[DNS] Fail to resolve ipv6 domain

OS: OpenWrt R22.4.1
Openwrt is as a secondary router and the primary router run the IPV6 SLAAC server mode with other configuration flag is set.

The lan of OpenWrt linked with primary router obtain the IPv6 address successfully and my OpenWrt is actually workable with remote IPv6 Address (use curl "http://[xxx:xxx]") but I find DNS resolve fail.

config interface 'lan'
	option ifname 'eth0'
	option proto 'static'
	option netmask '255.255.255.0'
	option delegate '0'
	option ipaddr '192.168.1.251'
	option gateway '192.168.1.1'
	option dns '192.168.1.1'
	option ip6assign '64'
	option force_link '0'

config interface 'LANv6'
	option proto 'dhcpv6'
	option ifname 'eth0'
	option reqaddress 'none'
	option reqprefix 'no'

After dig a while, I'm pretty sure odhcp6c works well( it successfully receive dns address from my primary router by information request ) and call a function at /lib/netifd/netifd-proto.sh

ubus $options call network.interface notify_proto "$(json_dump)"

the content of json_dump is

{ "action": 0, "link-up": true, "data": { "passthru": "00170010fe800000000000000000000000000001" }, "keep": false, "ip6addr": [ { "ipaddr": "2408:xxx:ccc4", "mask": "64", "preferred": 172800, "valid": 259200, "offlink": true } ], "routes6": [ { "target": "::", "netmask": "0", "gateway": "fe80::2a56:3aff:fe5a:93d0", "metric": 640, "valid": 45, "source": "2408:xxx:ccc4\/64" }, { "target": "2408:xxx::", "netmask": "64", "metric": 256, "valid": 259200 }, { "target": "2408:xxx::", "netmask": "64", "gateway": "fe80::2a56:3aff:fe5a:93d0", "metric": 384, "valid": 259200 } ], "dns": [ "fe80::1" ], "interface": "LANv6" }

which 2408:xxx:ccc4 is my lan address and fe80::1 is from the response of primary router.

Internet Protocol Version 6, Src: fe80::1, Dst: fe80::xxx:ccc4
User Datagram Protocol, Src Port: 36930, Dst Port: 546
DHCPv6
    Message type: Reply (7)
    Transaction ID: 0x34a540
    .......
    DNS recursive name server
        Option: DNS recursive name server (23)
        Length: 16
         1 DNS server address: fe80::1

Here, I think every thing should be ok but when I try resolve an ipv6 domain, it failed.

root@OpenWrt:/home# curl -6 6.ipw.cn
curl: (6) Could not resolve host: 6.ipw.cn

and tcpdump shows the DNS request is

Domain Name System (query)
    Transaction ID: 0xf9c3
    Flags: 0x0100 Standard query
        0... .... .... .... = Response: Message is a query
        .000 0... .... .... = Opcode: Standard query (0)
        .... ..0. .... .... = Truncated: Message is not truncated
        .... ...1 .... .... = Recursion desired: Do query recursively
        .... .... .0.. .... = Z: reserved (0)
        .... .... ...0 .... = Non-authenticated data: Unacceptable
    Questions: 1
    Answer RRs: 0
    Authority RRs: 0
    Additional RRs: 0
    Queries
        6.ipw.cn: type A, class IN
            Name: 6.ipw.cn
            [Name Length: 8]
            [Label Count: 3]
            Type: A (Host Address) (1)
            Class: IN (0x0001)
    [Response In: 172]

Openwrt send DNS request to both 192.168.1.1 and fe80::1 whose request type are all A not AAAA.
Is that expected?

thre DNS response is

Domain Name System (response)
    Transaction ID: 0xf9c3
    Flags: 0x8180 Standard query response, No error
    Questions: 1
    Answer RRs: 0
    Authority RRs: 1
    Additional RRs: 0
    Queries
        6.ipw.cn: type A, class IN
            Name: 6.ipw.cn
            [Name Length: 8]
            [Label Count: 3]
            Type: A (Host Address) (1)
            Class: IN (0x0001)
    Authoritative nameservers
        ipw.cn: type SOA, class IN, mname ns3.dnsv2.com
            Name: ipw.cn
            Type: SOA (Start Of a zone of Authority) (6)
            Class: IN (0x0001)
            Time to live: 30 (30 seconds)
            Data length: 59
            Primary name server: ns3.dnsv2.com
            Responsible authority's mailbox: level3dnsadmin.dnspod.com
            Serial Number: 1659839113
            Refresh Interval: 3600 (1 hour)
            Retry Interval: 180 (3 minutes)
            Expire limit: 1209600 (14 days)
            Minimum TTL: 180 (3 minutes)

root@OpenWrt:/home# cat /etc/resolv.conf
search lan
nameserver 127.0.0.1
nameserver ::1

The DNS request is sent by dnsmasq , what should I do now ?

root@OpenWrt:/home# /usr/sbin/dnsmasq -v
Dnsmasq version 2.86

root@OpenWrt:/home# cat /var/etc/dnsmasq.conf.cfg01411c
...
resolv-file=/tmp/resolv.conf.d/resolv.conf.auto

root@OpenWrt:/home# cat /tmp/resolv.conf.d/resolv.conf.auto
# Interface LANv6
nameserver fe80::1%eth0
# Interface lan
nameserver 192.168.1.1

What is the output of ubus call system board ?

2 Likes

Where did you download that?

2 Likes

Solved. filter-aaaa was enabled by dnsmasq by default.

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.