[Dnsmasq-discuss] IPv6 resolve local only
Klaus Vink Slott
klaus at vink-slott.dk
Fri Aug 30 13:42:25 UTC 2024
This answer came just in time, as I have just returned from holiday and
was starting to consider if I should try out another dhcp-dns solution.
On 30.08.2024 Petr Menšík wrote:
> Make sure (sub)domains served exclusively by dnsmasq are marked as
> local=/tier1.internal/.
Thanks for pointing out the local= setting. So setting this - and remove
😳 another setting I had totally forgot about, it all starting working
immediately.
> That will prevent dnsmasq to forward any other
> queries to upstream nameserver, which very likely does not know them.
> That is if sshgw.tier1.internal has only A address, but AAAA is
> forwarded further and timeouts there. In fact make sure whole .internal
> is stopped somewhere at your border and not forwarded to your ISP. IPv4
> works better, because those names are defined by dnsmasq and it does not
> forward them. For AAAA it is not defined and therefore forwarded.
> Although it is also problem at ISP, it should respond with NXDOMAIN or
> REFUSED, but it should respond with some response anyway.
So the reason the upstream was not returning a NXDOMAIN or REFUSED was
that I had a
server=/tier1.internal/192.168.80.1
that I forgot to remove. It had been in use before I disabled the build
in pfSense resolver, and thus the reason the forwarded AAAA query was
ignored.
Thanks a lot for directing onto the right path.
--
Regards
Klaus
More information about the Dnsmasq-discuss
mailing list