Bug #13851
closed
DNS Resolver does not generate automatic ACLs for IPv6 when Network Interfaces is set to "All"
100%
Description
When investigating unexpected IPV6 DNS behavoir, I discovered that the DNS-resolver does not function for IPV6. The problem seems to be that incoming querys are blocked due to (lack-off) IPV6 DNS ACL-rules.
For more info see https://forum.netgate.com/topic/176989/problems-with-pfsense-ipv6-dns-function-does-it-exist
Updated by Jim Pingle almost 2 years ago
- Status changed from New to Rejected
The DNS resolver forms IPv6 ACLs by default already for both static and dynamic IPv6 in everything I have access to with IPv6 and testing, so something in your configuration isn't right.
This site is not for support or diagnostic discussion.
For assistance in solving problems, please post on the Netgate Forum .
See Reporting Issues with pfSense Software for more information.
Updated by Jim Pingle over 1 year ago
- Subject changed from DNS-resolver does not process IPV6-querys (without explicit defined ACL's) to DNS Resolver does not generate automatic ACLs for IPv6 when Network Interfaces is set to "All"
- Status changed from Rejected to In Progress
- Assignee set to Jim Pingle
- Target version set to 2.7.0
- Plus Target Version set to 23.05
Not sure why I couldn't reproduce this before, but I found it happening on one of my lab systems. Since it was easy to reproduce there I was able to nail down a fix.
Updated by Jim Pingle over 1 year ago
- Status changed from In Progress to Feedback
- % Done changed from 0 to 100
Applied in changeset 46b159032fef8c78783aa1a749d2238cfed7ac0d.
Updated by Georgiy Tyutyunnik over 1 year ago
Tested on:
Version 23.01-RELEASE (amd64)
built on Fri Feb 10 20:06:33 UTC 2023
FreeBSD 14.0-CURRENT
patch successfully resolves the issue