• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

DD-WRT DNS Forwarding to AAAA records.

Started by amviewer, April 09, 2010, 02:52:15 PM

Previous topic - Next topic

amviewer

Hi All,

I was wondering if someone can help me out or is encountering the same problem as i have with dns forwaring for ipv6 addresses on DD-WRT.

At the moment i have Firmware: DD-WRT v24-sp2 (12/19/09) big running on my WRT320N and works all fine for ipv4.

So what i'm trying to do here is run everything native ipv6 behind my router.

I've setup the tunnel on my router to the Hurricane.net and i have connectivity.
The problem is when i turn off the ipv4 protocol on my windows 7 machine i lose my dns resolution.
At the moment i point my windows 7 ipv6 configuration to have the dns server of my routers ipv6 address as i would do in my ipv4 configuration but it just doesn't forward my requests from the router to my ISP.
b.t.w. ISP does resolv IPv6 addresses.
Can someone give me a hint on what i'm doing wrong here?

amviewer

Quote from: amviewer on April 09, 2010, 02:52:15 PM
Hi All,

I was wondering if someone can help me out or is encountering the same problem as i have with dns forwaring for ipv6 addresses on DD-WRT.

At the moment i have Firmware: DD-WRT v24-sp2 (12/19/09) big running on my WRT320N and works all fine for ipv4.

So what i'm trying to do here is run everything native ipv6 behind my router.

I've setup the tunnel on my router to the Hurricane.net and i have connectivity.
The problem is when i turn off the ipv4 protocol on my windows 7 machine i lose my dns resolution.
At the moment i point my windows 7 ipv6 configuration to have the dns server of my routers ipv6 address as i would do in my ipv4 configuration but it just doesn't forward my requests from the router to my ISP.
b.t.w. ISP does resolv IPv6 addresses.
Can someone give me a hint on what i'm doing wrong here?

I do however get resolving of dns when i put in the huricane.net ipv6 address 2001:470:20::2 but this only resolves ipv6 and not ipv4 addresses.

cholzhauer

Quote
but it just doesn't forward my requests from the router to my ISP.

Are you sure that your router is listening for DNS lookups over IPv6?

If the answer is yes, how is your router forwarding the request to your ISP's DNS server? If it's over IPv6, it won't work (obviously)

amviewer

Quote from: cholzhauer on April 09, 2010, 04:58:21 PM
Quote
but it just doesn't forward my requests from the router to my ISP.

Are you sure that your router is listening for DNS lookups over IPv6?

If the answer is yes, how is your router forwarding the request to your ISP's DNS server? If it's over IPv6, it won't work (obviously)

I'm not quite sure I asumed it would do the same as it does for ipv4 or pickup the address from the ipv4 config of the router.
So basicly i would need to setup somthing like bind on router to get this running or find a ipv6 dns server that does both resolutions but on a ipv6 address?
Just to be sure it is possible to access the internet ipv4 via ipv6 through incapsulation right?
Otherwise this setup is going nowhere....

jimb

Quote from: amviewer on April 09, 2010, 02:52:15 PM
Hi All,

I was wondering if someone can help me out or is encountering the same problem as i have with dns forwaring for ipv6 addresses on DD-WRT.

At the moment i have Firmware: DD-WRT v24-sp2 (12/19/09) big running on my WRT320N and works all fine for ipv4.

So what i'm trying to do here is run everything native ipv6 behind my router.

I've setup the tunnel on my router to the Hurricane.net and i have connectivity.
The problem is when i turn off the ipv4 protocol on my windows 7 machine i lose my dns resolution.
At the moment i point my windows 7 ipv6 configuration to have the dns server of my routers ipv6 address as i would do in my ipv4 configuration but it just doesn't forward my requests from the router to my ISP.
b.t.w. ISP does resolv IPv6 addresses.
Can someone give me a hint on what i'm doing wrong here?
If you want to go completely IPv6 native behind your router, you will need a DNS server which will answer queries over IPv6.  If your DD-WRT router does this, and is a forwarding and/or caching DNS server, and it does both IPv4 and IPv6, it should work to point your DNS resolvers clients to that DD-WRT.  The DD-WRT name server should use both IPv4 and IPv6 to do DNS queries (and/or forward them).

