[Dnsmasq-discuss] Bug while using address=//::, Configuration regressions
pemensik at redhat.com
Thu Sep 30 11:19:47 UTC 2021
Okay, confirming this works on 2.86 release, but does not with 2.85 or
2.81. I am afraid it could be requested via bugs reported to
distribution only. It does not work with root domain /./ on previous
It seems --address=/./:: is now equivalent to --address=/#/::
What seems more important, the behaviour of --address changed significantly.
on 2.85 and lower sends :: for AAAA queries and NOERROR without response
on A queries. While I like current behaviour more, I think we should
revert to previous behaviour to keep systems behaving the same after
upgrades and allow new behaviour with modified configuration.
--address=/com/#/ now behaves like --address=/com/# behaved before, but
no backward compatible version for specified address exists. I think it
should be modified to previous mode by default. And a way to make new
behaviour possible also with given address.
--address=/#/ is accepted, but does nothing. Similar to --server=/
Also --local=/com/:: changed its behaviour. It now behaves like
--address=/com/::, not as --server=/com/:: as it should and used to in
2.85. Should we ensure address part is empty perhaps to prevent misusing
--local instead of --server?
On 9/30/21 06:09, E wrote:
>> Which dnsmasq version are you using?
> Latest on Debian 11.
> ii dnsmasq 2.85-1
> all Small caching DNS proxy and DHCP/TFTP server
> ii dnsmasq-base 2.85-1
> amd64 Small caching DNS proxy and DHCP/TFTP server
>> src/dnsmasq -d --port 2053 --conf-file=/dev/null --log-queries
>> This seems to do what you wanted
> Is it? Nope. AAAA still not blocked at all!
> 1. edit dnsmasq.conf, add "address=/./::"
> 2. restart service
> dig XXXX.com AAAA @127.0.0.1 --- still responds AAAA results
> dig XXXX.com A @127.0.0.1 --- works (returning A results)
> My question is simple,
> a. How can I block certain AAAA ranges?
> b. Or, How can I block all AAAA?
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
Red Hat, http://www.redhat.com/
email: pemensik at redhat.com
More information about the Dnsmasq-discuss