OpenWRT DNS only IPv4 (Disable IPv6 DNS)

mannser · December 20, 2020, 7:01pm

Hi there,

i want to prevent the local DNS server on my OpenWRT router to announce IPv6 records when querying the hostname by which the router is reachable from the Internet.

root@openwrt:~# nslookup my.host.com
Server:         127.0.0.1
Address:        127.0.0.1#53

Name:      my.host.com
Address 1: 123.123.123.123 (Public IPv4 Adress)
Address 2: ::1

I want the AAAA record Address 2: ::1 to be gone.

Q: Why do i want this?
A: I have an instance of Wireguard running on my OpenWRT Router. I want clients in my LAN to connect to this Wireguard server over the internet (not directly via LAN). When clients in my local network resolve the FQDN my.host.com, Wireguard uses the IPv6 address ::1. As the Wireguard Server is not listening on ::1 the client will never be able to connect.

Do you have a working solution on how to configure dnsmasq or odhcpd in a way that only resolve IPv4 A-Records and not IPv6 AAAA records for my use case?

mannser · December 20, 2020, 8:20pm

Hi @vgaetera

#Method #1
your first solution seems to quite do the trick, except that it is delivering a static record back. With a regularly changing IP-Address i believe this is not the right solution.
However, this is actually the result i would like to see, just without hardcoding the IP-address.

#Method #2
When using this solution, i cannot observe any changes (yes, i restarted dnsmasq)
See the output here:

[root@openwrt ~]# nslookup my.host.com 192.168.1.1
Server:         192.168.1.1
Address:        192.168.1.1#53

Non-authoritative answer:
Name:   my.host.com
Address: 123.123.123.123
Name:   my.host.com
Address: ::1

AND:

root@openwrt:~# nslookup my.host.com
Server:         127.0.0.1
Address:        127.0.0.1#53

Name:      my.host.com
Address 1: 123.123.123.123
Address 2: ::1

Do you have another idea, why this could be not working?

mannser · December 20, 2020, 11:02pm

Thank you @vgaetera

i tried it in all possible combinations, but it just will not work. It is crazy. even an nslookup my.host.com 8.8.8.8 delivers me ::1 together with my correct ipv4 address.
I dont know where to go further. My router is possessed by a daemon!

root@openwrt:~# nslookup my.host.com 8.8.8.8
Server:         8.8.8.8
Address:        8.8.8.8#53

Name:      my.host.com
Address 1: 123.123.123.123
Address 2: ::1

vgaetera · December 20, 2020, 11:24pm

DDNS for IPv6 should be optional, not mandatory.
Check your configuration or change the DDNS provider.

On the other hand, this is marked solved:

mannser · December 23, 2020, 8:52pm

Hey there @vgaetera

That worked! Thank you very much!

server=/tld/8.8.8.8
address=/tld/::

mannser · December 31, 2020, 2:15pm

Hm, it seems like i have been too fast with marking this answer as a solution.
It is important to mention, that when setting these attributes it definitely has to be done via uci with the add_list command and not with the add or set command.
E.g.:

uci add_list dhcp.@dnsmasq[0].address='/my.host.com/::'
uci add_list dhcp.@dnsmasq[0].server='/my.host.com/8.8.8.8'

Thanks for the help!

system · January 10, 2021, 2:16pm

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.