IPv6 DNS

shaunmccloud · August 21, 2021, 12:03am

I successfully replaced my pfSense box with my RB4011 tonight. For almost everything. My IPSEC tunnel still isn’t up and IPv6 DNS is not working. I had my HE.net tunnel up and all was good there, but I was using an external DNS resolver which did not work. How do I use my RB4011 as my IPv6 DNS server?

biomesh · August 21, 2021, 2:26am

You need to make sure you have an ipv6 address assigned to an interface and have the DNS server set to allow remote requests.

If you want rdnss values to be sent in the neighbor advertisments, you need to add the ipv6 address to the DNS server list of DNS servers (settings) and set the ipv6 nd interface to advertise DNS.

nescafe2002 · August 21, 2021, 8:06am

Setting custom dns server in ND/RA is not possible until ROSv7.

For ROSv6, use option 23 in dhcpv6 server and enable ‘other configuration’ in RA:

/ipv6 dhcp-server option
add code=23 name=dns value="'2001:db8::1''2001:db8::2'"
/ipv6 dhcp-server
add dhcp-option=dns interface=bridge name=default
/ipv6 nd
set [ find default=yes ] advertise-dns=no other-configuration=yes

biomesh · August 21, 2021, 11:45am

You can definitely set the nd rdnss values in Ros 6.x with the DNS server option(not using DHCP options). I don’t run v7 and I verified my config. Perhaps v7 adds additional functionality for dhcpv6.

shaunmccloud · August 21, 2021, 8:56pm

Setting custom dns server in ND/RA is not possible until ROSv7.

For ROSv6, use option 23 in dhcpv6 server and enable ‘other configuration’ in RA:
/ipv6 dhcp-server option
add code=23 name=dns value="'2001:db8::1''2001:db8::2'"
/ipv6 dhcp-server
add dhcp-option=dns interface=bridge name=default
/ipv6 nd
set [ find default=yes ] advertise-dns=no other-configuration=yes

Even after doing this, I’m still getting assigned external DNS servers and not my RB4011 IP address. I’m also getting assigned an IPv6 address for every VLAN and not just the one I’m on, but that is a different issue.
LAN DNS.png
LAN6 DHCP.png
LAN IPv6 Address.png

biomesh · August 21, 2021, 11:28pm

Select the advertise DNS option on your nd interface entry and add your local ipv6 address to your Dns server config. If you don’t want to use your Dns server from your ISP, set “use peer DNS” to no on your ipv6 DHCP client entry.

shaunmccloud · August 21, 2021, 11:47pm

I’m using a HE.net tunnel so I don’t have an IPv6 DHCP Client configured.

biomesh · August 22, 2021, 1:29am

Ok, you can skip that step then. Just run through the steps in the first sentence. You should see the rdnss value in radvdump.

shaunmccloud · August 22, 2021, 1:55pm

So put an internal IPv6 address in my DNS setup and leave the external ones so RouterOS knows where to go? Sorry, my brain is not working super well today.

biomesh · August 22, 2021, 6:46pm

Yes, only the ipv6 address will be sent via rdnss.

Brain2000 · October 26, 2024, 6:07pm

Looks like this is still broken.
The IPv6 → ND → Advertise DNS doesn’t seem to do anything.
When I checkmark Other Configuration and add option 23 into the IPv6 → DHCP server, it advertises the EXTERNAL DNS server configured in IP → DNS. The address I put into option 23 is pretty much ignored.

So the mere presence of option 23 makes it advertise the external DNS server.