-
Notifications
You must be signed in to change notification settings - Fork 1.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add AAAA records to MagicDNS #1152
Comments
In the meantime is there a convenient way to get the IPv6 address of a peer? It's not listed in |
@tavianator, you could do something like:
|
Thanks! I didn't notice the IPv6 addresses were related to the v4 ones, that makes it easy. Are the v4 addresses unique across all of Tailscale? |
Currently, yes, but I wouldn't rely on that long term. |
Not addressed yet in 1.8.
|
Would adding AAAA records only for ephemeral nodes be a feasible intermediate step? Since they only have an ipv6 address, they don't resolve to anything with Magic DNS currently. |
Only supporting ephemeral doesn't really simplify things, but there is a way to resolve hostnames to IPv6 Tailnet addresses: |
Looks like 7fe6ecf did this |
And 22a1a5d for Tailscale 1.16.0 did it more: if a node only has an IPv6 address (as a ephemeral node will), then it note always adds AAAA records for the peers. |
Seeing reports of this in the support queue. HS1735 |
I think the next step is to begin returning both A and AAAA records to MagicDNS queries. |
@danderson recently added some host IPv6 probing in c1cb3ef. If we wanted, we could only conditionally provide AAAA records in MagicDNS if it looks like the host would support it. |
I agree that in 1.30 we'll have better information about whether to include AAAA records in the DNS response. I'd propose to remove this from the blocking list for turning MagicDNS on for new tailnets. I don't think it breaks things for users, it would just be nice to let them use IPv6 in more cases. We handle Tailnets which have set For example I just set "DisableIPv4": true on a personal tailnet, and MagicDNS now returns AAAA records for all hosts:
|
Follow-up with Dave, the outstanding bug / use case to confirm doesn't exist or needs to be resolved is sending the wrong records when a user disables IPv4 and also has a machine where IPv6 is broken/not working. Potentially a unique enough configuration that hopefully no one will hit. Thus, not considered a blocker to set as default but needs to be address prior to Beta. |
Sounds like a combination of user config & bug
Works for me. |
I wonder when will this be rolled out to users? I mean, there's already probing code available, so what's the reason for not turning it on in dualstack networks? |
Because it isn't finished. The probing code which exists isn't in a state just waiting to be turned on. |
It looks like there's no working code presently; which at this point in the whole v6 lifecycle is amazingly sad. I just setup a R.Pi with v4 only (which is 100% against my religion). It's connected via Tailscale and I get the following (thanks @bradfitz for the
There should not be a value in
I would strongly recommend that this be a priority within Tailscale such that folks using the service on hosts have the correct DNS and/or IP connectivity going forward.
I know Tailscale wasn't around for World IPv6 Day; but to be honest, anything written past that date (June 2011) should be v6 native. Thanks for listening to my soapbox; happy to help beta any of this! |
I guess for the time being, on some platforms, we can update /etc/hosts with the output from tailscale status -json | jq -r '.Self,.Peer[] | .TailscaleIPs[1] + "\t" + .HostName + " " + .HostName + ".xxxxxxx-yyyyyyy.ts.net"' |
This comment was marked as off-topic.
This comment was marked as off-topic.
This adds the peer capability PeerCapabilityOSIPv6, which indicates that a given peer supports IPv6 at the OS level (as sent by the control server) and can thus be communicated with over IPv6. For peers with this capability, we can thus return AAAA addresses from MagicDNS. Updates #1152 Signed-off-by: Andrew Dunham <andrew@du.nham.ca> Change-Id: I0d1374c6e47592807f886749fb509a01e1ceb855
This adds the peer capability PeerCapabilityOSIPv6, which indicates that a given peer supports IPv6 at the OS level (as sent by the control server) and can thus be communicated with over IPv6. For peers with this capability, we can thus return AAAA addresses from MagicDNS. Updates #1152 Signed-off-by: Andrew Dunham <andrew@du.nham.ca> Change-Id: I0d1374c6e47592807f886749fb509a01e1ceb855
This adds the peer capability PeerCapabilityOSIPv6, which indicates that a given peer supports IPv6 at the OS level (as sent by the control server) and can thus be communicated with over IPv6. For peers with this capability, we can thus return AAAA addresses from MagicDNS. Updates #1152 Signed-off-by: Andrew Dunham <andrew@du.nham.ca> Change-Id: I0d1374c6e47592807f886749fb509a01e1ceb855
This popped up in another ticket (33240) from a customer today. |
Updates #1152 Signed-off-by: Jordan Whited <jordan@tailscale.com>
This is the equivalent of quad-100, but for IPv6. This is technically already contained in the Tailscale IPv6 ULA prefix, but that is only installed when remote peers are visible via control with contained addrs. The service addr should always be reachable. Updates #1152 Signed-off-by: Jordan Whited <jordan@tailscale.com>
This is the equivalent of quad-100, but for IPv6. This is technically already contained in the Tailscale IPv6 ULA prefix, but that is only installed when remote peers are visible via control with contained addrs. The service addr should always be reachable. Updates #1152 Signed-off-by: Jordan Whited <jordan@tailscale.com>
Part of #19.
Once we can configure IPv6 on the overlay network, MagicDNS should have AAAA records for nodes. There is one minor complication, which is that we should not generate AAAA records for nodes that cannot configure IPv6 (due to lack of OS support), because that'll rely on Happy Eyeballs to make stuff work, and that'll suck.
For that, each node needs to report in its HostInfo whether local v6 configuration is feasible, so that control has enough information to generate MagicDNS entries that match the host's actual capabilities.
The switch shouldn't influence whether we send v6 config to nodes, since we do still want Tailscale itself to be aware of v6 traffic for default route stuff. It should only influence the generation of MagicDNS records.
Not a blocker for base IPv6 support and default routing, but is a blocker for enabling AAAA records in MagicDNS.
The text was updated successfully, but these errors were encountered: