IPv6 Address#
Check/Test IPs> ifconfig > ip a | grep inet6 > ip -4 addr show > ip -6 -o addr show dev eth0 scope global > ping -6 2a02:5a0:4110:f590:fdd3:3e99:1234:9876 > ping -6 www.google.com > nslookup -6 www.google.com > sudo traceroute -6 www.google.com
The raspberry may have a random ipv6 to hide target.
This can happen with "privacy extensions" enabled via dhcpcd (Dynamic Host Configuration Protocol Client Daemon).
But this is not enabled by default, check with
> service dhcpcd status
If "Unit dhcpcd.service could not be found." then the random IP is set from Fritz!Box,
If found, you can disable (not recommended):
> sudo vi /etc/dhcpcd.conf > slaac private # change to "slaac hwaddr" > sudo service networking restartsee Heimnetz > Netzwerk > YourDevice > Heimnetz > "IPv6-GUA-Temporary"
The official IPv6-GUA (Global Unicast-Address) is another one.
But with dyndns we can use the random/temporary one.
Windows
> ping -6 www.google.com > ping -6 2a02:5a0:410f:46f0:51ef:ea06:9875:1234 > nslookup myDevice 192.168.188.1 # for 1. target with 2. nameserver > nslookup myDevice fd94:725a:490a::d624:ddff:fe70:5c5b > nslookup -debug -type=any -type=aaaa MyComputer 192.168.188.1 > resolvconf -l > ipconfig # see also standard gateway here
Fritzbox
temporary vs permanent/secured ipv6
- LLA - Local Link Address
- ULA - Unique Local Address
- GUA - Global Unicast-Address
IP lifetime
> ip addr show eth0 set lifetime to forever: > sudo ip addr change 2a02:5a0:4110:f590:6547:1234:9876:ee dev eth0 valid_lft forever preferred_lft forever
Network Manager
#
I use a custom DNS server setting, because the fritzbox does not resolve my dynv6 domains (?).Do not modify file "/etc/resolv.conf". Use network manager instead with "nmcli".
> systemctl status NetworkManager > sudo vi /etc/NetworkManager/NetworkManager.conf # config > sudo vi /etc/NetworkManager/system-connections/*Wired* # config > sudo /etc/init.d/networking restart > sudo systemctl reload NetworkManager > sudo systemctl status NetworkManager.service > sudo systemctl restart NetworkManager.service # log in > journalctl -u NetworkManager.service -b > sudo nmcli device reapply eth0 > sudo nmcli general > sudo nmcli general reload dns-full # flush dns cache > sudo nmcli -o device show # show interfaces settings > sudo nmcli -p connection show # show interface status #THIS IS NECESSARY > sudo nmcli con mod "Wired connection 1" ipv4.dns "1.1.1.1,8.8.8.8" # add cloudflare and google dns > sudo nmcli con mod "Wired connection 1" ipv4.ignore-auto-dns no # this adds "search fritz.box" to get ips at all from frit.box > sudo nmcli con mod "Wired connection 1" ipv6.ignore-auto-dns yes # we skip ipv6 dns > sudo nmcli c down "Wired connection 1" && sudo nmcli c up "Wired connection 1" # restart > sudo nmtui # visual tool for network manager > sudo nmcli conn up eth0 > sudo nmcli con mod "Wired connection 1" ipv4.dns 10.0.0.1 > sudo nmcli con mod "Wired connection 1" ipv6.dns 2606:4700:4700::1111 > sudo nmcli con mod "Wired connection 1" ipv6.dns-priority 100 ipv4.dns-priority 50 > sudo vi /etc/resolv.conf # validate settings > sudo nmcli connection modify help # help > nmcli connection modify "Wired connection 1" -ipv6.dns fd94:725a:490a:0:d624:ddff:9867:1234 > nmcli device modify eth0 ipv4.ignore-auto-dns yes # remove dns nameservers > sudo nmcli con mod "Wired connection 1" ipv6.ignore-auto-dns no # remove dns nameservers
Reset
sudo rm /etc/resolv.conf sudo systemctl restart NetworkManager
DHCP
> service --status-all # check all servicesIf you see "networking", this seems do be dhclient
> sudo vi /etc/default/networking # config > sudo vi /etc/dhcp/dhclient.conf # config > sudo dhclient -v eth0 # renew > sudo dhclient -6 -r -v eth0 # force renew > sudo systemctl restart networking # restart > sudo ifconfig eth0 down && sudo ifconfig eth0 up
DynDNS#
DynDNS with ddclient#
> sudo apt-get update # update repositories > sudo apt-get install ddclient # install > sudo vi /etc/ddclient.conf # config file > sudo service ddclient restart # restart daemon > sudo rm /var/cache/ddclient/ddclient.cache # clear IP cache uploaded before (or use -force) > systemctl status ddclient # status check > journalctl -xeu ddclient # log > sudo ddclient -query # try all common dyndns services > sudo ddclient -daemon=0 -debug -verbose -noquiet # start directly with verbose output to analyse > sudo vi /etc/default/ddclient > sudo vi /usr/bin/ddclient
With current Raspberry OS (Debian GNU/Linux 12, bookworm) you get ddclient v3.10.0. This could not determine the ipv6 address !
