@OffstageRoller said in DNS not resolving IPv6 only address via WAN/localhost only:
@Gertjan What response are you getting for this command?
dig aaaa aaaa.v6ns.test-ipv6.com
and earlier (I didn't notice) :
@OffstageRoller said in DNS not resolving IPv6 only address via WAN/localhost only:
This isn't a real world problem. This would just get me a 10/10 instead of 9/10 on test-ipv6.com.
Your right : that changed for me also :
efef5c87-5055-4cbb-b76b-d6cf549ea92f-image.png
I thought : because the unbound config only contains this - the IPv4 localhost : 127.0.0.1, I add this :
2eda141f-9479-48cf-8307-27b4bd761c1b-image.png
Now I have :
3e1f9087-d6b3-4ac4-b53e-ecacfcabd20e-image.png
checking the unbound config file :
311d54f1-284e-42a1-8083-9d7455f4703f-image.png
I closed all browsers, ditched the local DNS on my PC (ipconfig /flushdns) and redid the test :
ec999d2f-de41-4eee-8952-58f268fd1dff-image.png
[23.09.1-RELEASE][root@pfSense.bhf.tld]/root: dig @::1 aaaa aaaa.v6ns.test-ipv6.com +trace +nodnssec
; <<>> DiG 9.18.16 <<>> @::1 aaaa aaaa.v6ns.test-ipv6.com +trace +nodnssec
; (1 server found)
;; global options: +cmd
. 85938 IN NS h.root-servers.net.
......
. 85938 IN NS i.root-servers.net.
;; Received 239 bytes from ::1#53(::1) in 7 ms
com. 172800 IN NS a.gtld-servers.net.
.....
com. 172800 IN NS m.gtld-servers.net.
;; Received 848 bytes from 198.97.190.53#53(h.root-servers.net) in 24 ms
test-ipv6.com. 172800 IN NS ns1.test-ipv6.com.
test-ipv6.com. 172800 IN NS ns3.test-ipv6.com.
;; Received 148 bytes from 192.26.92.30#53(c.gtld-servers.net) in 18 ms
aaaa.v6ns.test-ipv6.com. 300 IN NS v6ns.test-ipv6.com.
aaaa.v6ns.test-ipv6.com. 300 IN NS v6ns1.test-ipv6.com.
couldn't get address for 'v6ns.test-ipv6.com': not found
;; Received 210 bytes from 176.58.89.68#53(ns3.test-ipv6.com) in 34 ms
aaaa.v6ns.test-ipv6.com. 300 IN AAAA 2001:470:1:18::115
v6ns.test-ipv6.com. 300 IN NS v6ns1.test-ipv6.com.
;; Received 141 bytes from 2001:470:1:18::3:53#53(v6ns1.test-ipv6.com) in 160 ms
There is an answer in there ( 2001:470:1:18::115 ).
Running the same command without +trace :
No answer ???!?
Look at this :
[[23.09.1-RELEASE][root@pfSense.bhf.tld]/root: dig @::1 aaaa aaaa.v6ns.test-ipv6.com +trace +nodnssec +short
NS e.root-servers.net. from server ::1 in 5 ms.
NS l.root-servers.net. from server ::1 in 5 ms.
NS a.root-servers.net. from server ::1 in 5 ms.
NS k.root-servers.net. from server ::1 in 5 ms.
NS d.root-servers.net. from server ::1 in 5 ms.
NS b.root-servers.net. from server ::1 in 5 ms.
NS g.root-servers.net. from server ::1 in 5 ms.
NS f.root-servers.net. from server ::1 in 5 ms.
NS i.root-servers.net. from server ::1 in 5 ms.
NS h.root-servers.net. from server ::1 in 5 ms.
NS j.root-servers.net. from server ::1 in 5 ms.
NS c.root-servers.net. from server ::1 in 5 ms.
NS m.root-servers.net. from server ::1 in 5 ms.
couldn't get address for 'v6ns.test-ipv6.com': not found
AAAA 2001:470:1:18::115 from server 2001:470:1:18::3:53 in 153 ms.](link url)
How should I read this ?
One NS didn't have an answer, but the second one did (2001:470:1:18::115) ?
Btw : I dig using @::1 to force it using IPv6 locally. I've added the +nodnsec to make the resolving a bit more readable.