Link-local used for IPv6 DNS server

Question

Basically,&nbsp;https://community.netgear.com/t5/Orbi/Bug-RBR20-incorrectly-uses-link-local-router-IPv6-address-as/td-p/1887490&nbsp;I turned on IPv6 and now my Orbi is telling DHCP clients that the DNS servers are 192.168.1.1 (which is good) and&nbsp;fe80::[...], which is not. &nbsp;As discussed in the thread above, this is not useful.&nbsp;The result of this is that depending on what server the application uses, addresses may or may not resolve.&nbsp;Does anyone have a solution for this? &nbsp;I'd file a ticket with support but I'm past my 90 days window, which frankly if I knew this was a thing before buying the Orbi would have been a deal breaker.

CrimpOn · Answer

I am still thrashing about.&nbsp; Turns out dig for Windows is a lot easier for me to work with than (anything) on Linux.&nbsp; (That business with DNS going through the loopback address and all.)&nbsp;Here's what a dig query on&nbsp; ibm.com looks like from my Orbi liink-local address:c:\Bind&gt;dig @fe80::a204:60ff:fe1c:239%19 ibm.com ANY

; &lt;&lt;&gt;&gt; DiG 9.16.16 &lt;&lt;&gt;&gt; @fe80::a204:60ff:fe1c:239%19 ibm.com ANY
; (1 server found)
;; global options: +cmd
;; Got answer:
;; -&gt;&gt;HEADER&lt;&lt;- opcode: QUERY, status: NOERROR, id: 39065
;; flags: qr rd ra; QUERY: 1, ANSWER: 31, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;ibm.com.                       IN      ANY

;; ANSWER SECTION:
ibm.com.                3599    IN      MX      5 mx0b-001b2d01.pphosted.com.
ibm.com.                3599    IN      MX      5 mx0a-001b2d01.pphosted.com.
ibm.com.                19      IN      A       96.17.216.124
ibm.com.                21599   IN      SOA     asia3.akam.net. dnsadm.us.ibm.com. 1564134900 43200 7200 604800 3600
ibm.com.                19      IN      AAAA    2600:1406:3400:6a1::3831
ibm.com.                19      IN      AAAA    2600:1406:3400:69d::3831
ibm.com.                599     IN      TXT     "amazonses:79ShwQazteb+WkCt8e297sAC2mwZVRditsrzaoxiHjU="
ibm.com.                599     IN      TXT     "00D3h000004YkeYEAS"
ibm.com.                599     IN      TXT     "00d50000000c9mweay"
ibm.com.                599     IN      TXT     "yandex-verification: 5f458b477256c50c"
ibm.com.                599     IN      TXT     "00d00000000hedieay"
ibm.com.                599     IN      TXT     "40a21f5affe343c6b37e0a5af80dcd93"
ibm.com.                599     IN      TXT     "Dynatrace-site-verification=76b6b299-fe43-4f31-889b-a8a467193478__8q74sg9dg5udjppn95utrb8bct"
ibm.com.                599     IN      TXT     "v=spf1 ip4:148.163.158.5 ip4:148.163.156.1 ip4:67.231.145.127 ip4:67.231.153.87 ip4:168.245.101.145 mx a:zgateway.zuora.com include:_spf.google.com ~all"
ibm.com.                599     IN      TXT     "atlassian-domain-verification=WAjTH82C5Zx475WLKAA2nrdlsoA/kN0ej9igrLrED4h15KMHPOm+A5H3GndKAxDC"
ibm.com.                599     IN      TXT     "google-site-verification=Jck8mLbYYfCnrmi_nRy4MG2fbUN3UGhC29KdspGLd9Y"
ibm.com.                599     IN      TXT     "adobe-idp-site-verification=5f8adca7-512f-44e1-a5b2-b62c5e3763f2"
ibm.com.                599     IN      TXT     "apple-domain-verification=M3o953J0rN1B0P2a"
ibm.com.                599     IN      TXT     "00df40000004784eaa"
ibm.com.                599     IN      TXT     "google-site-verification=tzdngH5fWH-k8uQoDVovOFJQZTwaGtDOP6S2cQlOvCs"
ibm.com.                599     IN      TXT     "_github-challenge-ibm.ibm.com=2613e984bc"
ibm.com.                599     IN      TXT     "facebook-domain-verification=kyuxs3tdqtyh9rbqa3szkq3k9i2bbs"
ibm.com.                599     IN      TXT     "MS=ms61389031"
ibm.com.                21599   IN      NS      usw2.akam.net.
ibm.com.                21599   IN      NS      asia3.akam.net.
ibm.com.                21599   IN      NS      eur2.akam.net.
ibm.com.                21599   IN      NS      usc3.akam.net.
ibm.com.                21599   IN      NS      ns1-206.akam.net.
ibm.com.                21599   IN      NS      eur5.akam.net.
ibm.com.                21599   IN      NS      ns1-99.akam.net.
ibm.com.                21599   IN      NS      usc2.akam.net.

