Maintained by: NLnet Labs

[Unbound-users] Can't Enable Link-Local IPv6

Sabahattin Gucukoglu
Mon Mar 19 12:15:12 CET 2012


On 18 Mar 2012, at 20:56, Phil Pennock wrote:
> On 2012-03-18 at 09:14 +0000, Sabahattin Gucukoglu wrote:
>> Running Unbound 1.4.16, I cannot put "interface: fe80::…" into unbound.conf.  It warns on startup that there's no IPv6 support.  Yet, outgoing interface is default (::) and the default ::1 bind works.  Finally, just setting it to "::0" to listen on all works, and that's what I've had to do, just using access control to limit it.
>> 
>> So what's happening?  I'd love to only accept queries from the local link, and retrieve DNS data from v6-reachable name servers.  Your help appreciated.
> 
> At a guess (because I haven't explored this area with unbound): remember
> that link-level addresses are per-interface and need a scope in order to
> be interpreted.

I didn't know that about the zone ID, in fact (save one or two experiences with it), so thanks for increasing my knowledge. :-)  It does seem a bit silly though, given that the host can disambiguate this itself.

> A convention on KAME-derived systems is that you can attach the
> interface name to the address as the scope, with %intf at the end of the
> address.

Yes.  On Linux too, the zone ID is expressed as %interface EG %eth0.  Now it works fine.  Thanks!  On Windows it seems to be %<interface-number>.

Cheers,
Sabahattin