Prioritize IPv4 over IPv6 DNS queries on OpenWrt router? [Solved]

Dear all,

I am considering setting up an IPv6 HA tunnel to overcome the lack of professionalism of my French ISP which does not currently provide any IPv6. I wrote them several times to complain, but still only 2% of their customers have IPv6 in 2020. You might have recognized this ISP, stay away from them.

In the past, I tested an HA free tunnel and IPv6 bandwidth and latency were pretty low compared to fiber speed over IPv4.

Is there a way to prioritize IPv4 over IPv6 DNS queries? I am using unbound DNSSEC resolver. Is there a way to resolve an IPv4 address when available and an IPv6 when it is the only result available?

I know prioritizing can be done on the client itself (at least under Linux), but can it be done on the OpenWRT router?

IMHO, it cannot be done on an OpenWRT router. You can force IPv4 resolution, but not prioritize IPv4 over IPv6. The issue is that IPv6 should take precedence over IPv4 by design.

Please correct me if I am wrong.

Kind regards,

do-ip6: (yes or no)

Enable or disable whether ip6 queries are answered or issued. Default is yes. If disabled, queries are not answered on IPv6, and queries are not sent on IPv6 to the internet nameservers. With this option you can disable the ipv6 transport for sending DNS traffic, it does not impact the contents of the DNS traffic, which may have ip4 and ip6 addresses in it.

Thanks. This disables IPv6 and does not prioritize IPv4 orver IPv6, no?

From the description it just sounds like it'll prevent DNS queries being sent over IPv6. You'll still get IPv6 results back though.

1 Like

Exactly. So your DNS requests will always be sent over IPv4. I think that is what the question was about. It has no impact on the response of the query. You still get A and AAAA if requested by client.

If you don't want any IPv6 address request/response by unbound you can use:

local-zone: ip6.arpa. refuse

Another way would be to simple not define any IPv6 DNS resolver within the config file.

So I can only refuse IPv6, not prioritize IPv4 over IPv6.

I think the question was about the results of the DNS query, rather than the method to get it. Pretty sure the OP wants a system where DNS only pulls back an IPv6 result if there is no IPv4 records.

The only way you could probably use the router to force client devices to prioritize IPv4 would be to introduce some sort of delay into the IPv6 route significant enough that devices fall back to IPv4. But really the use of IPv4 or IPv6 is a client decision and should be dealt with locally.

1 Like

You cannot define if a specific request has to be answered/requested either with IPv6 or IPv4. Who should decide sth. like that? This has to be done on application level. And even there you have to choose between. You cannot tell your browser to use IPv6 for openwrt.org and IPv4 for google.com. Probably you could with maintaining a list and some hacking in configs. But then I would do it over hosts file.

1 Like