Messages

I'll second this!

I've done quite a bit of testing, moving from Adguardhome to unbound and its BL's. Even using the same BL's with the URL's added to unbound make them identical, I'm still getting AD's coming through when using unbound, that I don't when using Adguardhome.
A restart of Opnsense also doesn't appear to make any difference, local client dns cache and browser cache clears as well as rebooted the client.

I'll give it a second go after the next upgrade

Thanks for the reply and info Franco

Hello Franco

Sorry to direct this to you, I know you're busy.

• Could you please tell me what the plan is for DHCP ISC?  
• I know it will be retired and become a plugin, but when will this happen?  
• Will we need to change any configurations to keep it running or will it continue as already implmented?

I know I should be moving off it, but after spending too many days implementing, configuring and troubleshooting it due to encountering problems with DHCPv6, I've given up.

Unless there are serious security risks, I'm going to keep using ISC, but I would like to know the plan moving forward with it.

thanks 

ok, thanks for all your patience with me Maurice, you've been a big help

sorry I don't mean to appear rude, but wasn't the point of migrating to dnsmasq to remove dependancy on ISC so it can be removed at the next major update?

thanks

Yip, they are configured exactly like that :-)

But then dnsmasq isn't assigning the ipv6 address is it?

that would mean I can't remove isc dhcpv6 or the router advertisement service as it's enabled when tracking is enabled.

So it would seem that dnsmasq is not able to completely replace ISC yet?

Unfortunately I'm not having any success with this.

Router Advertisements in general settings is enabled, although I didn't believe this was required if configured on each interface, when reading the help for the setting.
WAN interface IPv6 is set to DHCPv6
LAN Interface IPv6 configuration is set to none, so no entry available for ISC DHCPv6 or Router Advertisements.

Re the DNSMASQ RA configuration I've tried all the options and no IPv6 address is assigned to the client.

I'm starting to think that dnsmasq is incapable of assigning an ipv6 address to the clients.

Where am I going wrong?

Hi Maurice

Thanks for the help.

I'd like to remove all dependancies on the old ISC, so I've removed DHCP6 from the interface.  I'm now only left with the dnsmasq config.
I've tried the suggestions you've given me, but I don't get an IPv6 address on that interface anymore.

Just to clarify, I specifiy the same interface for the constructor?
And should the WAN interface still be set to DHCPv6 and if it changes what should I set it to SLAAC?  My ISP supports slaac and I currently get a /48 via DHCPv6.
thanks

thanks team the upgrade to OPNsense 25.7.7 went perfectly

[no IPv6 leases being registed in dnsmasq]

Right here is an update on the second migration attempt...

I have IPv4 working
IPv6 addresses are being assigned from the interfaces, which are set to track the wan. 
However, there are no IPv6 leases being registed in dnsmasq.  The only way I am able to get the leases registed is if I enter start and end IPv6 addresses, which adds an EXTRA IPv6 address to each device.

here are the settings on the DHCP range that I'm applying (can't seem to include an image for some reason?)

start address ::3000
end address ::4000
constructor - same as Interface
RA Mode slaac, ra-names
Domain Type - Interface

With the above configured, I get  the IPv6 address registed which looks something like this - xxxx:xxxx:c3ca:dd30::33cc

on the client I have the following now

DHCP Enabled. . . . . . . . . . . : Yes
  Autoconfiguration Enabled . . . . : Yes
  IPv6 Address. . . . . . . . . . . : xxxx:xxxx:c3ca:dd30::33cc(Preferred)        EXTRA IPv6 Address  ************
  Lease Obtained. . . . . . . . . . : Friday, 7 November 2025 11:28:33 AM
  Lease Expires . . . . . . . . . . : Friday, 7 November 2025 11:33:33 AM
  IPv6 Address. . . . . . . . . . . : xxxx:xxxx:c3ca:dd30:1a5d:5283:b231:d91a(Preferred)
  Link-local IPv6 Address . . . . . : xxxx::xxxx:xxxx:f53a:fe3d%3(Preferred)
  IPv4 Address. . . . . . . . . . . : 10.0.30.2(Preferred)
  Subnet Mask . . . . . . . . . . . : 255.255.255.0
  Lease Obtained. . . . . . . . . . : Friday, 7 November 2025 11:30:25 AM
  Lease Expires . . . . . . . . . . : Friday, 7 November 2025 11:35:24 AM
  Default Gateway . . . . . . . . . : xxxx::xxx:xxxx:fe01:82c6%3
                                      10.0.30.1
  DHCP Server . . . . . . . . . . . : 10.0.30.1
  DHCPv6 IAID . . . . . . . . . . . : 194570051
  DHCPv6 Client DUID. . . . . . . . :
  DNS Servers . . . . . . . . . . . : xxxx:xxxx:c3ca:dd30:2e2:59ff:fe01:82c6
                                      10.0.30.1
                                      xxxx:xxxx:c3ca:dd30:2e2:59ff:fe01:82c6
  NetBIOS over Tcpip. . . . . . . . : Enabled

Does anyone know how to resolve the IPv6 address registration issue and remove the extra address?

thanks

Thanks, I did follow this guide

I'll be interested to hear how your migration goes, specifically around the interface IPv6 settings (tracking vs dhcp vs slaac) and the dnsmasq IPv6 dhcp ranges and their RA modes. Also whether you were able to completely remove ISC and dependancy on the seperate Router Advertisement service, as it's built into dnsmasq.
If you'd be willing to share how you went it would really be appreciated.  After spending too many hours researching, implementing and testing I wasn't able to get IPv6 working without duplicate addresses being assigned and Testipv6 failing so just reverted.

thanks

In the end I've reverted to snapshot, I can't figure out the required IPv6 DHCP settings if not using ISC and RA.

Hopefully I can continue using ISC until I can get it working in a lab and then put into my system

Thanks, I think it's because I followed the instructions and used slaac,ra-names in dnsmasq.

Hi

Basically, if I'm using dnsmasq ipv6 RA modes to assign ipv6 addresses, do I need the setting enabled on the network interface to track the WAN and what should it be?

ATM each client is getting 2 ipv6 addresses, one seems to be from dnsmasq and the other appears be from the network interface

thanks