Bug #16242
open
When IPv6 Is Disabled the Firewall Still Queries IPv6 Localhost for DNS
0%
Description
When the "Allow IPv6" checkbox is disabled under System --> Advanced --> Networking, the firewall will continue to try and query DNS against the DNS Resolver on ::1, even though this is blocked. This results in failed or delayed DNS queries unless you choose "Ignore Local, Use Remote" from the DNS Resolution behavior. Disabling IPv6 on the firewall should also turn off the firewall trying to use IPv6 localhost addressing for DNS queries.
Updated by aleksei prokofiev about 2 months ago
Tested on
25.07.1-RELEASE (amd64)
built on Wed Aug 20 16:17:00 +04 2025
FreeBSD 15.0-CURRENT
I can confirm this behavior.
Updated by Kris Phillips 5 days ago
- Status changed from New to Confirmed
Tested on 25.11-RC. Can confirm this is still an issue.
However, the interesting thing is that if you disable IPv6 and manually reload the filter, it will still work until you reboot the firewall or restart the unbound service. Then, it will stop responding on localhost.
If you re-enable IPv6, you also have to restart the service to get it working again.
This may be a problem with the service not being able to bind to the interface when IPv6 is turned off.