" $file; then
	sed -i.bak "/IPV6_ADDRESS/d;" "/etc/pihole/setupVars.conf"
	echo "IPV6_ADDRESS=${CURRENT_IPV6_ADDRESS}" >> "/etc/pihole/setupVars.conf"
	{
		echo to: <your gmail address>
		echo from: <your gmail address>
		echo subject: pihole IPv6 address change
		echo
		cat /etc/pihole/setupVars.conf
	} | /usr/sbin/ssmtp <your gmail address>
	/usr/local/bin/pihole updateGravity
fi

The script also sends me a mail, whenever the IPv6 address changed, for this to work, you need to follow the instruction in my manual, section 4.9 (install mail) and change ‘your gmail address’ in the script, with the desired gmail address (needs to be changed 3 times)

In order to automate the IPv6 update, you might want to add it to cron. Create /etc/cron.d/IPv6check, containing:

29 6    * * *   root    PATH="$PATH:/home/pi/" /home/pi/IPv6check.sh

change the time to something appropriate for you, I run it at 06h29

edit
correct wrong SUFFIX in sed -i command, changed from sed -i.setupVars.bak to sed -i.bak
/edit

edit2
When the job runs with cron, pihole -g isn’t a valid command. Replaced the command with /usr/local/bin/pihole updateGravity
/edit2

1 Like

Pi set to static IP but uses DHCP instead (IP changes)
#16

Hello. When running the 4th command: echo “IPV6_ADDRESS=${IPV6_ADDRESS}” >> “/etc/pihole/setupVars.conf” I get a permission denied error, even when using sudo. I’m trying to add the IPV6 address to the config file but having no success. Any ideas? Thanks.

0 Likes

#17

Can’t edit the existing entry, so here is the latest version of the script, the echo command is eliminated in this version.

Using GUA: Replace the first few digits (‘2a02’ in my case) in the grep command to match your own!!!
Using LUA: Replace ‘2a02’ in the grep command with ‘fc|fd’ (see @DL6ER script)

#!/bin/bash

# get current IPv6 address
CURRENT_IPV6_ADDRESS=$(ip -6 a | grep '2a02' | awk -F " " '{gsub("/[0-9]*",""); print $2}')

# read configured IPv6 address from /etc/pihole/setupVars.conf
file=/etc/pihole/setupVars.conf
OLD_IPV6_ADDRESS=$(grep 'IPV6_ADDRESS=' "$file" |sed 's/^IPV6_ADDRESS=//')

# read/compare previous IPv6 address from file
if ! grep -q "$CURRENT_IPV6_ADDRESS" $file; then
	sed -i.bak "s/$OLD_IPV6_ADDRESS\b/$CURRENT_IPV6_ADDRESS/g" "$file"
	{
		echo to: <your gmail address>
		echo from: <your gmail address>
		echo subject: pihole IPv6 address change
		echo
		cat /etc/pihole/setupVars.conf | grep 'ADDRESS'
	} | /usr/sbin/ssmtp <your gmail address>
	/usr/local/bin/pihole updateGravity
fi

Remember, the mail portion of the script only works if you setup mail, as explained in my manual , section 4.9 (install mail) and change ‘your gmail address’ in the script, with the desired gmail address (needs to be changed 3 times)

0 Likes

#18

Hello. Thanks for your response. This is very very confusing. The script you provided seems to update IPV6 addresses when they change, but the IPV6 address the Pi is using is a fe80 address that from my understanding is the static/LAN IP address. Correct me if I’m wrong, but isn’t that different from adding the ULA to vars.config file???

0 Likes

#19

If you’re using a static IPv6 address, you don’t need this script.
The script is only intended to overcome changing IPv6 addresses.
As far as I know, setupVars.conf can only contain one IPv6 address. The address is used by pihole-FTL to return the correct address, incase you’re using blocking modes that would show a blocking page, e.g. BLOCKINGMODE=IP-NODATA-AAAA or BLOCKINGMODE=IP

0 Likes