[Dnsmasq-discuss] Bug while using address=//::

Petr Menšík pemensik at redhat.com
Mon Oct 11 10:59:44 UTC 2021


Hi Dominik,

I cannot consider current implementation of filter-a and filter-aaaa
useful. On discussion with you, we agreed there are cases where
filtering IS useful. But I think it always should be possible only for
selected domains, where it brings any advantage.

Current form does not allow that, it always filters everything or
nothing. It is not helpful IMHO. Unless domain filter is added, I think
it is more appropriate to filter access on link layer and just don't
offer any IPv6 addresses at all. Or offer addresses just to selected
hosts via DHCPv6. Which does not require any change in dnsmasq.

Current implementation solves only demands of mr. E, but he never
explained why it is useful and in which cases. Why does his network need
it when others do not?

I guess we could still support --filter-aaaa=/./, but I would like
domain to be mandatory for those filterings.

Cheers,
Petr

On 10/10/21 19:36, Dominik Derigs wrote:
> On Sun, 2021-10-10 at 17:32 +0200, Treysis wrote:
>> Why was this needed?
> It is worth exploring the mailing list archive. Only two weeks
> ago, we have seen valid use cases for an option to filter AAAA.
>
> See, e.g.
>
> https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2021q3/015709.html
> https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2021q3/015711.html
>
> Best,
> Dominik
>
-- 
Petr Menšík
Software Engineer
Red Hat, http://www.redhat.com/
email: pemensik at redhat.com
PGP: DFCF908DB7C87E8E529925BC4931CA5B6C9FC5CB




More information about the Dnsmasq-discuss mailing list