DNS, DynDNS and ipv6
[Zurück zur aktuellen Version][Diese Version wiederherstellen]

Inhaltsverzeichnis

Configure#

Check IPs 
> ifconfig
> ip a | grep inet6
> ip -4 addr show
> ip -6 -o addr show dev eth0 scope global

IPv6 Address#

The raspberry may have a random ipv6 to hide target. This can happen with "privacy extensions" enabled via dhcpcd (Dynamic Host Configuration Protocol Client Daemon). But this is not enabled by default, check with
> service dhcpcd status
If "Unit dhcpcd.service could not be found." then the random IP is set from Fritz!Box,
If found, you can disable (not recommended): 
> sudo vi /etc/dhcpcd.conf
> slaac private  # change to "slaac hwaddr"
> sudo service networking restart
see Heimnetz > Netzwerk > YourDevice > Heimnetz > "IPv6-GUA-Temporary"
The official IPv6-GUA (Global Unicast-Address) is another one.
But with dyndns we can use the random/temporary one.

DynDNS#

DynDNS with ddclient#

> sudo apt-get update                               # update repositories
> sudo apt-get install ddclient                     # install
> sudo vi /etc/ddclient.conf                        # config file
> sudo service ddclient restart                     # restart daemon
> sudo rm /var/cache/ddclient/ddclient.cache        # clear IP cache uploaded before (or use -force)
> systemctl status ddclient                         # status check
> journalctl -xeu ddclient                          # log 
> sudo ddclient -query                              # try all common dyndns services
> sudo ddclient -daemon=0 -debug -verbose -noquiet  # start directly with verbose output to analyse

> sudo vi /etc/default/ddclient
> sudo vi /usr/bin/ddclient

With current Raspberry OS (Debian GNU/Linux 12, bookworm) you get ddclient v3.10.0. This could not determine the ipv6 address !
The latest v3.11.2 worked fine, see next.

Install ddclient on your own#

Based on najigram.com 
> sudo apt purge ddclient
> sudo apt install libjson-any-perl libdata-validate-ip-perl libio-socket-ssl-perl
> sudo apt install libtool        # this is missing at najigram.com and solves issues if autogen does not work
> wget https://github.com/ddclient/ddclient/archive/refs/tags/v3.11.2.zip
> unzip v3.11.2.zip
> cd ddclient-3.11.2
> sudo ./autogen
> sudo ./configure --prefix=/usr --sysconfdir=/etc/ddclient --localstatedir=/var
> sudo make
> sudo make VERBOSE=1 check
> sudo make install	
> sudp cp sample-etc_systemd.service /etc/systemd/system/ddclient.service

> sudo vi /etc/ddclient/ddclient.conf

Add below "ssl=no": 

protocol=dyndns2
#use=if, if=eth0
usev6=ipv6, ipv6=eth0
#use=web, web=checkip.dyndns.org,  web-skip=‘Current IP Address’
verbose=yes
daemon=900
#pid=/var/run/ddclient.pid
#mail-failure=msebel20@gmail.com
server=dynv6.com
login=XUsernameX
password=XPasswordX
<your dyndns server name>

Test DynDNS / Error DNS_PROBE_FINISHED_NXDOMAIN#

Note: it is sufficient to register just an ipv6 address with your dyndns provider (AAAA record). You do neither need an ip4 address (A record) nor any other DNS zone entry.
  1. enable a port to forward to your device in your router
  2. test the port forwarding without DNS first, you can call an ipv6 address like this https://[2a02:x205:..]:1234 (https://[ipv6]:port)
  3. test domain name resolution (DNS)
    • Firefox uses its own DNS server (not the OS one) and those worked from scratch, see Settings > Security > DNS over HTTPS > Anbieter (Cloudflare)
    • Windows used the FritzBox to resolve and that did not work (?). I entered a dedicated DNS server at Windows + R > ncpa.cpl > Ethernet > Porperties > Internetprotokoll, Version 4+ 6 > DNS (I used cloudflare and google as alternative, you can search for "DNS server list").
Cloudflare 1.1.1.1 2606:4700:4700::1111
Google 8.8.8.8 or 8.8.4.4 2001:4860:4860::8888 or 2001:4860:4860::8844
Digitalcourage e.V. 46.182.19.48 2a02:2970:1002::18
Digitale Gesellschaft 185.95.218.42 2a05:fc84::42
dismail.de 80.241.218.68 2a02:c205:3001:4558::1 
> ipconfig
> ping -6 2a02:x205:... or serverName
> netsh int ip show address
> route print -6
> arp -a

DNS Cache Lookup / Purge#

No Copyright