If DD-WRT's DNS server is broken, the the only real choices you have is to either point your DNS resolver clients to an IPv6 listening recursive DNS server such as HE's server, or your ISPs (if they have one), or you could set up your own caching only DNS server.  This server will need to be dual stacked however, so that it can talk to IPv4 only DNS servers.  It's OK if the server has a private IPv4 address, since your NAT device will NAT the DNS queries (you may need to comment out the "query-source" line which tells it to use source port 53 as a source query port, since this can break under NAT).  Using something like BIND to set up a caching only server is pretty trivial. 


amviewer

#5
I have managed to get it working properly for ipv6 lookups.
It seems that the version that i was running had a bug in the DNSMasq and didn't respond to dns queries over ipv6.
This version seems to work fine dd-wrt.v24-14205_NEWD-2_K2.6_big on my Linksys wrt320n.
Also the services tab you need to add extra options in the DNSMasq like for it is :

listen-address=127.0.0.1,192.168.2.1,2001:470:xxxx:xxxx::

Problem now is if I want to connect to ipv4 addresses from ipv6 it won't work or even resolv.
I thought this was encapsulated in ipv6 to go to ipv4 addresses....anybody?

cholzhauer

Quote
Problem now is if I want to connect to ipv4 addresses from ipv6 it won't work or even resolv.
I thought this was encapsulated in ipv6 to go to ipv4 addresses....anybody?

No Sir...unless you're running some sort of translation service.  The problem is the same as if you were trying to connect to an IPv6 only site from an IPv4 only computer.

You could use the Sixxs IPv4 gate.

jimb

Quote from: amviewer on April 11, 2010, 11:12:55 AM
Problem now is if I want to connect to ipv4 addresses from ipv6 it won't work or even resolv.
I thought this was encapsulated in ipv6 to go to ipv4 addresses....anybody?

Nope.  There's no built-in magic to get to the IPv4 internet with IPv6 addresses.  Capabilities such as these are separate and need to be set up.  A good page to learn about all this is:  http://en.wikipedia.org/wiki/IPv6_transition_mechanisms

NAT64/DNS64 and Dual Stack-Lite (DS-Lite) seem to have a bit of traction.  And Cisco IOS has some NAPT-PT type stuff built into it, although I haven't really looked at closely or tried it.  There are TRT and DNS-ALG implementations available to unix and unix like operating systems (not sure about windows).

By far the easiest thing to do, and what most people do, is to simply run dual-stack.  IPv4 uses IPv4, and IPv6 uses IPv4.

amviewer

Thanks for the input.

It seems there is somthing out there for DD-WRT and is called pTRTd

http://www.litech.org/ptrtd/
See if I can make that work  and run a native ipv6 network with internet capabillity ;D

cholzhauer

Quote
By far the easiest thing to do, and what most people do, is to simply run dual-stack.  IPv4 uses IPv4, and IPv6 uses IPv4.

I'm assuming this is a typo? ;)

amviewer

Arrgh it seems the ptrtd isn't compiled yet for the current builds of dd-wrt.  :-[
How well i might get my hands on a cisco 3640 but thats a bit old....so it might not work either.

jimb

@amviewer: That'll work if you can get it to run on that router.  I wasn't sure if it'd be available 'cause of the limited memory, etc, of that device.  You'll also need the other half of it, totd, which does the DNS translation of IPv4 into the fake IPv6 addresses. 

@cholz: yep :)

Night

why not set up dd wrt to be end point of your tunnel?

insmod /lib/modules/2.6.24.111/kernel/net/ipv6/ipv6.ko
insmod /lib/modules/2.6.24.111/kernel/net/ipv6/sit.ko
insmod /jffs/lib/modules/2.6.24.111/ip6_tables.o
insmod /jffs/lib/modules/2.6.24.111/ip6table_filter.o
insmod /jffs/lib/modules/2.6.24.111/ip6t_multiport.o
ip tunnel add he-ipv6 mode sit remote 216.66.80.90 local 84.208.xxx.xxx ttl 64 ## your tunnel server and router ip
ip link set he-ipv6 up
ip addr add 2001:470:27:xxxx::2/64 dev he-ipv6 ##your Client IPv6 address: (not /64 allocation)
ip route add ::/0 dev he-ipv6
ip addr add 2001:470:28:xxxx::1/64 dev br0   //your routed /64 or /48
radvd -C /tmp/radvd.conf


this is the radvd.conf
interface br0 {
AdvSendAdvert on;
prefix 2001:470:28:xxxx::/64 #again your 64 or 48
{
AdvOnLink on;
AdvAutonomous on;
};
};



then you can set up external dns server in dd wrt networking settings :)