wvlad
September 14, 2022, 9:09am
1
Hi! I am bit rooky with OpenWrt and faced with some problem recently. I didn't know what exact happened with my router but now every device in my network is getting ipv6 DNS address first after router's one:
DNS Servers . . . . . . . . . . . : fd1a:15fe:496f::1
10.5.7.1
I have completely disabled IPv6 but problem still persists, how to get rid off it?
1 Like
frollic
September 14, 2022, 9:51am
2
where ?
on the openwrt device, or the clients ?
slh
September 14, 2022, 10:45am
3
…and just to state the obvious, there is nothing wrong with your router answering DNS queries via IPv6, even if your WAN connection is IPv4-only.
2 Likes
jow
September 14, 2022, 10:59am
4
The simplest way would be stopping and disabling the odhcpd
service. This way your router will not announce any IPv6 information via Router Advertisements or DHCPv6.
1 Like
wvlad
September 14, 2022, 1:12pm
6
Problem is that my router provides internal suffix for each hostname (option dhcp.@dnsmasq[0].domain = 'home.local'
), and if I try to reach some machine at router network via its DNS-name like laptop.home.local
- it tries IPv6 DNS which fails to resolve, however, when I manually specify exact Ipv4 address - it just works.
nslookup laptop.home.local # fails
nslookup laptop.home.local 10.5.7.1 # works
wvlad
September 14, 2022, 1:17pm
8
I've disabled it already, nevertheless, it still won't help:
Link-local IPv6 Address . . . . . : fe80::c1c8:a275:52c:fab8%6(Preferred)
IPv4 Address. . . . . . . . . . . : 10.5.7.22(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.5.7.1
DHCP Server . . . . . . . . . . . : 10.5.7.1
DHCPv6 IAID . . . . . . . . . . . : 129511861
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-2A-66-79-09-28-16-A8-4E-70-67
DNS Servers . . . . . . . . . . . : fd1a:15fe:496f::1
10.5.7.1
rao
September 14, 2022, 5:45pm
9
Can you post the contents of /etc/config/network and /etc/config/dhcp ? It's a little difficult to help without seeing your current configuration. You can redact any public ip and mac addresses before posting.
wvlad
September 14, 2022, 6:36pm
10
dhcp:
root@GL-AXT1800:~# cat /etc/config/dhcp
config dnsmasq
option domainneeded '1'
option localise_queries '1'
option expandhosts '1'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option localservice '1'
option ednspacket_max '1232'
option rebind_protection '0'
option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
option strictorder '1'
option allservers '1'
list server '/home.loc/5.7.1.1'
option domain 'moro.loc'
option local '/lan/'
config dhcp 'lan'
option interface 'lan'
option leasetime '12h'
option dhcpv4 'server'
option start '2'
option limit '248'
list ra_flags 'none'
option dhcpv6 'disabled'
option ra 'disabled'
config dhcp 'wan'
option interface 'wan'
option ignore '1'
list ra_flags 'none'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '4'
config dhcp 'guest'
option interface 'guest'
option start '100'
option limit '150'
option leasetime '12h'
option dhcpv6 'disabled'
option ra 'disabled'
config domain
option ip '10.5.7.1'
option name 'gl-inet'
network: (mocked some options due to security reasons)
root@GL-AXT1800:~# cat /etc/config/network
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
config device
option name 'br-lan'
option type 'bridge'
list ports 'eth1'
list ports 'eth2'
option multicast_to_unicast '0'
config device
option name 'eth1'
option macaddr 'xx:xx:xx:xx:xx:xx'
config device
option name 'eth2'
option macaddr 'xx:xx:xx:xx:xx:xx'
config interface 'lan'
option device 'br-lan'
option proto 'static'
option netmask '255.255.255.0'
option isolate '0'
option ipaddr '10.5.7.1'
option delegate '0'
