DNS forwarder and IPv6



  • Hello guys,

    In a real test environment I set ipv6 and the principle clients are taking the ip correctly by RA. On a pc with linux, I did the test on the site http://www.test-ipv6.com/ but there was an error in resolving AAAA names. The dns configured in General setup is from my provider. I tested this dns separately and it solves AAAA names. Pings on v6 works too.

    I need an extra configuration in DNS forwarder or only the three options below?

    • Enable DNS forwarder
    • Register DHCP leases in DNS forwarder
    • Register DHCP static mappings in DNS forwarder

    Where can be the error?


  • LAYER 8 Global Moderator

    What is the exact error your getting for AAAA, is it like this?

    This just means that your not using IPV6 to get to your dns..  Not that you can not actually lookup AAAA, is pfsense forwarder actually listening on IPV6, and your clients are using the ipv6 address for your dns?




  • What is the exact error your getting for AAAA, is it like this?

    Yes, the same error of the image you posted.

    This just means that your not using IPV6 to get to your dns..  Not that you can not actually lookup AAAA, is pfsense forwarder actually listening on IPV6, and your clients are using the ipv6 address for your dns?

    My dns is pfsense, so my clients need to use the pfsense IP address or I can set the ISP dns in General Configs?


  • LAYER 8 Global Moderator

    if you want that test to past then your client needs to be using a dns via IPV6 not ipv4..

    so for example - see how I have ipv6 dns setup for this client.  But I have it set to prefer to use ipv4..  Which is why I get that warning.




  • if you want that test to past then your client needs to be using a dns via IPV6 not ipv4..

    In General Setup > DNS: I set both dns ipv4 and ipv6. The order of the configuration of the DNS influence on something? Eg: ipv4 before ipv6 or ipv6 before ipv4.


  • LAYER 8 Global Moderator

    Again what do your client point to for dns???  See when I did nslookup on my client it pointed to IPV6 for dns..

    Post yours!!

    Make sure it can resolve using that IPv6 address of pfsense as its dns server…  This has NOTHING to do with what pfsense is using for dns, or forwarding too..  This has to do with the client making its dns query via a ipv6 dns.



  • For me pointed 172.16.0.1

    This is a nat gw from lan of my pfsense.

    I believe it will never work that way, right?


  • LAYER 8 Global Moderator

    It can work just fine that way, its just your not asking a ipv6 server for your dns.. Which is why your getting that specific error.

    So your not using ipv6 all they way through your still using ipv4 for the dns aspect of looking up some ipv6 based site..  Not really an issue..  Also comes down to what exactly your wanting to do…  And how you want to do it..

    Do you want to pass some test for ipv6 functionality or do you just want to get to ipv6 sites?  There is no actual sites, other than maybe some p0rn or backnet stuff that is ipv6 only..  So doesn't really matter in the big picture.  If you resolve something io ipv6 via AAAA can you get there is the question.  Not that you look up that AAAA via dns via ipv4 address or ipv6 address.


Log in to reply