Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

FS#635 - IPv6 RA provides broken DNS #5658

Closed
openwrt-bot opened this issue Mar 17, 2017 · 2 comments
Closed

FS#635 - IPv6 RA provides broken DNS #5658

openwrt-bot opened this issue Mar 17, 2017 · 2 comments
Labels
flyspray

Comments

@openwrt-bot
Copy link

tari:

In the default IPv6 configuration, the RDNSS advertised has a link-local address. This address appears to be a valid address for the router, but DNS requests to it receive no responses with the result that IPv6-only DNS is broken.

On a Linux machine where I've done no special IPv6 configuration, autoconfiguration successfully assigns an address and I can reach public addresses via IPv6. My automatically generated resolv.conf looks like this:

nameserver 192.168.127.1
nameserver fe80::32b5:c2ff:fe09:6202%eth0

where the first entry matches configuration acquired via DHCP, and the second is a link-local address acquired from autoconfiguration. rdisc6 reports the same:

$ rdisc6 eth0
Soliciting ff02::2 (ff02::2) on eth0...

...

Recursive DNS server : fe80::32b5:c2ff:fe09:6202
DNS server lifetime : 18000 (0x00004650) seconds
from fe80::32b5:c2ff:fe09:6202

Manually querying the provided DNS server fails:

$ dig @fe80::32b5:c2ff:fe09:6202%eth0 google.com

; <<>> DiG 9.11.0-P3 <<>> @fe80::32b5:c2ff:fe09:6202%eth0 google.com
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached

but because this system prefers to do DNS over IPv4 I don't normally notice. Android devices however appear to prefer to do DNS over IPv6, so all requests from those attempt and fail to reach the IPv6 DNS server then fall back to IPv4, meaning every lookup takes about 10 seconds.

I've worked around the problem by manually advertising the router's address on the configured global ULA prefix as a DNS server instead, though it feels like a bit of a hack.

/etc/config/network:config globals 'globals'
option ula_prefix 'fd1d:1efd:22ed::/48'

/etc/config/dhcp:config dhcp 'lan'
option interface 'lan'
option start '100'
option limit '150'
option leasetime '12h'
option ra 'server'
option dhcpv6 'server'
option ra_management '1'
list dns 'fd1d:1efd:22ed::1'

Current software version is 17.01.0 r3205-59508e3 running on a TP-Link Archer C7 v2.
@openwrt-bot
Copy link
Author

dedeckeh:

IPv6 DNS address selection has been reworked as follows :
*First consider all global/ULA IPv6 address having a valid lifetime
*Next give preference to global/ULA IPv6 addresses being not deprecated
*Give preference to ULA IPv6 addresses over IPv6 global addresses
*Give preference to the IPv6 address with the longest preferred lifetime in
its selected category (ULA or global)
*Finally if no global/ULA IPv6 address is present use the IPv6 link local address

@openwrt-bot
Copy link
Author

EricLuehrsen:

This is suitable for solving FS#399 also (3d9f406)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
flyspray
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@openwrt-bot