[Dnsmasq-discuss] Modification to the feature of config-static DNS record in dual-stack network.

Sat Nov 27 04:08:11 GMT 2010

It works!

Frankly speaking, it is a bit troublesome for me to double the config-items.
You see large websites, such as youtube.com, store resources (images, caches
and etc.) in different domains and hosts. I have to add dozens items for
youtube.com.

Actually I suppose my modification is OK too.

Two things we need to realise are that
1) The browser won't send an AAAA DNS query if user's host don't support
IPv6;
2) The upstream nameserver will return an empty AAAA record if the network
operator doesn't deploy IPv6.

As a result, if we put an item
--address = /<domain>/<IPv4 address>
on the config file, the browser's IPv6-first behavior won't trouble users:
1) If the host don't support IPv6, no AAAA query will be sent;
2) If the network operator hasn't deploy IPv6, the response of empty AAAA
record won't affect the web access. Else, users can access the Internet
through IPv6. Users will happy to do that since the IPv6 network is usually
faster and cheaper.

But considering the actual situation, your scheme is better. Users usually
cannot access IPv6 even if the network operator has deploy it since most
NAT-router don't support IPv6. What's more, some others may use dnsmasq on
the other situation except NAT-router.

I suppose you can take my opinion into account when the IPv6-NAT technology
becomes a standard component of the NAT router. My team has achieved the
IPv6-NAT technology based on Linux kernel and the other open-source projects
including dnsmasq. We would like to share it with people.

--
William

在 2010年11月27日 上午4:59，Simon Kelley <simon at thekelleys.org.uk>写道：

> 许伟林 wrote:
> > Thank you for your advice.
> >
> > Well, I would like dnsmasq to override the domain with IPv6 family, so it
> > isn't suitable to modify the hosts file.
> >
> > I'm sure it's necessary to describe my application. Maybe you have learnt
> > that almost all the Top 5 website are blocked by GFW in China, including
> > youtube.com and facebook.com. Fortunately the pure IPv6 bone network
> called
> > CERNET2 is well built and the GFW don't block the IPv6 flows. So we users
> of
> > CERNET2 can access the Top 5 websites by IPv6. However the DNS servers of
> > Chinese network operators cannot resolve the AAAA record for those Top 5
> > sites according to some politics.
> >
> > Most people modify their hosts file to involve static AAAA records
> provided
> > by this link.
> >  http://docs.google.com/view?id=dfkdmxnt_61d9ck9ffq
> >
> > But for some websites like blogspot.com, we need to override the domain
> > since we can't add all records of blogs such as william.blogspot.com,
> > simon.blogspot.com and etc.
>
> A good cause indeed!
>
> I thought about this a bit more: I don't want to change the default
> behavior, which is useful and expected by existing users. But it is
> possible to make different behaviour configurable. The trick is to
> define what happens when the same domain appears in --address and
> --server. We make --address have higher priority for the address family
> it specifies, but --server higher priority for the other address family.
>
> So
>
> --address=/opera.com/2001:840:4073:1::1:101
>
> works as we expect for IPv6 and we can send only IPv4 queries to another
> server by adding
>
> --server=/opera.com/<server address>
>
> The final thing needed is to note that <server address> can be "#" to
> sepcify the normal servers, so
>
> --address=/opera.com/2001:840:4073:1::1:101
> --server=/opera.com/#
>
> gives the behaviour you want.
>
> I've put a test version of dnsmasq with this new behavior at
>
>
> http://www.thekelleys.org.uk/dnsmasq/test-releases/dnsmasq-2.56test18.tar.gz
>
> Please could you try it out and see if it works OK for you?
>
> Cheers,
>
> Simon.
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20101127/ac5da214/attachment.htm 