Hi, It is the first attempt to use IPv6 on Debian 12 for a PowerDNS server. I got a IPv6 address from my hosting provider as well as a static IPv4 address. They configure this on DHCP, which I don't like, so I want to properly assign it as static in the interfaces config. The question are: - is this the correct way to do it? - I did not assign a gateway to it as I suppose my IPv4 address is the primary address. Or should I? This is how my config looks like: Code: # This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). source /etc/network/interfaces.d/* # The loopback network interface auto lo iface lo inet loopback # The primary network interface allow-hotplug ens6 iface ens6 inet static address xxx.xxx.xxx.93/32 gateway xxx.xxx.xxx.1 # dns-* options are implemented by the resolvconf package, if installed dns-nameservers xxx.xxx.xxx.16 xxx.xxx.xxx.17 dns-search **********.net iface ens6 inet6 static address ****:****:***:6600::1/128 dns-nameservers ****:****:****:53:72ec::1 ****:****:****:53:72ec::2 dns-search **********.net
I think DHCP assigned IPV6 is not necessarily a pure static IPV6 that you should not assign it in your system because it may be changed and other system may be assigned with it. When that happened, your connection via that IPV6 may not work anymore. You should check whether that is the pure / real static ipv6 or otherwise one assigned by DHCP which is dynamic in nature.
This is indeed static setting: Code: iface ens6 inet6 static But does your hosting provider also say that IPv6 address does not change and is permanently assigned to you ?
The question is not about static or dhcp. It is more on how to assign it properly with also a IPv4 address on the same NIC. Is setting the gateway for the IPv6 a good idea or not when a IPv4 address is assigned with a gateway already.
If you actually use IPv6, you need to set up routing for the IPv6 interface. If only gateway set up is for the IPv4 interface, that gets all the traffic. You may need to read about multi homed hosts, multihoming and routing when both IPv6 and IPv4 are used.
Yes, I think it is a good idea if your IPV6 is static (or can be made static i.e. if you control the router to your system server). My first answer was due to you opening statement which made me to understand that it is your hosting provider who assigned this via their router DHCP, so I am not sure you can do anything about it, except to ask them to make this IPV6 fixed for you and not via DHCP. If they said, it is fixed / static for your system server, then you are good to proceed. By the way, I am using netplan in my ISPConfig Ubuntu server and my IPV6 setup was shared in here long time ago. I do not use the old network connection similar to yours /etc/network/interfaces anymore as Ubuntu migrated to netplan long time ago too but you can check it out if that post of mine is useful for your case: So, it is just in the /etc/hosts and /etc/netplan/your-config.yaml file if one is using netplan, or in your case /etc/hosts and /etc/network/interfaces. That is basically how we managed our ISPConfig server with IPV4 and IPV6. I agree with this. Reading more will help you a lot.
Usually when a hosting provider says that the addresses are configured via DHCP this dosen't mean that the addresses change but rather that the DHCP Server provides the correct configuration with an address that never changes via MAC address matching so you don't have to change any network config on your VPS and may make it unreachable in case of an error. Speaking in the context of VPS/vServer/etc.. For an Home Internet Connection this is usually completly different and depends heavily on the type of technology that is in use
This is exactly what it is. But it is also common practice to not run IPs on DHCP for server applications. Even if this strictly spoken doesn't make any difference in this case. Still I am not sure that the question is really understood. When you look at the settings on DHCP, as the hosting company assigns it, there is a gateway assigned to the IPv6 and IPv4 the address block: Code: root@Test:/etc# ip -4 route show default default via xxx.xxx.xxx.1 dev ens6 proto dhcp src xxx.xxx.xxx.93 metric 100 Code: root@Test:/etc# ip -6 route show default default via fe80::1 dev ens6 proto ra metric 100 expires 1708sec pref medium So I could add the gateway, fe80::1, in the IPv6 block like this: Code: # This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). source /etc/network/interfaces.d/* # The loopback network interface auto lo iface lo inet loopback # The primary network interface allow-hotplug ens6 iface ens6 inet static address xxx.xxx.xxx.93/32 gateway xxx.xxx.xxx.1 # dns-* options are implemented by the resolvconf package, if installed dns-nameservers xxx.xxx.xxx.16 xxx.xxx.xxx.17 dns-search **********.net iface ens6 inet6 static address ****:****:***:6600::1/128 gateway fe80::1 dns-nameservers ****:****:****:53:72ec::1 ****:****:****:53:72ec::2 dns-search **********.net Only, is it a smart idea to have two default routes for IPv4 and IPv6? I -think- there should be no problem at all. But it is more to have some certainty as it is the first time I do use IPv6. It is also not because a hosting company does something that it is always correct. IPv6 remains for many a grey zone, as it appears.
If DHCP provides a working network configuration, why not use it? There is no rule that says servers can not get network settings from DHCP. If you have a lot of hosts to maintain, it would be foolish not to use DHCP. DHCP server itself is better to have network configuration set in the interface files or netplan. I like to manually configure routers also, just to avoid big confusion if routers change settings suddenly.
Dynamic Host Configuration Protocol (DHCP) is a client/server protocol that automatically provides an Internet Protocol (IP) host with its IP address and other related configuration information such as the subnet mask and default gateway. From: https://learn.microsoft.com/en-us/windows-server/networking/technologies/dhcp/dhcp-top I read almost everywhere, DHCP is dynamically assigned IP, so it could not in my mind means static IP at all. But as I said, if they confirmed it as fixed, you may proceed if you want to. No big deal.
In case we are talking about Hetzner you should follow there official docs at https://docs.hetzner.com/cloud/servers/static-configuration Anyways if we're not talking about them, it doesn't matter if you set the gateway for the IPv6, as the default router should be fe80::1 which is your server itself. The default routes for ipv4 and ipv6 dont't interfere with each other
It's called Static Mapping see here: https://docs.netgate.com/pfsense/en/latest/services/dhcp/ipv4.html#static-mappings
It is unfortunate the word dynamic appears in DHCP. It is by no means only dynamic setting, admin can look up MAC addresses of hosts and assign an IP and other network settings to that MAC address, so that host always gets the same settings (unless network card is replaced, and admin is not told about the new MAC. On some servers the MAC of the embedded network interface can be changed to whatever, this is useful if it has to be replaced).
It is not Hetzner, but the configuration looks similar. Thank you for sharing this link. It actually gives reassurance that it is common practice. I will go with it like that. For those interested in the fe80::1 explanation: https://blogs.infoblox.com/ipv6-coe/fe80-1-is-a-perfectly-valid-ipv6-default-gateway-address/
There are pro's and con's to this. I am against using DHCP for servers. Reasons? Some service require and check for fixed IPs. AD is common, some databases, ... If your DHCP server goes down you have an issue after the lease expires, suddenly this one issue with DHCP becomes a major one impacting all services. Do you really want to put this in the hands of a third party? I am not. More likely to man in the middle attacks, spoofing. What if the hoster makes an error and you suddenly get another IP assigned? Good luck getting your IP back if it is assigned to another of their servers. ... So -for me- there are more con's than pro's. But this was not the actual question, but happy to explain why I don't use it, and why I think you should not use it as well.
I run two DHCP servers, set up as failover peers. Hoster can make same mistake even if no DHCP is used, so it is no better.
Keep it simple and stupid. DHCP is just another point of failure. For the hosting company it is just easy to do it like that. Else they would have to adapt their installation scripts to set it manually, keep a register, ... That is the only reason they do so. As mentioned. There are pro's and con's. Good for you if this works with DHCP.