I have a network consisting out of a pfSense 2.3 router, and 2 Cisco Meraki MR16 access points. The pfSense Box is connected to Comcast on the WAN interface, and provides one LAN segment. The MR16's are both connected to the LAN side, and are configured in bridging mode.
pfSense is configured in Track mode for IPv6, and is both the DNS v4 server at 192.168.2.1 and DNSv6 FE80::1:1.
Both MR16's run LEDE Reboot 17.01.3 (same problem happend with LEDE Reboot 17.01.2.
I have a very weird issue happening. My DNS server settings on my windows 7 pro workstations show: (ipconfig /all) - pubilc IPv6 addresses removed! -
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : home.lan Description . . . . . . . . . . . : Intel(R) Ethernet Connection (2) I218-V Physical Address. . . . . . . . . : 78-24-AF-89-E0-0D DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IPv6 Address. . . . . . . . . . . : xxxx:yyy:zzzz:qqqq:6c4a:56cd:d88d:5828(Preferred) Temporary IPv6 Address. . . . . . : xxxx:yyy:zzzz:qqqq:f82e:b32:143:62c0(Preferred) Link-local IPv6 Address . . . . . : fe80::6c4a:56cd:d44d:5828%11(Preferred) IPv4 Address. . . . . . . . . . . : 192.168.2.190(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Lease Obtained. . . . . . . . . . : Tuesday, October 10, 2017 21:40:47 Lease Expires . . . . . . . . . . : Tuesday, October 10, 2017 23:40:47 Default Gateway . . . . . . . . . : fe80::1:1%11 192.168.2.1 DHCP Server . . . . . . . . . . . : 192.168.2.1 DHCPv6 IAID . . . . . . . . . . . : 242754735 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1D-4C-8A-72-78-24-AF-89-E0-0D DNS Servers . . . . . . . . . . . : **fe80::218:aff:fe38:cd6a%11** 192.168.2.1 NetBIOS over Tcpip. . . . . . . . : Enabled
The trouble is with the DNS address for the IPv6 network. It is a link/local address of one of my Meraki's. This is wrong. I took a wireshark trace and see it going to the MR16, but NOT intended. I see an ICMP6 reply from the MR16 that it is a DNS server. (not)
I played around with the IPv6 settings, and also the DNS/DHCP settings, removed dnsmasq and different things. I set the forwarding IPv6 address for DNS to the pfSense box to no avail.
I am considering compiling the MR16 code with IPv6 disabled, but not sure whether that will break things for my WiFi clients. Both the hardwired and WiFi clients show the problem...
What can be done to fix this problem?
Laaf