Dnsmasq and IPv6

Started by KalleDK, February 09, 2026, 12:07:14 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
February 09, 2026, 12:07:14 PM Last Edit: February 10, 2026, 08:08:31 AM by KalleDK
### TLDR ###

Clients can reach dnsmasq on all ipv4 addresses
Clients can only reach dnsmasq on it's uplink ipv6 address

####

I rule only dnsmasq and have dualstack ipv4 and ipv6.

If I have two interfaces

NET1
192.168.1.1/24
2000:1234:1::1/64

NET2
192.168.2.1/24
2000:1234:2::1/64


Then I experience following on a client on NET1

Works
nslookup ifconfig.co 192.168.1.1
nslookup ifconfig.co 2000:1234:1::1
nslookup ifconfig.co 192.168.2.1

Doesn't work
nslookup ifconfig.co 2000:1234:2::1

The same is happening the other way round if I do it from NET2

I can't see any firewall rules that should block it
February 09, 2026, 01:28:10 PM #1
2000::1:1/64 and 2000::2:1/64 is the same network - 2000::/64. You shouldn't have the same network on two interfaces.

Cheers
Maurice
OPNsense virtual machine images
OPNsense aarch64 firmware repository

Commercial support & engineering available. PM for details (en / de).
February 10, 2026, 08:07:44 AM #2
Quote from: Maurice on February 09, 2026, 01:28:10 PM2000::1:1/64 and 2000::2:1/64 is the same network - 2000::/64. You shouldn't have the same network on two interfaces.

Cheers
Maurice

Sorry masked the ip's wrong in the example - have updated some more real
Print
Go Up Pages1
User actions