MathewBurnett
commented
2 years ago ipv6 is disabled in lancache-dns. Can you check that your client only has one dns server set and no ipv6 server set, otherwise it will go round it.
Closed JPElectron closed 2 years ago
MathewBurnett
commented
2 years ago ipv6 is disabled in lancache-dns. Can you check that your client only has one dns server set and no ipv6 server set, otherwise it will go round it.
JPElectron
commented
2 years ago I am sure only one DNS server is being handed out to clients, and have verified with ipconfig /all
I do not have IPv6 enabled, locally in Windows, or in my hardware firewall to the Internet, nor do I receive an IPv6 IP from my ISP. Any attempts at IPv6 would go through teredo.
In the case of this certain hostname, externally (on the Internet) the webhost does serve up both an IPv4 and IPv6 address - however, internally, only a IPv4 IP should be resolved...
PC IPv4 on LAN > Lancache IPv4 on LAN > dnscrypt-proxy IPv4 on LAN (with some local hosts via cloaking file) > DNS over HTTPs (DoH) out the WAN (also IPv4)
Yet, Lancache will still provide both the IPv4 and IPv6 for this hostname.
Other systems on the LAN (when not using Lancahce DNS, but rather using the the dnscrypt-proxy server directly) doing an nslookup, correctly shows only the single IPv4 IP for this hostname. Thus, I cannot conclude this is a problem in dnscrypt-proxy
stale[bot]
commented
2 years ago This issue has been automatically marked as inactive because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
stale[bot]
commented
2 years ago This issue has been automatically closed after being inactive for 30 days. If you require further assistance please reopen the issue with more details or talk to us on discord
Describe the issue you are having
My Lancache upstream DNS is set to a local recursive resolver on the same LAN (not PiHole, not in docker, but another IP address within the same subnet on the same LAN)
Un-expected behavior: when using nslookup to the lancache DNS server, both the public IPv6 address and the private IPv4 address is returned for local hosts defined in the upstream DNS server.
Un-expected nslookup output example... Non-authoritative answer: Name: www.nottherealhost.example.com Addresses: 2607:f441::d892:c001 192.168.22.10
Expected behavior: only the local IPv4 address should be returned for local hosts defined in the upstream DNS server (seeing as how the local DNS server only has an IPv4 address defined for that hostname.
Expected nslookup output example... Non-authoritative answer: Name: www.nottherealhost.example.com Address: 192.168.22.10
...this same output is what I get when querying the local DNS server directly. LanCache's DNS response should be no different.
Why is this a problem: this leads to LAN PCs not resolving this URL 50% of the time, because DNS round robin will randomly pick the IPv6 IP instead of the IPv4 IP and thus the internally hosted URL isn't accessible within the LAN.
How are you running the container(s)
default docker-compose.yml (no changes)
DNS Configuration
PC > Lancache > local DNS server (with some local hosts defined) > DNS over HTTPs (DoH) out the WAN
Also tested with...
PC > Lancache > local DNS server (with some local hosts defined) > Google DNS
...same problem