OPNsense Forum
Archive => 20.1 Legacy Series => Topic started by: donatom3 on March 24, 2020, 12:02:50 am
-
So I think I found out why unbound eventually starts refusing my lookup requests over IPV6.
When it stops working and I do an nslookup from Windows I get a "query refused" immediately.
It seems to happen anytime my IPV6 address from my ISP changes. Restarting Unbound fixes the issue immediately since Unbound reloads all the current internal network address ranges.
Is it possible to get an unbound reload to kick off whenever DHCP6 has to change addresses on my WAN port thus changing them on all my internal networks?
If not as long as I don't open my dns up on firewall can I just add 2605:e000::/32 to my allow list since that's Charter's prefix and my internal networks should always fall under those networks. As far as I understand this would allow anyone on charter to use my dns but as long as I never open it up in firewall they still can't use my dns server.
I should mention when this happens dns over ipv4 still works, but I believe part of the problems I've been having lately with slow lookups have been the pc or browser taking it's time to failover from ipv6 to ipv4.