The latest v3.11.2 worked fine, see next.
Install ddclient on your own#
Based on najigram.com
> sudo apt purge ddclient > sudo apt install libjson-any-perl libdata-validate-ip-perl libio-socket-ssl-perl > sudo apt install libtool # this is missing at najigram.com and solves issues if autogen does not work > wget https://github.com/ddclient/ddclient/archive/refs/tags/v3.11.2.zip > unzip v3.11.2.zip > cd ddclient-3.11.2 > sudo ./autogen > sudo ./configure --prefix=/usr --sysconfdir=/etc/ddclient --localstatedir=/var > sudo make > sudo make VERBOSE=1 check > sudo make install > sudp cp sample-etc_systemd.service /etc/systemd/system/ddclient.service
> sudo vi /etc/ddclient/ddclient.conf
Add below "ssl=no":
protocol=dyndns2 #use=if, if=eth0 usev6=ipv6, ipv6=eth0 #use=web, web=checkip.dyndns.org, web-skip=‘Current IP Address’ verbose=yes daemon=900 #pid=/var/run/ddclient.pid #mail-failure=msebel20@gmail.com server=dynv6.com login=XUsernameX password=XPasswordX <your dyndns server name>
Test DynDNS / Error DNS_PROBE_FINISHED_NXDOMAIN#
Note: it is sufficient to register just an ipv6 address with your dyndns provider (AAAA record). You do neither need an ip4 address (A record) nor any other DNS zone entry.- enable a port to forward to your device in your router
- test the port forwarding without DNS first, you can call an ipv6 address like this https://[2a02:x205:..]:1234 (https://[ipv6]:port)
- test domain name resolution (DNS)
- Firefox uses its own DNS server (not the OS one) and those worked from scratch, see Settings > Security > DNS over HTTPS > Anbieter (Cloudflare)
- Windows used the FritzBox to resolve and that did not work (?). I entered a dedicated DNS server at Windows + R > ncpa.cpl > Ethernet > Porperties > Internetprotokoll, Version 4+ 6 > DNS (I used cloudflare and google as alternative, you can search for "DNS server list").
| Cloudflare | 1.1.1.1 | 2606:4700:4700::1111 |
| 8.8.8.8 or 8.8.4.4 | 2001:4860:4860::8888 or 2001:4860:4860::8844 | |
| Digitalcourage e.V. | 46.182.19.48 | 2a02:2970:1002::18 |
| Digitale Gesellschaft | 185.95.218.42 | 2a05:fc84::42 |
| dismail.de | 80.241.218.68 | 2a02:c205:3001:4558::1 |
> ipconfig > ping -6 2a02:x205:... or serverName > netsh int ip show address > route print -6 > arp -a
- Chrome uses the OS one and this did not work. You can either update Windows or use a dedicated for Chrome directly too at chrome://settings/security > Erweitert > Sicheres DNS verwenden = Enabled > DNS Anbieter auswählen > Cloudflare (1.1.1.1)
- FritzBox: see here, > Internet > Zugangsdaten > DNS-Server
DNS Cache Lookup / Purge#
- Firefox: about:networking#dns
- Chrome: chrome://net-internals/#dns
- Edge: edge://net-internals/#dns
- Windows:
- > ipconfig /release + ipconfig /flushdns + ipconfig /renew
- > ipconfig /displaydns|findstr pi5
- Linux:
- > sudo nmcli general reload dns-full