OPNsense insists that DHCPv6 server is active when I've got it disabled

[nray]

I have been a long-time pfSense user and just migrated my home setup to OPNsense 25.7-amd64. A while back I had stopped using the pfSense DHCP and DNS servers and set up Technitium on my network, so I had no plans to use any of the DNS or DHCP features in OPNsense. I set up OPNsense and everything seemed to be going well until I tried to do DNS lookups of my LAN systems from my LAN, and they didn't look up. I checked a client DHCP lease and it had an IPv6 entry for a DNS server which I had never seen in my pfSense setup (see attached). When the OPNsense setup asked about configuring a DHCP or DNS server I had said no, and when I set up Technitium everything in that is IPv4, so this is very perplexing.

I went through all the OPNsense DHCP and DNS server settings, and I did find that that ISC DHCPv6 was set to "Enable DHCPv6 on LAN interface", which I had not configured during setup and don't remember it asking to enable that at any point. So I unchecked it, hit save, and then renewed a client DHCP lease. No change. So then I went to the LAN interface configuration in OPNsense, and tried to change the IPv6 Configuration type from "Track Interface" to "None", but that throws this error:

The following input errors were detected:
The DHCPv6 Server is active on this interface and it can be used only with a static IPv6 configuration. Please disable the DHCPv6 Server service on this interface first, then change the interface configuration.

I have verified that there is no DHCPv6 Server service active on this interface in the GUI, so now I am very confused. I went through all the settings, double-checked, and rebooted OPNsense, but I can't change the LAN IPv6 Configuration Type to "None", same error every time. For now I have resorted to changing the WAN IPv6 Configuration Type to "None", which finally cleared the IPv6 DNS server from my clients.

Even with the WAN IPv6 Configuration Type to "None", and no DHCPv6 server enabled anywhere in the GUI, I still cannot get the LAN IPv6 Configuration Type moved off of "Track Interface".

Are these bugs in OPNsense? What is the proper way to get things set up?

[jcr]

Hi,

I have exactly the same problem
My computers have opnsense as prefered dns 😕

Serveurs DNS. . .  . . . . . . . . . . : 2001:861:4080:bff3:215:5dff:fe96:a36
                                       192.168.100.1
                                       8.8.8.8

So, no resolution of my lan server.
my lan have a dns and a dhcp server configured juste with ipv4 (active directory domain)
All dhcp and dns are disable on my opnsense

I desactived ISC DHCPv6 lan and all work fine

[nray]

What is the best way for me to gather information regarding the true state of the DHCPv6 server so I can file a bug report?

[OPNenthu]

I think either DHCPv6 and/or IPv6 RAs are advertising the DNS server to your clients.

Do you intend to use IPv6?

If no, then disable IPv6 from all your interfaces.  Start with the LAN-side interfaces and disable it on WAN last.

Also go trough all of the available DHCP services in OPNsense (ISC, Dnsmasq, Kea) and make sure that DHCPv6 is not active on any of them and that no IPv6 ranges are defined in Dnsmasq.  Also disable the RA services from Dnsmasq (General->DHCP->Router Advertisements) and make sure that the default Router Advertisement service (outside of Dnsmasq, under Services->Router Advertisements) is not enabled.  If you don't see the Router Advertisements service listed in the menu that means it's not being used.  There's also an "Allow IPv6" setting under Interfaces->Settings, but I don't think that's needed and should probably stay checked except for special circumstances.

In case the IPv6 configuration is coming via RAs then DHCP release/renew will not clear it.  You'll need to reset your host's network connection.

If yes, then check out @meyergru's guide: https://forum.opnsense.org/index.php?topic=45822.0

You can specify your own DNS server in the IPv6 RAs using RDNSS in this case.