[Dnsmasq-discuss] Noob question
pemensik at redhat.com
Thu Sep 16 19:33:12 UTC 2021
It seems too cryptic to me. It seems to me usually overriding some name,
I would expect also other query types to be handled.
Could we support for example:
meaning the same value as another --local=/example.com/ specified? Just
on single line, only one domain per config needed.
On 8/31/21 10:12 PM, Simon Kelley wrote:
> On 31/08/2021 10:49, Dominik DL6ER wrote:
>> Our conclusion was that the all-zero address (0.0.0.0 and [::])
>> approach is the most effective one to block A and AAAA queries.
>> For all other query types we recommend NODATA (i.e., a NOERROR reply
>> with no answer records). Using this combination, we've not seen any
>> issues anywhere. Devices either recognize 0.0.0.0 as an address they
>> cannot connect to or us it to connect to themselves where there is
>> typically nothing served on port 443 (or wherever they are connecting
> Which can be achieved in dnsmasq with
> The first line gives the A and AAAA answers, the second makes all other
> query types NODATA.
> I occurs to me that address=/example.com should possibly imply the
> NODATA answer without needing the second line.
Would that mean --server=/example.com would be required to forward
other than address queries to upstream servers?
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
Red Hat, http://www.redhat.com/
email: pemensik at redhat.com
More information about the Dnsmasq-discuss