Re-tested and able to confirm, tested 4.3.22 on a Shadow (GL-AR300M16).
I tested this by installing the latest firmware without keeping the settings, changed the WAN to PPPoE and IPv6 to ‘native’. My devices get a dysfunctional DNSv6 server assigned, both via IPv6-Router-Advertisements and the Stateless DHCPv6-Server. However, something changed because the server is now fd1b:801:b781::1.
No idea, where that is coming from. Furthermore, I am not sure if the GL.iNet team understands the severity of this issue at all. This blocks Internet surfing, all web services, I have no Internet access because of this, not to
- IPv6-only webpages
- IPv6 enabled webpages (offer both IPv6 and IPv4)
- IPv4-only webpages
This is because some network stacks do not expect a broken DNSv6 server and do not fallback to the DNSv4 server. A prominent and easy to test example is Ubuntu 16.04 LTS which still gets security updates via ESM. Although not widespread anymore, I mention this just as an easy to test example. There are thousands of stacks and apps out there which behave the same.
The workaround is to:
a) add a DNSv6 server like the link-local address of the GL.iNet in the client
b) disable IPv6 in the client and go for just IPv4
c) disable IPv6 in the GL.iNet
The latter is not good behavior if the Internet access is actually IPv6 based and uses translation techniques, sharing one IPv4 with several other users. I over-use then in an unexpected way that IPv4 address, even with each DNS query.
- How can we as community help?
- GL.iNet are you able to reproduce this issue?
- Should we report this issue in a different way (different channel or at OpenWrt)?
Although this was reported four years ago already, at that time the cause for the dysfunctional DNSv6 server was different, this scenario is still not regression tested by GL.iNet.