Option "Register connected OpenVPN clients in the DNS Resolver" does not create AAAA records
-
I have a number of OpenVPN clients connecting with dual stack addresses, and have the option "Register connected OpenVPN clients in the DNS Resolver" set however only A records are created and no AAAA records.
$ host test-appliance-1.rt.ev6.net 2001:bd0:100:77::1
Using domain server:
Name: 2001:bd0:100:77::1
Address: 2001:bd0:100:77::1#53
Aliases:test-appliance-1.rt.ev6.net has address 127.1.0.3
$ host -t AAAA test-appliance-1.rt.ev6.net 2001:bd0:100:77::1
Using domain server:
Name: 2001:bd0:100:77::1
Address: 2001:bd0:100:77::1#53
Aliases:test-appliance-1.rt.ev6.net has no AAAA record
-
Upon further investigation, it seems openvpn calls /usr/local/sbin/openvpn.learn-address.sh specifying the domain, ip, fqdn and an "update" command....
OpenVPN calls this script twice - once for legacy ipv4, and again immediately afterwards for ipv6.The problem seems to be that this script explicitly tries to create A records irrespective of the value provided for $IP, which when coupled with the ipv6 address are then rejected by the /usr/local/sbin/unbound-checkconf command.
Forcing it to create AAAA records reverses the problem, it now only creates ipv6 records. Given more time i'l look at creating a patch that checks for and creates both.