Menu
What's new
By:
Filters Better Search

DNS/TLS IPv6.

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

A

Analog-1

Regular Contributor
Is this still valid in 2024 ? Is there any security issues with this method and how does it work.


IMPORTANT: for DNS Privacy to work in IPv6, you must set IPv6 DNS Server in IPv6 page (not equivalent to add IPv6 DoT servers on the WAN -> Internet Connection page) to your router's LAN IPv6 Link-Local Address. You can find your router's LAN IPv6 Link-Local Address in System Log -> IPv6 tab. Link-local address starts with fe80.
 
I was running this setup with Quad9 until recently and it worked well. I disabled IPv6 because my ISP uses a slow 6RD tunnel.
 
Analog-1 said:
Is this still valid in 2024 ? Is there any security issues with this method and how does it work.


IMPORTANT: for DNS Privacy to work in IPv6, you must set IPv6 DNS Server in IPv6 page (not equivalent to add IPv6 DoT servers on the WAN -> Internet Connection page) to your router's LAN IPv6 Link-Local Address. You can find your router's LAN IPv6 Link-Local Address in System Log -> IPv6 tab. Link-local address starts with fe80.
Click to expand...
Well, you still need to set the IPV4 and IPV6 DNS resolvers in their respective locations then set up DoT. I recommend alternating IPV4 DoT resolvers with corresponding IPV6 DoT resolvers. So you will end up with four entries in DoT and your queries will, alternate between all four in turn.
 
Analog-1 said:
Is this still valid in 2024 ? Is there any security issues with this method and how does it work.


IMPORTANT: for DNS Privacy to work in IPv6, you must set IPv6 DNS Server in IPv6 page (not equivalent to add IPv6 DoT servers on the WAN -> Internet Connection page) to your router's LAN IPv6 Link-Local Address. You can find your router's LAN IPv6 Link-Local Address in System Log -> IPv6 tab. Link-local address starts with fe80.
Click to expand...
I had not come across this, so I tried it and IPv6 seem to work the same as when using external (OpenDNS) IPv6 DNS servers. Given that all client (rather than router) DNS lookups go though Unbound (scripts used are in my signature) I don't see if or why this might my improve(worsen) my setup, or how I could test it.
 
I was testing this last night. I removed the DNS settings from both the WAN and IPv6 page. Then setup to force DoT in strict mode. It still works and is actually much more fast and stable then it was before.
 
You must log in or register to reply here.

Similar threads

M
IPv6 and Router Advertisement adding route to delegated /56 via WAN interface
Replies
0
Views
224
MrC99
M
John Tetreault
How to open ipv6 firewall to a port on the router?
Replies
4
Views
639
sfx2000
sfx2000
octopus
  • Locked
[ 3004.388.7 alpha 2 Build(s) ] Testing available build(s)
3 4 5
Replies
85
Views
9K
octopus
octopus
U
Solved IPv6 DNS issues on clients behind router
Replies
1
Views
715
unsynaps
U
J
RT-AC86U DNS leaks while using mullvad
Replies
1
Views
410
jsn2233
J
Similar threads
Thread starter Title Forum Replies Date
V DNS server vs DNS-over TLS server list Asuswrt-Merlin 3
T Using DOT DNS breaks ECS Asuswrt-Merlin 9
pdc Router DNS returning Refused Asuswrt-Merlin 2
C Need help with GT-AXE11000 and DNS Director Asuswrt-Merlin 0
R Would any of this make my browsing more secure? (WAN DNS settings) Asuswrt-Merlin 20
X DNS Director - question Asuswrt-Merlin 6
X RT-AX58U sudden DNS problem - URGENT Asuswrt-Merlin 14
P Solved Router DHCP and DNS not responding to changes Asuswrt-Merlin 35
icanfly DNS fails for local devices when there is no WAN! Asuswrt-Merlin 2
icanfly custom domains report NXDOMAIN for IPv6 DNS and fail to resolve in Alpine OS Asuswrt-Merlin 2

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 844 (members: 20, guests: 824)
Top