Redirect DNS requests to pfsense (ipv6)
-
Hello,
This article talks about forwarding DNS requests for only ipv4 address. What should be the rule for ipv6?
Thanks
-
As you have seen, you'll be seeing this :
When you try to NAT to a IPv6 like ::1 or the firewall itself, making it pretty impossible to redirect IPv6 traffic.
-
So what is the workaround for this?
-
@trumee said in Redirect DNS requests to pfsense (ipv6):
So what is the workaround for this?
If you have DNS via IPv4, you don't need it for IPv6. DNS gets the same info over either.
-
Aded to what @JKnott said : I propose you add a IPv6 rule that blocks for any TCPor UDP request to port 53.
This will block any device using DNS requests over IPv6.If this is to drastic for you, consider permitting IPv6 - TCP/UDP to DNS if the destination is a local IPv6 - this would be the local, internal IPv6 of your pfSense (something like ff80......). These are addressed to the DNS server of pfSense and should be honored.