[FS#635] IPv6 RA provides broken DNS

LEDE Bugs lede-bugs at lists.infradead.org
Fri Mar 17 03:13:12 PDT 2017 

A new Flyspray task has been opened.  Details are below. 

User who did this - Peter Marheine (tari) 

Attached to Project - LEDE Project
Summary - IPv6 RA provides broken DNS
Task Type - Bug Report
Category - Base system
Status - Unconfirmed
Assigned To - 
Operating System - All
Severity - Medium
Priority - Very Low
Reported Version - lede-17.01
Due in Version - Undecided
Due Date - Undecided
Details - In the default IPv6 configuration, the RDNSS advertised has a link-local address. This address appears to be a valid address for the router, but DNS requests to it receive no responses with the result that IPv6-only DNS is broken.

On a Linux machine where I've done no special IPv6 configuration, autoconfiguration successfully assigns an address and I can reach public addresses via IPv6. My automatically generated resolv.conf looks like this:

nameserver 192.168.127.1
nameserver fe80::32b5:c2ff:fe09:6202%eth0

where the first entry matches configuration acquired via DHCP, and the second is a link-local address acquired from autoconfiguration. rdisc6 reports the same:

$ rdisc6 eth0
Soliciting ff02::2 (ff02::2) on eth0...

...

 Recursive DNS server     : fe80::32b5:c2ff:fe09:6202
  DNS server lifetime     :        18000 (0x00004650) seconds
 from fe80::32b5:c2ff:fe09:6202

Manually querying the provided DNS server fails:

$ dig @fe80::32b5:c2ff:fe09:6202%eth0 google.com

;  DiG 9.11.0-P3  @fe80::32b5:c2ff:fe09:6202%eth0 google.com
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached

but because this system prefers to do DNS over IPv4 I don't normally notice. Android devices however appear to prefer to do DNS over IPv6, so all requests from those attempt and fail to reach the IPv6 DNS server then fall back to IPv4, meaning every lookup takes about 10 seconds.

----

I've worked around the problem by manually advertising the router's address on the configured global ULA prefix as a DNS server instead, though it feels like a bit of a hack.

/etc/config/network:config globals 'globals'
        option ula_prefix 'fd1d:1efd:22ed::/48'

/etc/config/dhcp:config dhcp 'lan'
        option interface 'lan'
        option start '100'
        option limit '150'
        option leasetime '12h'
        option ra 'server'
        option dhcpv6 'server'
        option ra_management '1'
        list dns 'fd1d:1efd:22ed::1'

Current software version is 17.01.0 r3205-59508e3 running on a TP-Link Archer C7 v2.

 

More information can be found at the following URL:
https://bugs.lede-project.org/index.php?do=details&task_id=635

More information about the lede-bugs mailing list