I have a RB5009 running 7.10. I use the RB5009 as my local DNS forwarder. I just tried to go to a website that doesn’t exist and instead of getting an NXDOMAIN to my surprise I got AT&T’s “that domain doesn’t exist but we searched for what you typed in” page.
I’m running a pretty standard dual stack network. The “Use Peer DNS” is unchecked in IP - DHCP Client - ether1 and in IPv6 - DHCP Client - vrrp1 and vrrp2. I use the vrrps as a sort of hack because AT&T only lets you request /64 prefixes (but you can request as many as you like) and I want separate prefixes for my two vlans.
If I look in IP - DNS, I see my two manually configured DNS servers plus a dynamic IPv6 server. The dynamically configured one has the same /64 prefix as the three addresses under IPv6 - Addresses whose type is listed as “DG” - I assume that’s Dynamic and Global, but with a ::1.
If I check either or both of the “user peer DNS” boxes for the vrrp interfaces, the same IPv6 DNS server shows up once for each box checked in IP-DNS. So there must be another place where I need to specify not to use peer DNS, but I can’t figure out where. I’ve also looked in the CLI and can’t locate it.
Additionally, “Advertise DNS” is unchecked under Neighbor Discovery.
The DHCPv6 client use-peer-dns option will only affect handling of OPTION_DNS_SERVERS received in the DHCPv6 reply, there is similarly an option in the PPPoE client to use or ignore any DNS provided by IPv6CP when using PPPoE. It needs a separate option use or ignore the RA-provided data.
Thanks. I just changed the IPv6 - Settings “accept RA” setting to “yes if forwarding disabled” and the dynamic entry disappeared. It seems I still get the same delegated prefixes, and IPv6 connectivity works fine. This makes sense given what you’ve said. Since I have IPv6 forwarding enabled, the router isn’t accepting the RAs. It appears this is a good workaround…will see if it holds.
Without accepting RAs you will likely loose the gateway information. IIRC when changing accept RAs some things don’t actually change until after reboot.
I would suggest sending a feature request to Mikrotik, not accepting the RA DNS options is likely to be a common requirement as more people use IPv6