Arch Linux

dnsmasq 2.70-1

The Arch dnsmasq.service file has

ExecStart=/usr/bin/dnsmasq -k --enable-dbus --user=dnsmasq --pid-file

which runs dnsmasq as user "dnsmasq". This can be a problem when using dnsmasq to provide IPv6 Server services at the LAN interface.

The WIDE-DHCPv6 "dhcp6c" client has perhaps a minor bug, attaching to LAN network interface even though only the WAN interface has been configured on the command line. With dnsmasq running after dhcp6c has configured the LAN interface - dhcp6c finding the delegated prefix, for instance - dnsmasq must be able to bind to the LAN interface, to provide DHCPv6 and RA services, but cannot, if it is running as user "dnsmasq". A simple solution is to remove "--user=dnsmasq" from the ExecStart command line, and let it run as user root.

This is important because consumer IPv6 has become a commodity product from many cable ISPs, and WIDE-DHCPv6 dhcp6c is one of the few - or the only - "featureful" DHCPv6 Clients that _actually_works_. "Featureful" in that it performs both Non-temporary Address requests and Prefix Delegation requests _and_ allows a Prefix Delegation Length/"hint" in the request, _and_ automatically configures a specified LAN interface with a configurable Site-Level Aggregation Identifier _and_ Interface Identifier _and_ supports router authentication, when needed.


James