OpenWrt Forum Archive

Topic: How to disable IPv6 DNS server?

The content of this topic has been archived on 5 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

Post #1
usonianhorizon
31 Mar 2015, 01:20

I'm having issues with the router serving up its IPv6 address as a DNS server, which is conflicting with the primary DNS server on the LAN which has only an IPv4 address.

Here are the symptoms of my problem:

  1. Running Barrier Breaker (14.07, r42625) on Buffalo WZR-HP-G450H.  In a lab environment, I have just this router and a Windows 8.1 Pro laptop. Details of the production environment are given further down below.

  2. On the router, in /etc/dhcp I have the following directives:
    option dhcpv6 'disabled'
    option ra 'disabled'

  3. I perform 'ipconfig /release' on the laptop.

  4. I perform 'ipconfig /release6' on the laptop.

  5. I reboot the laptop, and when I do an 'ipconfig /all', I see the IPv6 address of the router as the primary DNS server.

So this is all the lab environment. I don't want the router's IPv6 address served up to the client computer. 

Where this is wreaking havoc is in the production environment where we have a Windows Server 2012 R2 acting as DNS server and DHCP server (due to Active Directory integration).  The DHCP server has an IPv4 scope defined and option 23 under IPv6 set (Option 23 - DNS Recursive Name Server IPV6 Address List ).  I would still like to keep the router as a DNS forwarder if possible for the Windows Server.  Hence, I would prefer not switching off DNS completely.

So, any client machine attached to the LAN gets its proper IPv4 address and IPv4 DNS server from the Windows Server machine.  However, it also gets the IPv6 DNS server from the OpenWrt router.  Since this router doesn't know about the internal sub-domain, it resolves the address incorrectly.

What I want is that the OpenWrt router not hand out its IPv6 address as a DNS server.  I have tried to work through the 'dnsmasq' and 'dhcp' documentation, but I am stumped.

The end result is that because the sub-domain is resolved incorrectly, client computers cannot join the domain and domain users are unable to log in.

Any suggestions on recommended best practices and a resolution to this problem would be most appreciated.

advTHANKSance.

Post #2
usonianhorizon
31 Mar 2015, 01:52

Sorry, I omitted to give a couple more testing data points:

  1. I also disabled the DHCP pool on the router, using "option ignore '1'" in '/etc/dhcp'.

  2. I further did an 'ipconfig /renew' with full expectation that it should fail, which it did.

  3. *However*, after a further 'ipconfig /all' under DNS servers, the IPv6 address of the router is now shown, even though no IP address not IPv4 DNS server were listed!

So even with DHCP switched off, somehow the router is handing out its IPv6 address as a viable DNS server.

The discussion might have continued from here.