I upgraded to v6 lately to give it a try. First my working config for v5
Unbound as upstream DNS
I followed the instructions and added unbound as only upstream DNS, listening on:
- 127.0.0.1#5335
- ::1#5335
I added a zone file for the zone internal:
server:
local-zone: "internal." static
local-data: "wpad.internal. IN A 192.168.42.254"
local-data: "wpad.internal. IN AAAA fd03:4fbe:19c5:37a5:d8b8:2694:bc1d:ef9c"
local-data: "wpad.internal. IN HTTPS 1 . port=80 ipv4hint=192.168.42.254 ipv6hint=fd03:4fbe:19c5:37a5:d8b8:2694:bc1d:ef9c"
Pi-hole as DHCP server
I configured pi-hole as my sole DHCP server and disabled the one in my router.
Internal domain
The internal domain is internal
. I also disabled:
- Never forward non-FQDN A and AAAA queries
- Never forward reverse lookups for private IP ranges
With v5 request e.g. ping wpad.internal
where answered. Now with v6 I need to add
the domain wpad.internal
to the Local DNS Recods in the Pi-hole settings.
Without them being added this is the result when I dig
Pi-hole directly:
dig @127.0.0.1 wpad.internal A
dig @127.0.0.1 wpad.internal AAAA
; <<>> DiG 9.18.28-1~deb12u2-Debian <<>> @127.0.0.1 wpad.internal A
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31254
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;wpad.internal. IN A
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP)
;; WHEN: Tue Oct 01 14:56:30 CEST 2024
;; MSG SIZE rcvd: 42
; <<>> DiG 9.18.28-1~deb12u2-Debian <<>> @127.0.0.1 wpad.internal AAAA
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10987
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;wpad.internal. IN AAAA
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP)
;; WHEN: Tue Oct 01 14:56:30 CEST 2024
;; MSG SIZE rcvd: 42
And here when I ask unbound directly:
dig @127.0.0.1 -p 5335 wpad.internal A
dig @127.0.0.1 -p 5335 wpad.internal AAAA
; <<>> DiG 9.18.28-1~deb12u2-Debian <<>> @127.0.0.1 -p 5335 wpad.internal A
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54515
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;wpad.internal. IN A
;; ANSWER SECTION:
wpad.internal. 3600 IN A 192.168.42.254
;; Query time: 0 msec
;; SERVER: 127.0.0.1#5335(127.0.0.1) (UDP)
;; WHEN: Tue Oct 01 14:56:04 CEST 2024
;; MSG SIZE rcvd: 58
; <<>> DiG 9.18.28-1~deb12u2-Debian <<>> @127.0.0.1 -p 5335 wpad.internal AAAA
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18910
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;wpad.internal. IN AAAA
;; ANSWER SECTION:
wpad.internal. 3600 IN AAAA fd03:4fbe:19c5:37a5:d8b8:2694:bc1d:ef9c
;; Query time: 0 msec
;; SERVER: 127.0.0.1#5335(127.0.0.1) (UDP)
;; WHEN: Tue Oct 01 14:56:04 CEST 2024
;; MSG SIZE rcvd: 70
So why doesn't v6 forward these request to unbound anymore.