Deutsche Telekom - Speedport W 724V
Fritzbox Cable 6490 (Firmware 6.51) Thanks @Dmx !
This option is also available in the Fritzbox 7490 and @Erdnussknacker suggests that it should be available on all Fritzboxes running FRITZ!OS firmware greater equal version 6.50.
So I started getting IPv6 from my ISP recently. And here's how I got ULA working with pi-hole and pfsense router.
I get IPv6 by DHCP6 on the WAN interface with "Use IPv4 connectivity as parent interface" & "Send IPv6 prefix hint" checked, and a prefix size of 64. On the LAN side it's set to track-interface (wan).
-
Set ULA in RA subnet (pfsense)
In Services > DHCPv6 > RA, under Advertisements, add a subnetfd00::
and prefix/64
Note: We don't need DHCPv6 server. It's disabled by default - it's ok to leave it as it is. -
Set static pihole IPv6 (ULA)
On the pihole, set a static IPv6 (Debian in my case)fd00::20/64
without any gateway or DNS. Refresh your interface "ifdown ens160; ifup ens160
" and check your IP withifconfig
. Ideally you should see an fe (link-local),fd(static ULA)and 2000 (GLA) IP, and you should be able to ping6 google. -
Check connectivity
Now you should be able to ping pihole's IPv6 (fd00::20) from your computer. -
Add pihole ULA in pfsense DNS
In pfsense System > General, assuming you have already entered pihole's IPv4 address there, add pihole's IPv6 address as well with the gateway as none. RA will send the LAN interfaces' IPv6 to clients (which changes on boot).
Note: This is assuming that you have DNS forwarder enabled. - A reboot maybe required to realize the setting done in step 1 and/or 4
For all users of the Speedport Hybrid router by Deutsche Telekom: take a look at the above screenshot for the Speedport W 724V, it's the same as for the Hybrid.
Home network -> Home network (LAN) -> Name and address of the router -> Use local IPv6 address (ULA)
What is the suggested way if the router does not have the option to turn on ULA? I'm having a "Connect Box" from my ISP (UPC).
I wonder this as well. I have an Arris gateway from Spectrum and am using the Pi-hole as a DHCP server. Is there any way the Pi can handle this, or does it need to be the gateway?
Anyone know how to do this with a Ubiquiti Edgerouter-X? I have one of those behind a XB3 set to bridge mode and I appear to be getting IPv6 and really slow page loads sometimes.
If you have slow page loads, take a look at our guide for IPTables rules and see if those help. I have an ER-X SFP and just have a few rules to handle things. I'm not sure offhand how to set up ULA but I do know it's possible, but done via command line when setting up the DHCP server portion.
Literally following the same guide you linked. I'll skip to that section if you think that's the issue though.
I noticed my IPv6 GUA changes, whenever I reboot my router and found @DL6ER script here, unfortunately, this script runs 'pihole -g' (and restarts dnsmasq or FTLDNS), even if the IPv6 address didn't change, so I improved the script.
Using GUA: Replace the first few digits ('2a02' in my case) in the grep command to match your own!!!
Using LUA: Replace '2a02' in the grep command with 'fc\|fd' (see @DL6ER script)
#!/bin/bash
# read current IPv6 address from file
CURRENT_IPV6_ADDRESS=$(ip -6 a | grep '2a02' | awk -F " " '{gsub("/[0-9]*",""); print $2}')
# read/compare previous IPv6 address from file
file=/etc/pihole/setupVars.conf
if ! grep -q "$CURRENT_IPV6_ADDRESS" $file; then
sed -i.bak "/IPV6_ADDRESS/d;" "/etc/pihole/setupVars.conf"
echo "IPV6_ADDRESS=${CURRENT_IPV6_ADDRESS}" >> "/etc/pihole/setupVars.conf"
{
echo to: <your gmail address>
echo from: <your gmail address>
echo subject: pihole IPv6 address change
echo
cat /etc/pihole/setupVars.conf
} | /usr/sbin/ssmtp <your gmail address>
/usr/local/bin/pihole updateGravity
fi
The script also sends me a mail, whenever the IPv6 address changed, for this to work, you need to follow the instruction in my manual, section 4.9 (install mail) and change 'your gmail address' in the script, with the desired gmail address (needs to be changed 3 times)
In order to automate the IPv6 update, you might want to add it to cron. Create /etc/cron.d/IPv6check, containing:
29 6 * * * root PATH="$PATH:/home/pi/" /home/pi/IPv6check.sh
change the time to something appropriate for you, I run it at 06h29
edit
correct wrong SUFFIX in sed -i
command, changed from sed -i.setupVars.bak
to sed -i.bak
/edit
edit2
When the job runs with cron, pihole -g
isn't a valid command. Replaced the command with /usr/local/bin/pihole updateGravity
/edit2
Hello. When running the 4th command: echo "IPV6_ADDRESS=${IPV6_ADDRESS}" >> "/etc/pihole/setupVars.conf" I get a permission denied error, even when using sudo. I’m trying to add the IPV6 address to the config file but having no success. Any ideas? Thanks.
