Please follow the below template, it will help us to help you!
Expected Behaviour:
Hardware:
Raspberry Pi Model B
Raspbian Bullseye
PiHole installed about two weeks ago and updated yesterday
BT Smart Hub 2
The BT Smart Hub is quite dumb and doesn't allow you to set custom DNS servers. That is fine for IPv4 (I can just disable DHCP on the router and set it up on the Pi) but I want to try to find a way to get IPv6 working.
If I leave IPv6 in Stateless or Stateful mode on the router then the RA packets all define its own DNS, so any machine that chooses to use IPv6 DNS servers will get BT DNS instead of the filtered Pi Hole DNS.
If I try to set a static IP address on the Pi using an IP in the range that the router would supply (e.g ip addr add ... run manually at the command-line - I've not got /etc/dhcpcd.conf to work correctly for IPv6 yet) and enable IPv6 support in the web console and disable IPv6 allocation on the router then the Pi sends RA packets with the right DNS but it's also saying "route your traffic this way" and doesn't know where to pass the traffic next.
What I want to be able to do is set up my PiHole and router so that:
Both DNS v4 and v6 is served from the PiHole
IPv6 addresses auto-configure on client machines
Everything doesn't break when (if) the router changes its public IP assignment
Traffic isn't routed through the Pi (because it'll be a bottleneck)
I'm happy to use ULA if it works, but I've read that it's a bad idea and falls back on old IPv4 NAT thinking.
This answer says to edit the DHCPCD config but I didn't appear to get onward connectivity then ("network is unreachable" messages) and ip addr showed the "noprefixroute" tag
Another post that I can't find right now had a multi-line script for assigning the IP, but that wouldn't resolve the routing issues that I seem to have and seems brittle for IP changes on the router
Actual Behaviour:
Either the RA packets from the router sets its IP for the DNS server or the PiHole RA packets direct all traffic to itself and then it can't route traffic onwards.
It's crucial to understand that configuring Pi-hole to advertise itself as IPv6 DNS resolver won't stop your router from doing the same.
It's then entirely at a client's discretion to pick from DNS servers advertised on its network (and more often than not, clients would prefer the router).
So the only way to make this work:
You'd have to find a way to configure your router to advertise your Pi-hole host machine's IPv6 as DNS server and/or to stop advertising its own.
You'd have to consult your router's documentation sources on further details for its IPv6 configuration options.
If your router doesn't support configuring IPv6 DNS, you could consider disabling IPv6 altogether.
If your router doesn't support that either, your IPv6 capable clients will always be able to bypass Pi-hole via IPv6 (unless a client can be manually configured to use Pi-hole as its only DNS).
I can't configure DNS on the router because the ISP prevents that.
I can disable IPv6 on the router. But then the Pi advertises itself as the route, and I don't want all traffic on my gigabit network with 150Mbps+ broadband running through the 100Mbps NIC on the Pi.
Is there a way for it to advertise itself as DNS but the router as a route through RA? And it's there a good way to keep that in sync if the router's IP addresses happens to change?
(I use Mythic Beasts as an IPv6-centric web host and I want to avoid the "IPv6 is 25 years old but still hard, so disable it" approach)
Could you explain why you expect your RPi to take over router duties in your network?
An RPi wouldn't act as a router unless you explicitly installed and configured it for that role.
Pi-hole won't change that.
Specifically, it won't propagate a route through itself via its DHCP server, again unless you've explicitly configured it to do so (by changing the Router (gateway) IP address in its DHCP settings away from the router's IP default).
Disabling IPv6 support in your router would stop public IPv6 connectivity. It won't acquire and distribute a public IPv6 prefix to allow clients to construct public IPv6 addresses.
Consequently, if you'd host that Mythic Beasts web server in your home network, it won't be accessible by public clients via a public IPv6 address.
Similarly, if it would be hosted at your ISP, you won't be able to connect to it via IPv6 from clients within your home network.
Could you explain why you expect your RPi to take over router duties in your network?
An RPi wouldn't act as a router unless you explicitly installed and configured it for that role.
I'm making an assumption based on a) the Pi is sending out RA packets that only appeared to contain its own IP addresses and b) devices could only route to the Internet when they got the RA packets from the router and not from the Pi, even if the Pi was using the same subnet with a static IP as it would if it had been allocated by RA from the router.
That could be wrong, but I don't see "gateways" in the RA packets the same way as DHCP on IPv4, so I interpreted "Router Advertisement Packet" as "I am the router, route through me".
Disabling IPv6 support in your router would stop public IPv6 connectivity. It won't acquire and distribute a public IPv6 prefix to allow clients to construct public IPv6 addresses.
Sorry, I was a bit loose with my definitions. If I disable IPv6 ULA and address allocation and let the Pi do it with SLAAC+RA then IP allocation works but routing doesn't.