Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Redirect DNS requests to pfsense (ipv6)

    Scheduled Pinned Locked Moved DHCP and DNS
    5 Posts 3 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      trumee
      last edited by

      Hello,

      This article talks about forwarding DNS requests for only ipv4 address. What should be the rule for ipv6?

      Thanks

      1 Reply Last reply Reply Quote 0
      • GertjanG
        Gertjan
        last edited by

        As you have seen, you'll be seeing this :

        0_1550495984652_091d99e5-40c2-4f4c-82c5-23b3b70c9d5b-image.png

        When you try to NAT to a IPv6 like ::1 or the firewall itself, making it pretty impossible to redirect IPv6 traffic.

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        1 Reply Last reply Reply Quote 0
        • T
          trumee
          last edited by

          So what is the workaround for this?

          JKnottJ 1 Reply Last reply Reply Quote 0
          • JKnottJ
            JKnott @trumee
            last edited by JKnott

            @trumee said in Redirect DNS requests to pfsense (ipv6):

            So what is the workaround for this?

            If you have DNS via IPv4, you don't need it for IPv6. DNS gets the same info over either.

            PfSense running on Qotom mini PC
            i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
            UniFi AC-Lite access point

            I haven't lost my mind. It's around here...somewhere...

            1 Reply Last reply Reply Quote 0
            • GertjanG
              Gertjan
              last edited by

              Aded to what @JKnott said : I propose you add a IPv6 rule that blocks for any TCPor UDP request to port 53.
              This will block any device using DNS requests over IPv6.

              If this is to drastic for you, consider permitting IPv6 - TCP/UDP to DNS if the destination is a local IPv6 - this would be the local, internal IPv6 of your pfSense (something like ff80......). These are addressed to the DNS server of pfSense and should be honored.

              No "help me" PM's please. Use the forum, the community will thank you.
              Edit : and where are the logs ??

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.