[GH-ISSUE #167] ipv6 usability issues #158

New issue

Closed

opened 2026-02-26 09:36:10 +03:00 by kerem · 4 comments

kerem commented

2026-02-26 09:36:10 +03:00

Owner

Originally created by @ThomasWaldmann on GitHub (Sep 21, 2014).
Original GitHub issue: https://github.com/nsupdate-info/nsupdate.info/issues/167

Originally assigned to: @ThomasWaldmann on GitHub.

if a ipv6 router (e.g. avm fritzbox 6360) sends an update to ipv6.nsupdate.info using a 6in4 (he.net) ipv6 tunnel, it uses its local external ipv6 address to send the request - so the ipv6 address put into dns by the router is the router ipv6 ip. not very useful if you do not want to talk to the router, but some other device in your LAN.

but in that kind of setup one gets a ipv6 prefix for the LAN that is different from the local external ipv6 address (prefix). if you visit the (ipv6.)nsupdate.info site using a web browser from a pc inside such a LAN, the system will use the temporary global ipv6 address (which changes now and then). on the fritzbox one can enable ipv6 connections to LAN devices by giving their interface ID - I guess it is only practical to use the suffix of the modified EUI64 there that is derived from the mac address and never changes, not that temporary ID (which is used for better privacy).

Originally created by @ThomasWaldmann on GitHub (Sep 21, 2014). Original GitHub issue: https://github.com/nsupdate-info/nsupdate.info/issues/167 Originally assigned to: @ThomasWaldmann on GitHub. if a ipv6 router (e.g. avm fritzbox 6360) sends an update to ipv6.nsupdate.info using a 6in4 (he.net) ipv6 tunnel, it uses its local external ipv6 address to send the request - so the ipv6 address put into dns by the router is the router ipv6 ip. not very useful if you do not want to talk to the router, but some other device in your LAN. but in that kind of setup one gets a ipv6 prefix for the LAN that is different from the local external ipv6 address (prefix). if you visit the (ipv6.)nsupdate.info site using a web browser from a pc inside such a LAN, the system will use the temporary global ipv6 address (which changes now and then). on the fritzbox one can enable ipv6 connections to LAN devices by giving their interface ID - I guess it is only practical to use the suffix of the modified EUI64 there that is derived from the mac address and never changes, not that temporary ID (which is used for better privacy).

kerem

2026-02-26 09:36:10 +03:00

closed this issue
added the
enhancement

needs help
labels

kerem commented

2026-02-26 09:36:11 +03:00

Author

Owner

@ThomasWaldmann commented on GitHub (Sep 21, 2014):

idea 1:

run the ipv6 update client on the machine that's ipv6 you want in dns. requires a rather intelligent updater that finds out the static global address derived from your prefix + the interface id (from mac address). enable this interface id in the fritzbox if you want it to be accessible from the v6 internet.

@ThomasWaldmann commented on GitHub (Sep 21, 2014): idea 1: run the ipv6 update client on the machine that's ipv6 you want in dns. requires a rather intelligent updater that finds out the static global address derived from your prefix + the interface id (from mac address). enable this interface id in the fritzbox if you want it to be accessible from the v6 internet.

kerem commented

2026-02-26 09:36:11 +03:00

Author

Owner

@ThomasWaldmann commented on GitHub (Sep 21, 2014):

idea 2:

if you can not or you would not want to run an update client on all your ipv6 machines, the service could keep a mapping from interface IDs to names, so the update would be only to get the current prefix, so the service can build the global static ipv6 addresses for all devices in the map and then update dns AAAA records.

problem: for the 6in4 setup, the router would send a different prefix than the prefix needed for all the devices in the LAN. the correct prefix could be given as a url querystring parameter though, if it is static.

the names could be:
device with update client (router?): [name-from-host-record].nsupdate.info
other devices: [name-from-mapping].[name-from-host-record].nsupdate.info

(so we can avoid conflicts and also avoid consuming too much from namespace)

@ThomasWaldmann commented on GitHub (Sep 21, 2014): idea 2: if you can not or you would not want to run an update client on all your ipv6 machines, the service could keep a mapping from interface IDs to names, so the update would be only to get the current prefix, so the service can build the global static ipv6 addresses for all devices in the map and then update dns AAAA records. problem: for the 6in4 setup, the router would send a different prefix than the prefix needed for all the devices in the LAN. the correct prefix could be given as a url querystring parameter though, if it is static. the names could be: device with update client (router?): [name-from-host-record].nsupdate.info other devices: [name-from-mapping].[name-from-host-record].nsupdate.info (so we can avoid conflicts and also avoid consuming too much from namespace)

kerem commented

2026-02-26 09:36:12 +03:00

Author

Owner

@ThomasWaldmann commented on GitHub (Sep 22, 2014):

idea 3:
same can be implemented for ipv4 (assuming that the user gets a public ipv4 network and runs multiple hosts in that network). We need to know the ipv4 netmask.

For ipv6 - can we always assume that the net is /64? Or do we need to know the netmask here also?

@ThomasWaldmann commented on GitHub (Sep 22, 2014): idea 3: same can be implemented for ipv4 (assuming that the user gets a public ipv4 network and runs multiple hosts in that network). We need to know the ipv4 netmask. For ipv6 - can we always assume that the net is /64? Or do we need to know the netmask here also?

kerem commented

2026-02-26 09:36:12 +03:00

Author

Owner

@ThomasWaldmann commented on GitHub (Sep 25, 2014):

fixed in 0.9 branch (idea2 and 3 + configurable netmask)

@ThomasWaldmann commented on GitHub (Sep 25, 2014): fixed in 0.9 branch (idea2 and 3 + configurable netmask)