;; Query time: 134 msec
;; SERVER: fe80::a204:60ff:fe1c:239%19#53(fe80::a204:60ff:fe1c:239%19)
;; WHEN: Sun May 30 15:21:59 Pacific Daylight Time 2021
;; MSG SIZE  rcvd: 1497&nbsp;I am still of the opinion that Orbi giving out its IPv4 and IPv6 link local addresses as DNS servers "works".I am also of the opinion that IPv6 is incredibly complicated and confusing and that a tremendous portion of the internet is not IPv6 friendly.&nbsp;&nbsp;

CrimpOn · Answer

An example of my confusion is the way web browsers totally manipulate the process.ford.com and honda.com do not have IPv6 addresses. (www.ford.com has IPv6 but www.honda.com does not).&nbsp;Open a web browser to http://ford.com (not https and not www.ford.com)&nbsp; What does the browser produce?&nbsp; https://www.ford.com&nbsp;And.... now that I find IPv6 addresses for URL's like www.ford.com, I have yet to get a browser to open the web site using IPv6.&nbsp;For me, networking continues to be a humbling experience.

FURRYe38 · Answer

Try contacting a forum moderator to see if they can help you with reporting this:Blanca_O&nbsp;Christian_R&nbsp;

CrimpOn · Answer

rossburton&nbsp;wrote:Basically,&nbsp;https://community.netgear.com/t5/Orbi/Bug-RBR20-incorrectly-uses-link-local-router-IPv6-address-as/td-p/1887490I turned on IPv6 and now my Orbi is telling DHCP clients that the DNS servers are 192.168.1.1 (which is good) and&nbsp;fe80::[...], which is not. &nbsp;As discussed in the thread above, this is not useful.The result of this is that depending on what server the application uses, addresses may or may not resolve.Does anyone have a solution for this?As this affects only devices with IPv6, one workaround would be to define IPv6 DNS servers on those few devices.&nbsp;(This seems like a great opportunity to learn more about IPv6, so.....)How would a person test that the link local IPv6 address will not resolve DNS?&nbsp; The IPv4 DNS is a "local" IP address (the Orbi LAN IP).Perhaps the Orbi accepts DNS queries on its link local interface and uses its external IPv6 address to pass queries?My first thought is to disable IPv4 on my network interface, which would probably eliminate contact with any device or service that supports only IPv4.&nbsp; So, I have shelved that idea for now.My second thought was to use the ping -6 command.&nbsp; When I do that, many URL's respond. I tried (one.one.one.one, google.com, ibm.com, att.com) and they all worked.&nbsp; I tried some other URL's and got "Could not find host", which is what I would expect if those domains do not support IPv6.&nbsp;So now I'm back wondering how to test the concept that giving devices the link local IPv6 address is wrong if it works for many domains and I am not (100%) certain that the failing domains actually support IPv6.

CrimpOn · Answer

Have noticed that nslookup returns IPv6 addresses for every domain that ping -6 is successful with.

nslookup returns only IPv4 addresses for the domains that ping -6 fails on.

What would help is a list of domains that definitely have IPv6 addresses but ping -6 fails to reach.

I love to rag on Netgear, but so far the damning evidence eludes me.

Forum Discussion

Link-local used for IPv6 DNS server

10 Replies