Task #10238
openipv6-only DNS setup is misleading and misconfigured
0%
Description
https://redmine.ungleich.ch/issues/7496
Says that place5 and place6 should return ONLY AAAA records
But both of them, as well as every other ungleich DNS server I know of, return both A and AAAA records.
Most software today defaults to A records if they exist and only uses AAAA if they do not. Web browsers for example.
Furthermore, the following page says that by choosing place5 and place6 as DNS resolvers one can route almost all traffic through the VPN. But because they return A records, in practice this does not happen.
https://redmine.ungleich.ch/projects/open-infrastructure/wiki/Ungleich_IPv6_wireguard_VPN
Updated by Nico Schottelius almost 3 years ago
- Status changed from New to Closed
This is working as intended:
- regular servers return both entries
- The unbound DNS servers return IPv6 / AAAA only
Updated by Moris Jones almost 3 years ago
- Status changed from Closed to Waiting
(devuan)<redacted>@<redacted>:~$ host datacenterlight.ch unbound1.place6.ungleich.ch
Using domain server:
Name: unbound1.place6.ungleich.ch
Address: 2a0a:e5c0:2:12:0:f0ff:fea9:c451#53
Aliases:
datacenterlight.ch has address 185.203.112.17
datacenterlight.ch has IPv6 address 2a0a:e5c0:0:2:400:b3ff:fe39:795c
datacenterlight.ch mail is handled by 10 smtp.ungleich.ch.
Updated by Moris Jones almost 3 years ago
nico@dcl$ dig A datacenterlight.ch @unbound1.place6.ungleich.ch
; <<>> DiG 9.16.22-Debian <<>> A datacenterlight.ch @unbound1.place6.ungleich.ch
;; global options: +cmd
;; Got answer:
;; >>HEADER<< opcode: QUERY, status: NOERROR, id: 62032
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;datacenterlight.ch. IN A
;; ANSWER SECTION:
datacenterlight.ch. 2213 IN A 185.203.112.17
;; Query time: 367 msec
;; SERVER: 2a0a:e5c0:2:12:0:f0ff:fea9:c451#53(2a0a:e5c0:2:12:0:f0ff:fea9:c451)
;; WHEN: Mon Jan 31 14:36:06 IST 2022
;; MSG SIZE rcvd: 63