wiki.paepcke.com

User Tools

Site Tools

Trace: v6dns
public:v6dns

This is an old revision of the document!

Table of Contents

Overview

This document details the removal (or addition if applied in reverse) of local DNS caching services on IPv6. The procedure entails four changes:

  1. Router: cease advertisement of the two resolvers
  2. Pihole: disable IPv6 listener
  3. Unbound: disable IPv6 listener
  4. Raspberry Pi OS: remove static IP assignment

Router

IPv6 router advertisement (RA) is akin to IPv4's DHCP. It might be sub-optimal to run dual-stack clients without a resolver on an IPv6 address, but Unbound and Pihole can answer A and AAAA queries for either stack, and everything seems to work with just the one.

EdgeOS keeps a nameserver configuration value for each dual-stack VLAN. Only the VIF IDs differ between directives: 

delete interfaces switch switch0 vif 1 ipv6 router-advert name-server 2601:666:6666:5EB0::10
delete interfaces switch switch0 vif 10 ipv6 router-advert name-server 2601:666:6666:5EB0::10
delete interfaces switch switch0 vif 20 ipv6 router-advert name-server 2601:666:6666:5EB0::10
delete interfaces switch switch0 vif 30 ipv6 router-advert name-server 2601:666:6666:5EB0::10

To reverse deletion, use set in place of delete

Pihole

We specified listen-addresses in the /etc/dnsmasq.d/01-pihole.conf text file as a comma-separated list. From the following line, delete the IPv6 address and the comma preceding it 

listen-addresses=10.10.10.10,2601:666:6666:5EB0::10

Restart the service, and verify 

sudo systemctl restart pihole-FTL
ss -tl

Unbound

Most configuration resides in the /etc/unbound/unbound.conf text file. Comment out the following line 

interface: 2601:666:6666:5EB0::10@53

Verify 

ss -tl

Raspberry Pi OS

nmcli displays and manipulates network settings. Review interfaces and their settings 

nmcli con show
nmcli con show 'Wired connection 1'

Remove the static IPv6 addresses 

sudo nmcli con mod 'Wired connection 1' -ipv6.addresses 2601:666:6666:5EB0::10/128
sudo nmcli con mod 'Wired connection 1' -ipv6.addresses 2601:666:6666:5EB0::20/128

Restart network interface to apply changes 

sudo nmcli con down 'Wired connection 1' && sudo nmcli con up 'Wired connection 1'

To reverse removal, use +ipv6.addresses in place of -ipv6.addresses

public/v6dns.1768417150.txt.gz · Last modified: by daniel
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki