[Dnsmasq-discuss] Bug while using address=//::

Petr Menšík pemensik at redhat.com
Wed Sep 29 15:49:31 UTC 2021


Hello E,

May I ask for your reason, why are you trying to explicitly block IPv6
in year 2021? Unless you have public IPv6 route, your system should work
just fine with any AAAA requests they make.

src/dnsmasq -d --port 2053 --conf-file=/dev/null --log-queries
--address=/./::

This seems to do what you wanted, it is recent code from dnsmasq. But my
question remains. What is a problem with IPv6 if you just do not have
IPv6 connectivity? Any programs or systems needing this tuning need to
fix themselves, not by dnsmasq.

Regards,
Petr

On 9/28/21 01:41, E wrote:
>> https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2021q3/015348.html
>> It can block any name by using --address=/blockedname/::1.
> What I want to do:
> 1. Block AAAA requests. (at first I want to block specific IPv6 ranges
> but it's not possible, so)
> 2. Can able to query A.
>
> Steps:
> 1. Install dnsmasq on Debian 11 (completely disabled IPv6/IPv4 only
> environment)
> 2. Add below 2 line to conf and restart service.
> server=8.8.8.8#53
> address=/COM/::
> 3. dig github.com A @127.0.0.1
>
> Result:
> No answer at all.
> ;github.com.                    IN      A
>
> Expected:
> github.com. IN A 1.2.3.4
>
>
> Questions:
> 1. why dnsmasq is rejecting A request?
> 2. Is there any way to block AAAA?
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
>
-- 
Petr Menšík
Software Engineer
Red Hat, http://www.redhat.com/
email: pemensik at redhat.com
PGP: DFCF908DB7C87E8E529925BC4931CA5B6C9FC5CB




More information about the Dnsmasq-discuss mailing list