Re: IPv6 status on Debian for workstations / DHCP networks?

[peter@chubb.wattle.id.au]

I'm currently solving this using a script and some dhcpd-scripting for
DDNS.

Providing that the clients use the standard mangling to get an ipv6
address from the prefix and MAC address, then this works.  If they're
using the privacy extensions, then I'm assuming they don't want a DNS
entry anyway :-)

Like this:

In /etc/dchp/dhcpd.conf:

on commit {
   if (not static) {
        set new-ddns-fwd-name = pick-first-value(ddns-hostname, host-decl-name);
        if (exists host-name and option host-name ~~ "^[a-z0-9.-]+$") {
                set new-ddns-fwd-name = option host-name;
        } elsif (exists dhcp-client-identifier and option dhcp-client-identifier
 ~~ "^[a-z0-9.-]+$") {
                set new-ddns-fwd-name = substring(option dhcp-client-identifier,
 1, 50);
        } elsif (new-ddns-fwd-name = "") {
                set new-ddns-fwd-name = binary-to-ascii (16, 8, "-",
                                 substring (hardware, 1, 6));
        }
        set ddns-hostname = new-ddns-fwd-name;
        execute ("/usr/local/bin/ddns-ipv6", ddns-hostname, ucase(
                binary-to-ascii(16, 8, ":", substring(hardware, 1, 6))),
                binary-to-ascii(10, 8, ".", leased-address));
        unset new-ddns-fwd-name;
        on expiry or release {
                execute ("/usr/local/bin/ddns-ipv6", "-d",  ddns-hostname);
        }
   }
}


And /usr/local/bin/ddns-ipv6 looks like this:

---------
#!/bin/sh
#
# Add or delete an IPv6 address record via DDNS

#
# Adjust these for your network.
PFX="2001:DB8:1000:200"
DOMAIN=my.domain.org.au.
KEYFILE=/etc/bind/Kwww.my.domain.org.au.+157+51932.private
TTL=7200

# DEBUG
#exec 2>> /tmp/ddns-ipv6-log >&2
#set -x
#echo >&2 "$@"

(


# May need /usr/local/[s]bin here too.
# But don't rely on the PATH handed in, because we may be 
# run by a privileged user
PATH=/sbin:/usr/sbin:/bin:/usr/bin
export PATH


# 
# arg 1: ipv4 address (in case there are different networks with
# different prefices)
getprefix()
{
            echo $PFX
}

# Function to get auto-allocated EUI-64 address from MAC address
# Args: 1-- prefix
#       2 -- hostname
#       3 -- MAC address
ipv6addr()
{
        tail=`ipv6calc --action geneui64 --in mac $3 --out eui64`
        echo $1:$tail
}

Usage()
{
        echo >&2 "Usage: `basename $0` -d name"
        echo >&2 "       `basename $0` name mac ipv4addr"
        exit 1
}

case "$1" in
-d)
        DELETE=1;
        shift
        ;;
-*)
        Usage
        ;;
*)
        ;;
esac


if [ "$DELETE" ]
then
        if [ $# -ne 1 ] ; then
           Usage
        fi
        IPADDR=`host -t aaaa "$1" | sed -n s'/.*address \(.*\)$/\1/p'`
        [ "$IPADDR" ] || exit 1
        PTR=`ipv6calc --in ipv6addr --out revnibbles.arpa "$IPADDR"`
        nsupdate -k "$KEYFILE" <<-!
                 server localhost
                 update delete $1.$DOMAIN IN AAAA $IPADDR
                 send
                 update delete $PTR IN CNAME $1.$DOMAIN
                 send
!
else
        if [ $# -ne 3 ]; then
                Usage
        fi
        PFX=`getprefix $3`
        IPADDR=`ipv6addr $PFX $1 $2`
        # Windows machines (and some Linux machines) do anonymisation
        # so have a different ipv6 address.  so check if the one
        # we calculated is responding to pings.
        if [ "$IPADDR " ] && ping6 -c 1 $IPADDR > /dev/null 2>&1
        then
                PTR=`ipv6calc --in ipv6addr --out revnibbles.arpa "$IPADDR"`
                : $1.$DOMAIN '<->' $IPADDR
                nsupdate -k "$KEYFILE" <<-!
                        server localhost
                        update add $1.$DOMAIN $TTL IN AAAA $IPADDR
                        send
                        update add $PTR $TTL IN PTR $1.$DOMAIN
                        send
!
        fi
fi
) &
exit 0