option ipv6 '0'
config device
option name 'eth0'
option macaddr 'xx:xx:xx:xx:xx:xx'
config interface 'wan'
option device 'eth0'
option proto 'dhcp'
option ipv6 '0'
config interface 'wan6'
option device 'eth0'
option proto 'dhcpv6'
option disabled '1'
config switch
option name 'switch0'
option reset '0'
option enable_vlan '0'
config interface 'guest'
option force_link '1'
option type 'bridge'
option proto 'static'
option ipaddr '192.168.9.1'
option netmask '255.255.255.0'
option ip6assign '60'
option multicast_querier '0'
option igmp_snooping '0'
option isolate '0'
option bridge_empty '1'
config interface 'wwan'
option proto 'dhcp'
config rule 'policy_bypass_vpn'
option mark '0x60000/0x60000'
option lookup '53'
option priority '53'
config rule 'policy_via_vpn'
option mark '0x80000/0x80000'
option lookup '52'
option priority '52'
config rule 'policy_dns'
option mark '0x100000/0x100000'
option lookup '51'
option priority '51'
config interface 'wg2'
option proto 'wireguard'
option private_key 'xxxxx='
option peerdns '0'
list addresses '5.7.3.3/32'
option mtu '1380'
config wireguard_wg2
option description 'hm'
option endpoint_host 'test.example.com'
option route_allowed_ips '1'
list allowed_ips '5.7.1.0/24'
list allowed_ips '5.7.3.0/24'
option public_key 'yyyyy='
option endpoint_port '5382'
option persistent_keepalive '60'
config interface 'wgclient'
option proto 'wgclient'
option config 'peer_5238'
option disabled '1'
config device
option name 'wg2'
option multicast '1'
wvlad:
DNS Servers . . . . . . . . . . . : fd1a:15fe:496f::1
10.5.7.1
I have completely disabled IPv6 but problem still persists, how to get rid off it?
I work around the above problem, because my unbound server doesn't listen in the ipv6 interfaces, but I'm using a /64 relayed from my isp, using:
list dns ''
in the "config dhcp guest" section, I say workaround because with the above option, if you have enabled the syslog, now will be a message about incorrect dns option, but no dns server will be announced.
May be you can set your custom DNS using 6,10.5.7.1
, this is mine in LAN
Also you can disable the DHCPv6 by not bring up on boot (this is optional)
wvlad
September 16, 2022, 9:20am
13
Didn't help, still ipv6 DNS in a list, tried flushdns release, renew
wvlad
September 16, 2022, 10:47am
14
It seems that switching off toggle Use DNS servers advertised by peer
at WAN6 interface helped:
Screenshot
UPD. No, it does not. After reboot still the same Ipv6 DNS in a list...
trendy
September 16, 2022, 12:54pm
15
Network, Interfaces, Edit LAN, DHCP Server, IPv6 Settings, Disable RA and DHCPv6 services.
wvlad
September 16, 2022, 7:32pm
16
Already did, still no luck...(
trendy
September 16, 2022, 9:28pm
17
System, Startup, Stop and Disable odhcpd
wvlad
September 17, 2022, 7:08am
18
Yep, that was done too (via console command, however I tried do the same as you described via GUI)
Still no luck, my router keep assigning IPv6 addresses to a new hosts and advertising IPv6 DNS
jow
September 17, 2022, 8:16am
19
You mean IPv6 addresses other than fe80…?
wvlad
September 17, 2022, 8:37am
20
I finally got what was a problem: I had another OpenWRT router (at my virtual machines pool) which broadcasted that IPv6 stuff.
After reconfiguring it similarly - IPv6 DNS problem was gone. What helped me to identify that machine: I opened a browser with that IPv6 DNS address every machine got from my master router (to do so you must encapsulate it with brackets [], like http://[fd1a:15fe:496f::1]
and that opened a luci gui of that “second” router)
Thanks everyone for helping!
system
Closed
September 27, 2022, 8:37am
21
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.