Die aktuellste Version dieses Dokuments ist ein Entwurf.DiffDiese Version (2024/04/13 09:28) ist ein Entwurf.
Überprüfungen: 0/1
Die zuvor bestätigte Version (2024/01/01 18:24) ist verfügbar.Diff

Dies ist eine alte Version des Dokuments!


DynDNS and IPv6

as i have been struggeling for a bit to get IPv6 Working, i am writing down, what i have experienced so far.. this guide may not be complete, so expect things not to work.

Also IPv6 is quite old (released in 1998), it is still not very common as its setup is a bit different from the simple IPv4.

IPv4 works with NAT, which means, that the Firewall/Modem of your Network is the central point, which can be reached from the Internet. The Firewall then gets configured to accept connections on port- numbers an redirect them to hosts on the local net. The Internet only sees your Modems IPv4- Nummber and the Host on your network too. There is no knowledge of your internals Host-IP-Adress from the Internet perspektive.

IPv6 instead, has no NAT. The Modem gets an Adress assigned from the Internet Provider (called GUA) and the first half of it is called the prefix (the four Numbers in front of the first four colons). All Adresses to the right of that Adress are free to choose and are useable by Devices in the internal Network.Mostly the Devices are getting the Adresses via DHCP from the Modem which is mostly configured to work out of the Box, or they will choose their own IPv6.

These Device- Adresses are globally unique (GUAs) and are routable over the Internet. So Devices can be reached directly under that Adress - no matter which Modem is in between.

So basically every Host in the local Network can be reached from the Internet with ist GUA IPv6 Adress. Its the Modems Firewall, which will prevent exposing all Hosts of the local network directly to the Internet. Thus, the only thing you have to do, is to open the Ports for some Device, which the Firewall will allow to pass from the internet to the local network directly.

I experienced, that opening the ports a some Modems, is basically possible, but still no connection could be made.

For example, the German Telekom does have a modem / router called „Speedport“, which is generally not allowing IPv6 from the internet to pass to the local net (while IPv4 with NAT works as expected).

So - if you did the settings at your Firewall and still you cannot curl some Adress, maybe you have the wrong modem.

Also check if your modem has some feature called „rebind protection“. If so, you need to add ALL full names to the list of allowed services.

e.g. add the fqdn like:

cname.domainname.dynv6.net

For IPv4 you would need to setup the Modem to have the DynDNS Record updated - as the Modem knows its own IP best and is the central Point of action.

Not so with IPv6. The Modems IPv6- Adress is irrelevant for your internal Hosts and for the Internet. As the IPv6 adress is assigned to the Device at connection establishment, which could be anywhere, it makes more sense, to have the device itself update the dnydns- record to its own adress.

So you can skip setting up the dyndns- Account in your Modem/Router.

There is one thing to do in your router: open the Device and the Port to be accessable from the internet. This is nearby the same as it is done at IPv4. After that, genereally the host shpuld be reachable.

Next Step to choose is a provider for dyndns. There are many dyndns- providers out there. i chose https://dynv6.com which seems to work fine. Registration there is done quite fast and no setup needs to be done at the providers interface.

The Task to update the dyndns- entry to point to the right host can be done best on the host itself as explained before. The Host may detect interface- changes of the Adress and will push out automagically using some client.

DDClient can be used in the local server/host to assign some DNS- Record to an IP. It turned out, that the DDclient V3.8.3 of OpenSuSE Leap 15.5 was not able to work with IPv6 in the Version coming from the main Repositories.

Add the Repository https://download.opensuse.org/repositories/network/${releasever}/with yast and update to the Packages of that Repository first, so you get DDclient V3.11.3, which is able to deal with ipv6.

The config is in /etc/ddclient.conf and it could contain e.g. those lines:

#01.01.2023 dnydns test
ssl=yes,
usev6=ifv6,
if=wlan0,
protocol=dyndns2,
server=dynv6.com,
login=none, password='blabla'
domainname.dynv6.net,cname.domainname.dynv6.net

Notes:

  • Not using SSL will not work
  • DDClients Config is a bit strange to understand. My example is one server in the view of ddclient, which is why there are commas seperating the options for that host.
  • You can also specify each option without comma, but then the setting will change the defaults of ddclient

If something is not working, execute ddclient that way:

ddclient -daemon=0 -debug -verbose -noquiet
The programm can be executed directly.

If your IP has been sucessfully updated, enable the service:

systemctl enable ddclient

you may now have the IPv6 of your Device published at some adress and check this by:

pcserver2023:~ # nslookup obel1x.dynv6.net
Server:         192.168.2.1
Address:        192.168.2.1#53

Non-authoritative answer:
Name:   obel1x.dynv6.net
Address: 2003:c4:bf3c:c236:88a:927d:ac6:5a35

Thats it, you shold be able to get some connection. Mind, that IPv6- Adresses in URLs are written in brakets to have ports seperated:

protocol://[ipv6adress]:port
Diese Website verwendet Cookies. Durch die Nutzung der Website stimmen Sie dem Speichern von Cookies auf Ihrem Computer zu. Außerdem bestätigen Sie, dass Sie unsere Datenschutzbestimmungen gelesen und verstanden haben. Wenn Sie nicht einverstanden sind, verlassen Sie die Website.Weitere Information
  • content/serverbasics/network-dyndns.1713000536.txt.gz
  • Zuletzt geändert: 2024/04/13 09:28
  • von Daniel