After setting up IPv6, I tried running dig against the vyos DNS server, with both IPv4 and IPv6 DNS servers configured. This is not related to IPv6 however, the same problem is there when running only IPv4.
Running dig google.com against the vyos DNS server only returns a single A record.
Running dig google.com against any of my upstream DNS servers returns 4 A records and 4 AAAA records.
I would expect that querying the vyos DNS server would return the same records as querying the upstream DNS servers?
and for a good measure, here is the lookup directly on upstream
; <<>> DiG 9.10.6 <<>> google.com @89.233.43.71
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 65086
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 9
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;google.com. IN A
;; ANSWER SECTION:
goOGlE.com. 139 IN A 172.217.23.110
;; AUTHORITY SECTION:
goOGlE.com. 117984 IN NS ns1.google.com.
goOGlE.com. 117984 IN NS ns2.google.com.
goOGlE.com. 117984 IN NS ns4.google.com.
goOGlE.com. 117984 IN NS ns3.google.com.
;; ADDITIONAL SECTION:
ns1.goOGlE.com. 293764 IN A 216.239.32.10
ns2.goOGlE.com. 172087 IN A 216.239.34.10
ns3.goOGlE.com. 296556 IN A 216.239.36.10
ns4.goOGlE.com. 302910 IN A 216.239.38.10
ns1.goOGlE.com. 83781 IN AAAA 2001:4860:4802:32::a
ns2.goOGlE.com. 172649 IN AAAA 2001:4860:4802:34::a
ns3.goOGlE.com. 78427 IN AAAA 2001:4860:4802:36::a
ns4.goOGlE.com. 15919 IN AAAA 2001:4860:4802:38::a
;; Query time: 3 msec
;; SERVER: 89.233.43.71#53(89.233.43.71)
;; WHEN: Sat Oct 03 12:52:34 CEST 2020
;; MSG SIZE rcvd: 326
now that I look at it again, it may just be me who have misinterpreted/misread the output, as the actual answer section is the same, while the answer from upstream, just contains additional fields.
Although vyos seems to only cache one A record and one AAAA record, from the domain name resolution results, the domain name resolution of A and AAAA records is normal, because Google’s authoritative resolution server may be set up for regional optimization Intelligent domain name resolution. Therefore, it is normal for the domain name resolution results to be different in different recursive resolution server regions. Please make sure that vyos.router points to your vyos router, you can replace it with IP
Sorry I didn’t mention that I replaced the routers ip with vyos.router. I’m 100% sure that those lookups are to the routers DNS, also the last lookup is done to the only DNS server setup on vyos, so the only difference is:
The first two are recursive lookups through vyos, while the last lookup is directly to the upstream DNS, but with the same external IP as vyos.
I have also said that from the domain name resolution results, except for the vyos dns only returned 1 A record and 1 AAAA record, there is no other abnormal situation. Even in the linux server system, dig will only be possible by default. Query A record.