Reverse DNS lookups failing for local addresses using IPv6

[cinergi2]

Hello,

I've installed the Adguard Home package on my OPNSense box. AGH listens on port 53 and forwards to the configured upstream 127.0.0.1:5335, where Unbound is listening (OPNSense's default DNS resolver). My network is dual-stack IPv4 and IPv6. The issue I'm having is that AGH does not forward reverse DNS lookups for private IP ranges (such as 192.168.0.0/16) to the configured upstream private reverse DNS server; instead, it returns NXDOMAIN. Looking at the AGH DNS configuration, I think I know why. The configuration instructions for the reverse private DNS server state the following:

"A request is considered private if it asks for an ARPA domain containing a subnet within private IP ranges (such as "192.168.12.34") and comes from a client with a private IP address."

My client is making the reverse DNS request using its public IPv6 address; thus, the request doesn't "come from a client with a private IP address" and it seems that AGH doesn't consider it as a private rDNS request although it's for a private IP in the range 192.168.0.0/16. Is there any way to fix this in AGH? What would be needed is to not require that the request origin be a "client with a private IP address".

Thanks!

[Nopel2020]

There's a private_networks configuration option in adguardhome.yaml exactly for your case. Just add the IP address or your entire /56 or /64 range to it like this:

dns:
  private_networks:           
    - ::1/128                 
    - 2xxx:xxxx:xxxx:xxxx::/64 

[cinergi2]

Thank you!