Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
   Glossary   Glossary
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Author Topic: Firebrick publishing self as local forwarding DNS server over IPv6 - snafu?  (Read 1322 times)

Weaver

  • Senior Kitizen
  • ******
  • Posts: 11459
  • Retd s/w dev; A&A; 4x7km ADSL2 lines; Firebrick

I think my Firebrick is publishing the global / routable IPv6 address of its LAN interface - as opposed to link local address - as a usable DNS server to the boxes on the LAN. It also publishes the global / routable IPv4 address of the Firebrick's LAN interface too as a DNS server. (All boxes in the LAN have global, routable, public IP addresses. I do not use RFC 1918 addresses or nat for any source addresses in internet access.)

It seems that the boxes on the LAN are picking the IPv4 address of the Firebrick and accessing DNS using that.

* However, if I configure an iPad by hand in settings with manually-set values, or I configure various DNS test tool apps, to use the Firebrick's LAN IPv6 address, then DNS lookup fails with I think some long timeout.

* Could anyone give me an idea what might be going wrong?

It seems to me that although the Firebrick is advertising the IPv6 address as 'good for DNS' it is as if DNS in the Brick is not actually operating on that IPv6+protocol+port combination.

As a sanity check, I tried IPv6-pinging the expected IPv6 LAN i/f address of the Firebrick from an iPad and no problems. Looking at the XML config, everything relating to DNS and the main LAN i/f and the subnet associated with it is just using defaults, pretty much, although the addresses are given explicitly in the XML, not obtained from the ISP, AA, by PPP.

I should make sure that the iPad works in general with IPv6 over DNS just in case this is all some sad iPad 20C-thinking bug.

I could get some sort of traffic capture over the LAN by using the facilities available in my powerful ZyXEL WAPs and see if there is even anything to see.
Logged

DaveC

  • Reg Member
  • ***
  • Posts: 197

Weaver,

Do your ipv6 subnet(s) listed in the "allow" attribute of the dns object in your Firebrick's config?

Dave.
Logged

Weaver

  • Senior Kitizen
  • ******
  • Posts: 11459
  • Retd s/w dev; A&A; 4x7km ADSL2 lines; Firebrick

no, and the ipv4 is not listed either.

I noted there is a local-only attribute set to true. Tried taking that out and now no problem. Tada!

Just for a sanity check, I put the attribute back, and still it did not fail: so now I can no longer reproduce the bug. I don't know what on earth I have done.
« Last Edit: August 19, 2018, 03:48:08 AM by Weaver »
Logged
 

anything