Execute script on ipv6 prefix change

How can I execute a script or program whenever my (world-routeable) IPv6 prefix changes?

If there is (currently) no easy way to do this, a pointer to the corresponding Posix system calls would be totally okay for me. I could code some C myself then. But currently I'm a bit lost on this issue.

Background: My ISP (consumer contract) only gives me a world-routeable IPv6 prefix with a lifetime of about a day. There are some good reasons to do so (make network relocations possible) but my ISP (in contrast to my old one) does not simply re-assign my old prefix to me after its lifetime expired but gives me a completely new one. I now want to update some external DNS with my new prefix when that happens.

MBober

Posted 2014-11-20T08:11:07.467

Reputation: 131

How are you currently configuring IPv6? Maybe there is a useful hook there. – a CVn – 2014-11-20T11:59:25.913

Answers

You could sniff for SLAAC or DHCP6 packets to your MAC, for example, have iptables log particular bytes of SLAAC or DHCP6 to syslog and run a log watcher. There is no posix call to directly get local address, though workarounds exist. For linux, this netlink code should let you wait for an update message from the kernel and perform whatever necessary steps you need.

Andrew Domaszek

Posted 2014-11-20T08:11:07.467

Reputation: 491

Sniffing packets would require root privileges, right? I don't think that this should be necessary. The netlink code looks promising. I will give it a try. Thanks. – MBober – 2014-11-20T08:43:55.080

Yes, it does. In my example, iptables runs in the kernel (privileged) but syslog should be world-readable. I can't guarantee that particular netlink code does not require CAP_NET_ADMIN, as I haven't tried it, but it reasonably should not. – Andrew Domaszek – 2014-11-20T08:49:35.610

@MBober No, packet sniffing does not require root privileges. It does however require the CAP_NET_ADMIN capability, which root privileges grant you. capabilities(7).

– a CVn – 2014-11-20T08:50:54.160

here is my solution.... simple but works... just put this or something like this into /etc/cron.hourly:

#!/bin/bash
#


ADDRSTORE=/var/local/lib/dyndns/myoldipv6address

MYV6=`ip -6 address show scope global -deprecated | grep inet6 | cut -d/ -f1 | sed -e 's/ *inet6 //'`

MYOLDV6=`cat $ADDRSTORE`

if [ $MYV6 != $MYOLDV6 ]; then
  # do change-action here
  echo $MYV6 >$ADDRSTORE
fi

Wolfgang Tremmel

Posted 2014-11-20T08:11:07.467

Reputation: 1