Can't edit the existing entry, so here is the latest version of the script, the echo command is eliminated in this version.
Using GUA: Replace the first few digits (‘2a02’ in my case) in the grep command to match your own!!!
Using LUA: Replace ‘2a02’ in the grep command with ‘fc|fd’ (see @DL6ER script)
#!/bin/bash
# get current IPv6 address
CURRENT_IPV6_ADDRESS=$(ip -6 a | grep '2a02' | awk -F " " '{gsub("/[0-9]*",""); print $2}')
# read configured IPv6 address from /etc/pihole/setupVars.conf
file=/etc/pihole/setupVars.conf
OLD_IPV6_ADDRESS=$(grep 'IPV6_ADDRESS=' "$file" |sed 's/^IPV6_ADDRESS=//')
# read/compare previous IPv6 address from file
if ! grep -q "$CURRENT_IPV6_ADDRESS" $file; then
sed -i.bak "s/$OLD_IPV6_ADDRESS\b/$CURRENT_IPV6_ADDRESS/g" "$file"
{
echo to: <your gmail address>
echo from: <your gmail address>
echo subject: pihole IPv6 address change
echo
cat /etc/pihole/setupVars.conf | grep 'ADDRESS'
} | /usr/sbin/ssmtp <your gmail address>
/usr/local/bin/pihole updateGravity
fi
Remember, the mail portion of the script only works if you setup mail, as explained in my manual , section 4.9 (install mail) and change ‘your gmail address’ in the script, with the desired gmail address (needs to be changed 3 times)
Hello. Thanks for your response. This is very very confusing. The script you provided seems to update IPV6 addresses when they change, but the IPV6 address the Pi is using is a fe80 address that from my understanding is the static/LAN IP address. Correct me if I’m wrong, but isn’t that different from adding the ULA to vars.config file???
If you're using a static IPv6 address, you don't need this script.
The script is only intended to overcome changing IPv6 addresses.
As far as I know, setupVars.conf can only contain one IPv6 address. The address is used by pihole-FTL to return the correct address, incase you're using blocking modes that would show a blocking page, e.g. BLOCKINGMODE=IP-NODATA-AAAA
or BLOCKINGMODE=IP
Thank you for your approach but I encountered a small problem during the implementation
The GUA also contained the letters FD and therefore I got the GUA and the ULA address.
pi@ns17:~ $ IPV6_ADDRESS=$(ip -6 a | grep 'fc\|fd' | awk -F " " '{gsub("/[0-9]*",""); print $2}')
pi@ns17:~ $ echo ${IPV6_ADDRESS}
2a0a:xxxx:xxxx:xxxx:xxxx:xxxx:xxfd:xxxx fdxx::xxxx:xxxx:xxxx:xxxx
With a small modification, only the ULA are displayed.
pi@ns17:~ $ IPV6_ADDRESS=$(ip -6 a | grep '\<fc\|\<fd' | awk -F " " '{gsub("/[0-9]*",""); print $2}')
pi@ns17:~ $ echo ${IPV6_ADDRESS}
fdxx::xxxx:xxxx:xxxx:xxxx
Ah, yes, I should really have thought about adding an anchor there. I just edited the first message in this thread to use what you proposed.