IPv6 DNS issues in 23.1.8?

Started by Zoltrix, May 28, 2023, 05:42:47 AM

Previous topic - Next topic
Print
Go Down Pages 1 2 3
User actions
June 01, 2023, 08:20:12 PM #30
Quote from: Cyberturtle on June 01, 2023, 04:38:57 PM
Do you have any multicast enhancement or IGMP snooping enabled? With recent iOS changes this can lead into issues with UniFi as well. I have turned off any enhancements. Only plain WiFi for private and guest.
Just an idea.

@Cyberturtle, thank you, I had also the problem that IPv6 was not working. The fallback to IPv4 worked in my case.
I am using also UniFi APs (U6 Pro). In my case the MAC address from the OPNsense NIC I am now using was missing in the setting of the Multicast and Broadcast Control Exceptions list.

Quote from: sbellon on June 01, 2023, 07:42:04 PM
My explanation cannot be the reason because with

root@opnsense:~ # ps auwx | grep dnsmasq

I do see the Virtual IP on the LAN interface listed on the command line as --listen-address=fd01:... perhaps iOS just does not like that ...

Im using a ULA for my DNS server (Adguard Home) and it works with iOS now again. And it used to work till I reworked my OPNsense and changed the NICs.

KH
June 01, 2023, 09:28:10 PM #31 Last Edit: June 01, 2023, 09:30:31 PM by Cyberturtle
Quote from: sbellon on June 01, 2023, 06:17:38 PM
Ok, what I actually did to (hopefully) fix it:

I had previously entered the ULA IPv6 of the OPNsense that I have configured via Virtual IP in the DHCPv6 DNS servers to hand out.

Now I removed that setting and left "DNS servers" in the DHCPv6 configuration empty, thinking that then *no* IPv6 DNS server will be handed out, but instead the global IPv6 from WAN interface tracking is handed out via DHCPv6 to the clients.

But this works!

So, my assumption for now: Dnsmasq did not listen on the Virtual IP. In Dnsmasq settings I have only two of my network interfaces selected, but there is no way to additionally selecting the Virtual IP.

Entering no address uses always the interface address as far as I know. Apple devices uses link-local addresses for router and the prefix ones for DNS. Background was many years ago the problem of AdvRDNSS advertisements. Sometimes they are getting lost and than either the IPv4 address for DNS is used or the IPv6 router address for getting info for DNS resolution. Don't know if it is still like this. Nevertheless it's nice that it is working now on your side.
June 01, 2023, 09:33:16 PM #32
Quote from: KHE on June 01, 2023, 08:20:12 PM
@Cyberturtle, thank you, I had also the problem that IPv6 was not working. The fallback to IPv4 worked in my case.
I am using also UniFi APs (U6 Pro). In my case the MAC address from the OPNsense NIC I am now using was missing in the setting of the Multicast and Broadcast Control Exceptions list.
KH

Nice that it is working now. You're welcome  :)
Print
Go Up Pages 1 2 3
User actions