Need to stop opnsense from advertising itself for dns (IPv6)

[apocalypticgoat]

Hi all,

So, I'm trying to get all devices to use pihole for dns. IPv4 is working perfectly. IPv6 not so much. I have input piholes ipv6 address into the DHCPv6 service page and while it is served, opnsense still includes its own IP address.

My assumption is that by supplying an address in DHCPv6, opnsense should not be advertising its own.

I've seen where people have suggested using Router advertainments as a work around (in my case set it to managed and supply the dns address there) and while that may work here...I'd really like to understand why DHCPv6 isn't behaving as expected.

Lastly, unbound is running on opnsense as pihole uses it as its upstream provider so blocking ports/disabling it is not an option.

DNS flow should look like this:

Device -> PiHole -> Opnsense -> Public DNS

But because Opnsense is providing its address for dns, pihole can get bypassed.

[meyergru]

Even if it is like you say: Why don't you use pihole as an upstream DNS server for your OpnSense? That way both IPv4 and IPv6 DNS is centrally managed. You can switch easily, wheras over DHCP, you have to wait until the client does a prolongation.

So, the flow would be like God intended ;-) :

Device -> OpnSense -> PiHole -> Public DNS