No IPv6 when connected to mesh points in bridge mode with USG

  • So I have an AmpliFi in bridge mode connected to a UniFi Security Gateway (3-port). The USG is hooked up to IPv6 on the WAN, and the AmpliFi has "IPv6" enabled thru the app. The USG is configured to use a Pi-Hole on the network for both regular IPv4 DNS and DHCPv6/RDNSS (aka "IPv6 DNS"), so I can block ads coming from both IPv4 and IPv6 addresses.

    It's a pretty sweet setup, but I just realized one thing: IPv6 appears to work only when connected to the AmpliFi. When connected to one of the mesh points, I get only IPv4.

    The closest thing I could find was this old topic:

    However, my problem is a little bit different. When connected directly to the AmpliFi, I get IPv6 just fine.

    I've only noticed this problem recently, so it might not be related, but I'm seeing this with various Apple devices running iOS 14 and later. I just learned about problems with the "private IP" feature so I've turned it off, but IPv6 still isn't showing up.

    Any idea what's going on here?

  • @Thomas-Chi What happens if you just set up the USG to use your provider's or cloudflare or google DNS (including DNSv6) instead of your pi-hole? I have a similar setup with amplifi HD in bridge mode and don't have ipv6 issues connected on the satellites. My (non-amplifi) router is set up to serve DNS to cloudflare including DNS v6 addresses and all works fine.

    I actually had to go to a bridged setup as AmpliFi does not support entering a DNS v6 entry so all v6 queries still go to my provider's DNS when using ipv6 which i really don't want to happen as they do DNS hijacking which I strongly dislike.

  • Well, I can't answer that question, as all seems to be well again.

    What I did was, I turned off the "private IP" 'feature' on the iDevices in question, then brought them over to the router so that they acquired IPv6 addresses. Now they continue to work well with IPv6, even when connected to a mesh point. Problem solved!

    As to your issues with the DNS v6 entries, I'm using the USG to redirect DHCPv6/RDNSS to the link-local address ("fe80:...") of the Pi-Hole. Works great.

Log in to reply