Hello, I've tried searching for an answer, but couldn't find much.
I have ipv4 and ipv6 enabled on my home network. In pihole it has the following (I've obfuscated some numbers):
IPv4 |192.168.1.66 @ eth0
IPv6 |2a00:23c4:7154:1501:9d95:ddff:bafc:4bad
IPv6 |fe80::655f:1762:541b:e888 @ eth0
What do I enter as the DNS for ipv6 on my devices? One is global multi-cast and the other is local.
e.g. do I enter one as primary and the other as backup, or only use local, etc.
Thanks.
Use the LLA address because it's static.
None, if you can.
That way, clients would use IPv4 exclusively for DNS (which does not deprive clients of contacting servers via IPv6, as AAAA records will continue to be answered), and your Pi-hole's Query Log will be a lot tidier, as there is only one IPv4 per client, and IPv4 addresses usually don't change and are easily to associate with hostnames.
By contrast, any client can have multiple IPv6 addresses at any given time, and those IPv46 addresses will change over time, either because of prefix or interface id changes.
If you opt to provide an IPv6 DNS server address, avoid using your Pi-hole host machines public GUA IPv6 address (range 2000::/3).
Public IPv6 prefixes are controlled by your ISP and may change at any time.
You could use one of the host's ULA (range fd00::/8) or link-local (range fe80::/10) addresses.
For a typical flat home network, the latter would be sufficient.
It may not if you are using additional network equipment (e.g. routers or layer 3 switches) or if you are using VLANs.
Hello,
Thanks. What I mean is on this screen in win11, if I leave ipv6 off then windows sets my DNS to both a ip4 and ip6 address (of my router) and I get adverts as it chooses ip6. So the only way I could get it to work was to enter an ip6 address. Hence asking which to use.
I cannot disable ip6 because it is needed. So is the answer to use the local address that pihole is stating is it's ip address, i.e. fe80::655f:1762:541b:e888?
My advice is applicable regardless of where you configure IPv6 DNS server addresses.
IPv6 is disabled in your screenshot above?
Why do you manage DNS on a per device basis, instead of configuring your router?
Hello,
What I'm saying is if I set this ipv6 toggle to off here in this section of win11 setup for my computer, then the computer defaults to the router ip6, i.e. turning it off does nothing and neither does flushing my dns, resetting ip, etc.
As for your question, yes, you're correct. However, my router does not let me set DNS so I have to setup/configure DHCP on pihole. Before I do this, I am just testing it on a few machines first to get a feel for the software.
Even if you switch DHCP server duties to Pi-hole, your router will continue to send IPv6 RDNSS Router Advertisements, advertising its own IPv6 address as DNS server.
You'd have to find a way to configure your router to stop advertising its own IPv6 as DNS server, or to advertise your Pi-hole host machine's IPv6.
You'd have to consult your router's documentation sources on further details for its IPv6 configuration options.
If your router doesn't support configuring IPv6 DNS, you could consider disabling IPv6 altogether, provided you'd not depend on IPv6 for reasons.
If your router doesn't support that either, your IPv6-capable clients will always be able to bypass Pi-hole via IPv6.
You could then try to mitigate this, by setting Pi-hole as the only upstream of your router, provided your router supports it.
But note that you won't be able to attribute DNS requests to original individual IPv6 clients in such a configuration.
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.
