IPv6 NOT Disabled As Expected - ER8411 and Software Controller (Windows) 5.15.24.18
IPv6 is supposed to be disabled on my network according to the available documentation.
In the controller UI > Site Settings > LAN > Networks > Configure IPv6 > IPv6 Interface Type > dropbox control is set to "None"
DNS Cache is enabled and shows hundreds of IPv6 requests completed.
How is this possible? Bug?
How to prevent IPv6 on our LAN and on Router?
See two attached screenshots.
TIA
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
What you are seeing is expected behaviour, not a bug in the Omada controller.
Disabling IPv6 in the controller only tells the Omada gateway (the router) not to hand out IPv6 prefixes or addresses on the LAN; it does not stop the gateway from receiving IPv6 traffic on its WAN port, and it does not stop the DNS proxy (dnsmasq) in the gateway from answering AAAA queries that clients send to it.
The DNS cache you are looking at is simply showing that:
- A client asked the gateway for the AAAA record of some host.
- The gateway forwarded the query upstream, got an IPv6 answer, cached it and returned it to the client.
That is all normal.
The fact that the client obtained an IPv6 DNS answer does not mean the client can actually use IPv6 to reach the destination; if the LAN interface has no IPv6 prefix, the client has no global IPv6 address and therefore cannot open an IPv6 connection.
How to really turn IPv6 off
-
On the Omada gateway
Settings → Network → Internet → WAN → Edit → IPv6 → Disable IPv6 (or set it to “Disabled”).
This stops the gateway from acquiring an IPv6 address on the WAN and from receiving IPv6 routes. -
On each LAN network
Settings → Wired Networks → LAN → Networks → Edit → IPv6 → Interface Type → None (you already did this).
After step 1 the gateway will stop forwarding any IPv6 traffic and the DNS cache will no longer contain IPv6 answers (except for any local or link-local traffic that never leaves the switch).
- Copy Link
- Report Inappropriate Content
What you are seeing is expected behaviour, not a bug in the Omada controller.
Disabling IPv6 in the controller only tells the Omada gateway (the router) not to hand out IPv6 prefixes or addresses on the LAN; it does not stop the gateway from receiving IPv6 traffic on its WAN port, and it does not stop the DNS proxy (dnsmasq) in the gateway from answering AAAA queries that clients send to it.
The DNS cache you are looking at is simply showing that:
- A client asked the gateway for the AAAA record of some host.
- The gateway forwarded the query upstream, got an IPv6 answer, cached it and returned it to the client.
That is all normal.
The fact that the client obtained an IPv6 DNS answer does not mean the client can actually use IPv6 to reach the destination; if the LAN interface has no IPv6 prefix, the client has no global IPv6 address and therefore cannot open an IPv6 connection.
How to really turn IPv6 off
-
On the Omada gateway
Settings → Network → Internet → WAN → Edit → IPv6 → Disable IPv6 (or set it to “Disabled”).
This stops the gateway from acquiring an IPv6 address on the WAN and from receiving IPv6 routes. -
On each LAN network
Settings → Wired Networks → LAN → Networks → Edit → IPv6 → Interface Type → None (you already did this).
After step 1 the gateway will stop forwarding any IPv6 traffic and the DNS cache will no longer contain IPv6 answers (except for any local or link-local traffic that never leaves the switch).
- Copy Link
- Report Inappropriate Content
Information
Helpful: 2
Views: 226
Replies: 1
Voters 0
No one has voted for it yet.