diff --git a/src/etc/inc/plugins.inc.d/radvd.inc b/src/etc/inc/plugins.inc.d/radvd.inc
index a6e0ee48ca..0f37ebc168 100644
--- a/src/etc/inc/plugins.inc.d/radvd.inc
+++ b/src/etc/inc/plugins.inc.d/radvd.inc
@@ -340,7 +340,9 @@ function radvd_configure_do($verbose = false, $ignorelist = [])
                 $rdnss[] = $server;
             }
 
-            if (count($searchlist_tmp)) {
+            if (count($searchlist_tmp) == 1 && $searchlist_tmp[0] == '.') {
+                /* explicitly disabled */
+            } elseif (count($searchlist_tmp)) {
                 $dnssl = $searchlist_tmp;
             } elseif (!empty($config['system']['domain'])) {
                 $dnssl = [$config['system']['domain']];
diff --git a/src/opnsense/mvc/app/controllers/OPNsense/Radvd/forms/dialogEntry.xml b/src/opnsense/mvc/app/controllers/OPNsense/Radvd/forms/dialogEntry.xml
index f22992e06a..8342fcbbce 100644
--- a/src/opnsense/mvc/app/controllers/OPNsense/Radvd/forms/dialogEntry.xml
+++ b/src/opnsense/mvc/app/controllers/OPNsense/Radvd/forms/dialogEntry.xml
@@ -192,7 +192,7 @@
         <type>select_multiple</type>
         <style>tokenize</style>
         <allownew>true</allownew>
-        <help>The default is to use the domain name of this system as the DNSSL option. You may specify explicit domains here instead.</help>
+        <help>The default is to use the domain name of this system as the DNSSL option. You may specify explicit domains here instead. Use "." by itself to disable DNS search domains.</help>
         <grid_view>
             <visible>false</visible>
         </grid_view>
diff --git a/src/opnsense/mvc/app/models/OPNsense/Radvd/Radvd.php b/src/opnsense/mvc/app/models/OPNsense/Radvd/Radvd.php
index f73650c7da..d7d0e0154b 100644
--- a/src/opnsense/mvc/app/models/OPNsense/Radvd/Radvd.php
+++ b/src/opnsense/mvc/app/models/OPNsense/Radvd/Radvd.php
@@ -37,6 +37,12 @@ use OPNsense\Base\Messages\Message;
  */
 class Radvd extends BaseModel
 {
+    private function isValidSearchDomain(string $domain): bool
+    {
+        return filter_var($domain, FILTER_VALIDATE_DOMAIN, FILTER_FLAG_HOSTNAME) !== false &&
+            filter_var($domain, FILTER_VALIDATE_IP) === false;
+    }
+
     /**
      * {@inheritdoc}
      */
@@ -86,6 +92,27 @@ class Radvd extends BaseModel
                 }
             }
 
+            $dnssl = $entry->DNSSL->getValues();
+            if (in_array('.', $dnssl, true) && count($dnssl) > 1) {
+                $messages->appendMessage(
+                    new Message(
+                        gettext('Use "." by itself to disable DNS search domains.'),
+                        $key . '.DNSSL'
+                    )
+                );
+            }
+            foreach ($dnssl as $domain) {
+                if ($domain !== '.' && !$this->isValidSearchDomain($domain)) {
+                    $messages->appendMessage(
+                        new Message(
+                            gettext('A DNS search domain must be a valid hostname.'),
+                            $key . '.DNSSL'
+                        )
+                    );
+                    break;
+                }
+            }
+
             $raMax = $entry->MaxRtrAdvInterval->asInt();
             if (
                 $raMax < $entry->MaxRtrAdvInterval->getMinimumvalue() ||
diff --git a/src/opnsense/mvc/app/models/OPNsense/Radvd/Radvd.xml b/src/opnsense/mvc/app/models/OPNsense/Radvd/Radvd.xml
index e419f9d05e..1f1ee28cfd 100644
--- a/src/opnsense/mvc/app/models/OPNsense/Radvd/Radvd.xml
+++ b/src/opnsense/mvc/app/models/OPNsense/Radvd/Radvd.xml
@@ -60,11 +60,7 @@
                 <AddressFamily>ipv6</AddressFamily>
                 <AsList>Y</AsList>
             </RDNSS>
-            <DNSSL type="HostnameField">
-                <IsDNSName>Y</IsDNSName>
-                <IpAllowed>N</IpAllowed>
-                <AsList>Y</AsList>
-            </DNSSL>
+            <DNSSL type="CSVListField"/>
             <dns type="BooleanField">
                 <Required>Y</Required>
                 <Default>1</Default>