Static IPv6 Hostnames on Ubiquiti USG

Yet another update for how I keep updating Ubiquiti to work with IPv6. In this case, I want to update my hosts so that they will use IPv6 locally when using their domain names. Even though my authoritative DNS server has the AAAA records setup correctly, because I had updated Ubiquiti to use the local IP on the USG, it would not return values for my servers. Here’s how I fixed that issue, in a not great way. I’m currently on controller version 5.10.19.

Let’s assume the following:

  • Domain: somelab.us
  • Host: someserver
  • IPv4: 192.168.1.15
  • IPv6 (Fake): 2606:1101:6412:fd00:223b:4911:2314:7843

The first thing to do is make sure that dnsmasq is turned on as the DHCP server. This can be found in “Settings” -> “Services” -> DHCP. Just make sure “Use dnsmasq as DHCP server” is turned on.

Well, to make the changes, and make sure they stick, we’re going to be making changes to the json file, which for me is located at /var/lib/unifi/sites/default/config.gateway.json. At this point, we are going to add a “service” -> “dns” -> “forwarding” -> “options” section, by adding the host-record section. Here is the man page for dnsmaqs:

–host-record=<name>[,<name>….],[<IPv4-address>],[<IPv6-address>][,<TTL>]
Add A, AAAA and PTR records to the DNS. This adds one or more names to the DNS with associated IPv4 (A) and IPv6 (AAAA) records. A name may appear in more than one –host-record and therefore be assigned more than one address. Only the first address creates a PTR record linking the address to the name. This is the same rule as is used reading hosts-files. –host-record options are considered to be read before host-files, so a name appearing there inhibits PTR-record creation if it appears in hosts-file also. Unlike hosts-files, names are not expanded, even when –expand-hosts is in effect. Short and long names may appear in the same –host-record, eg. –host-record=laptop,laptop.thekelleys.org,192.168.0.1,1234::100

So, we can just take that and put it in the options field as “host-record=<FQDN>, <ipv4 address>, <ipv6 address>”. An example is below:

 {
        "service":{
                "dns":{
                        "forwarding":{
                                "options":[
                                        "host-record=someserver.somelab.us,192.168.1.15,2606:1101:6412:fd00:223b:4911:2314:7843"
                                ]
                        }
                }
        }
}

Once that is done, we now need to push the provisioning to the device. Go to the “Devices” section, click the device, click the config cog, click on “MANAGE DEVICE”, and then click on “Provision” under the “Force provision” heading. Now, everything should work.

I should warn you, if you are in the situation like me, where the IPv6 prefix is not static and could possibly change. If it ever does change, you will have to go through this file again and fix the ipv6 records, as they will continue to point to the old IPs, regardless of what the authoritative DNS server has.

References

  1. While I don’t need it for ipv6, I was looking for similar for ipv4. I use the config.gateway.json with records for a lot of my static assignments.

    I was looking at dnsmasq, and interested that you’re still using the config.gateway. With that use dnsmasq option, is it not possible to use /etc/dnsmasq.d/mydns.conf for all of your host entries?

    • It might work. I’ve been using this setup for a number of years, so I’ve never looked for a different way to do it since it has always worked correctly.

Leave a Comment


NOTE - You can use these HTML tags and attributes:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>