NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
rossburton
May 29, 2021Aspirant
Link-local used for IPv6 DNS server
Basically, https://community.netgear.com/t5/Orbi/Bug-RBR20-incorrectly-uses-link-local-router-IPv6-address-as/td-p/1887490 I turned on IPv6 and now my Orbi is telling DHCP clients that the DNS se...
rossburton
May 30, 2021Aspirant
Aha. So the trick is that you need to specially handle v6 link-local addresses. The address may be fe80::2a80:88ff:feeb:3cf8 but when it is used it needs to be qualified with the interface name:
$ dig @fe80::2a80:88ff:feeb:3cf8%en0 www.aa.net.uk ;; ANSWER SECTION: www.aa.net.uk. 1287 IN A 90.155.62.14 www.aa.net.uk. 1287 IN A 90.155.62.13
And this qualification doesn't make it into /etc/resolv.conf so that's fun to deal with!
CrimpOn
May 30, 2021Guru - Experienced User
I am still thrashing about. Turns out dig for Windows is a lot easier for me to work with than (anything) on Linux. (That business with DNS going through the loopback address and all.)
Here's what a dig query on ibm.com looks like from my Orbi liink-local address:
c:\Bind>dig @fe80::a204:60ff:fe1c:239%19 ibm.com ANY ; <<>> DiG 9.16.16 <<>> @fe80::a204:60ff:fe1c:239%19 ibm.com ANY ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39065 ;; flags: qr rd ra; QUERY: 1, ANSWER: 31, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;ibm.com. IN ANY ;; ANSWER SECTION: ibm.com. 3599 IN MX 5 mx0b-001b2d01.pphosted.com. ibm.com. 3599 IN MX 5 mx0a-001b2d01.pphosted.com. ibm.com. 19 IN A 96.17.216.124 ibm.com. 21599 IN SOA asia3.akam.net. dnsadm.us.ibm.com. 1564134900 43200 7200 604800 3600 ibm.com. 19 IN AAAA 2600:1406:3400:6a1::3831 ibm.com. 19 IN AAAA 2600:1406:3400:69d::3831 ibm.com. 599 IN TXT "amazonses:79ShwQazteb+WkCt8e297sAC2mwZVRditsrzaoxiHjU=" ibm.com. 599 IN TXT "00D3h000004YkeYEAS" ibm.com. 599 IN TXT "00d50000000c9mweay" ibm.com. 599 IN TXT "yandex-verification: 5f458b477256c50c" ibm.com. 599 IN TXT "00d00000000hedieay" ibm.com. 599 IN TXT "40a21f5affe343c6b37e0a5af80dcd93" ibm.com. 599 IN TXT "Dynatrace-site-verification=76b6b299-fe43-4f31-889b-a8a467193478__8q74sg9dg5udjppn95utrb8bct" ibm.com. 599 IN TXT "v=spf1 ip4:148.163.158.5 ip4:148.163.156.1 ip4:67.231.145.127 ip4:67.231.153.87 ip4:168.245.101.145 mx a:zgateway.zuora.com include:_spf.google.com ~all" ibm.com. 599 IN TXT "atlassian-domain-verification=WAjTH82C5Zx475WLKAA2nrdlsoA/kN0ej9igrLrED4h15KMHPOm+A5H3GndKAxDC" ibm.com. 599 IN TXT "google-site-verification=Jck8mLbYYfCnrmi_nRy4MG2fbUN3UGhC29KdspGLd9Y" ibm.com. 599 IN TXT "adobe-idp-site-verification=5f8adca7-512f-44e1-a5b2-b62c5e3763f2" ibm.com. 599 IN TXT "apple-domain-verification=M3o953J0rN1B0P2a" ibm.com. 599 IN TXT "00df40000004784eaa" ibm.com. 599 IN TXT "google-site-verification=tzdngH5fWH-k8uQoDVovOFJQZTwaGtDOP6S2cQlOvCs" ibm.com. 599 IN TXT "_github-challenge-ibm.ibm.com=2613e984bc" ibm.com. 599 IN TXT "facebook-domain-verification=kyuxs3tdqtyh9rbqa3szkq3k9i2bbs" ibm.com. 599 IN TXT "MS=ms61389031" ibm.com. 21599 IN NS usw2.akam.net. ibm.com. 21599 IN NS asia3.akam.net. ibm.com. 21599 IN NS eur2.akam.net. ibm.com. 21599 IN NS usc3.akam.net. ibm.com. 21599 IN NS ns1-206.akam.net. ibm.com. 21599 IN NS eur5.akam.net. ibm.com. 21599 IN NS ns1-99.akam.net. ibm.com. 21599 IN NS usc2.akam.net. ;; Query time: 134 msec ;; SERVER: fe80::a204:60ff:fe1c:239%19#53(fe80::a204:60ff:fe1c:239%19) ;; WHEN: Sun May 30 15:21:59 Pacific Daylight Time 2021 ;; MSG SIZE rcvd: 1497
I am still of the opinion that Orbi giving out its IPv4 and IPv6 link local addresses as DNS servers "works".
I am also of the opinion that IPv6 is incredibly complicated and confusing and that a tremendous portion of the internet is not IPv6 friendly.
- CrimpOnMay 30, 2021Guru - Experienced User
An example of my confusion is the way web browsers totally manipulate the process.
ford.com and honda.com do not have IPv6 addresses. (www.ford.com has IPv6 but www.honda.com does not).
Open a web browser to http://ford.com (not https and not www.ford.com) What does the browser produce? https://www.ford.com
And.... now that I find IPv6 addresses for URL's like www.ford.com, I have yet to get a browser to open the web site using IPv6.
For me, networking continues to be a humbling experience.