[Dnsmasq-discuss] Modification to the feature of config-static DNS record in dual-stack network.

许伟林 mzweilin at gmail.com
Fri Nov 26 03:24:29 GMT 2010


Thank you for your advice.

Well, I would like dnsmasq to override the domain with IPv6 family, so it
isn't suitable to modify the hosts file.

I'm sure it's necessary to describe my application. Maybe you have learnt
that almost all the Top 5 website are blocked by GFW in China, including
youtube.com and facebook.com. Fortunately the pure IPv6 bone network called
CERNET2 is well built and the GFW don't block the IPv6 flows. So we users of
CERNET2 can access the Top 5 websites by IPv6. However the DNS servers of
Chinese network operators cannot resolve the AAAA record for those Top 5
sites according to some politics.

Most people modify their hosts file to involve static AAAA records provided
by this link.
 http://docs.google.com/view?id=dfkdmxnt_61d9ck9ffq

But for some websites like blogspot.com, we need to override the domain
since we can't add all records of blogs such as william.blogspot.com,
simon.blogspot.com and etc.

I have installed the modified-dnsmasq into my dual-stack NAT router. The
IPv6-stack hosts and dual-stack hosts behind the NAT router can access these
websites by IPv6. The other pure IPv4-stack hosts can also access these
sites by conventional means of IPv4, such as VPN or proxy server(Google
AppEngine have provided a good one!). Without the modification of codes,
it's impossible for those pure IPv4 hosts to access the sites since they
only get an empty [A] record.

In any case, we can explore the world freely now! Thank you for excellent
job!

--
William

2010/11/26 Simon Kelley <simon at thekelleys.org.uk>

> 许伟林 wrote:
> > Hi all,
> > When you add an item 'address=/www.opera.com/2001:840:4073:1::1:101' in
> > '/etc/dnsmasq.conf', do you mean this site doesn't have an IPv4 address
> to
> > access? I wonder it is not true on most occasion, since this kind of
> sites
> > can only be accessed by IPv6 host.
> >
> > However, when you add this item in the config file, dnsmasq-2.55 will
> reply
> > an empty record for the DNS query[A] of www.opera.com. And it prints 2
> lines
> > in log file:
> > *...*
> > *dnsmasq: query[A] www.opera.com from 192.168.56.101*
> > *dnsmasq: config www.opera.com is NODATA-IPv4*
> > *...*
> >
> > So the pure IPv4 hosts cannot access www.opera.com.
> >
> > Actually the below feature is what I expected:
> > *When receiving a DNS query request, dnsmasq firstly looks up the static
> > record of the same type (A record or AAAA record) in config file. The
> client
> > will receive the static DNS record if found. Or the query should be
> > forwarded to the external DNS server.*
> >
> > In order to realise this feature, we have to modify some codes in
> > ./src/forward.c.
> >
> <snip patch>
>
> > William
> >
> >
>
> Well done for getting your head around that code; it's really obscure
> and should be re-written.
>
> The current behaviour is sort-of deliberate, because often people want to
> do
>
> --address = /<domain>/<IPv4 address>
>
> and be sure that they have overridden that domain. If IPv6 queries for
> the domain were let through, that would cause a surprise: Many users
> don't even know that their browser, for instance, might try and make
> IPv6 connections.
>
> You can get the behaviour you are looking for by putting
>
> 2001:840:4073:1::1:101 www.opera.com
>
> into /etc/hosts. Addresses there are used strictly for one address
> family and don't affect forwarding of other queries.
>
>
> I hope that's a suitable work-around for your application.
>
>
> Cheers,
>
> Simon.
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20101126/7a684bb0/attachment.htm 


More information about the Dnsmasq-discuss mailing list