wiki.paepcke.com

User Tools

Site Tools

Trace: v6dns
public:v6dns

Table of Contents

Overview

This document details the removal (or addition if applied in reverse) of local DNS caching services on IPv6. The procedure entails four changes:

  1. Router: cease advertisement of the two resolvers
  2. Pihole: disable IPv6 listener
  3. Unbound: disable IPv6 listener
  4. Raspberry Pi OS: remove static IP assignment

Router

IPv6 router advertisement (RA) is akin to IPv4's DHCP. It might be sub-optimal to run dual-stack clients on your network without a resolver on an IPv6 address, but Unbound and Pihole can answer A and AAAA queries for either stack, and everything seems to work with just the one.

Review a given VLAN's RA 

show interfaces switch switch0 vif 10 ipv6 router-advert

Remove the name-server from each dual-stack VLAN's RA 

delete interfaces switch switch0 vif 1 ipv6 router-advert name-server
delete interfaces switch switch0 vif 10 ipv6 router-advert name-server
delete interfaces switch switch0 vif 20 ipv6 router-advert name-server
delete interfaces switch switch0 vif 30 ipv6 router-advert name-server

Reverse a removal 

set interfaces switch switch0 vif 10 ipv6 router-advert name-server 2601:666:6666:5EB0::10

Pihole

We specified listen-addresses in the /etc/dnsmasq.d/01-pihole.conf text file as a comma-separated list. From the following line, delete the IPv6 address and the comma preceding it 

listen-addresses=10.10.10.10,2601:666:6666:5EB0::10

Restart the service, and verify 

sudo systemctl restart pihole-FTL
ss -tl

Unbound

Most configuration resides in the /etc/unbound/unbound.conf text file. Comment out the following line 

interface: 2601:666:6666:5EB0::10@53

Restart the service, and verify 

sudo systemctl restart unbound
ss -tl

Raspberry Pi OS

nmcli displays and manipulates network settings. Review interfaces and their settings 

nmcli con show
nmcli con show 'Wired connection 1'

Remove the static IPv6 addresses 

sudo nmcli con mod 'Wired connection 1' -ipv6.addresses 2601:666:6666:5EB0::10/128
sudo nmcli con mod 'Wired connection 1' -ipv6.addresses 2601:666:6666:5EB0::20/128

Restart network interface to apply changes 

sudo nmcli con down 'Wired connection 1' && sudo nmcli con up 'Wired connection 1'

Reverse a removal 

sudo nmcli con mod 'Wired connection 1' +ipv6.addresses 2601:666:6666:5EB0::10/128
public/v6dns.txt · Last modified: by daniel
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki