I'm sorry, but what you are doing IS VERY WRONG! 1. Why was this needed?
2. Only because the server doesn't have IPv6 connectivity, doesn't mean the client can't have IPv6 connectivity. 3. Only because your network might not have IPv6, doesn't mean you should alter DNS requests without good reason. Why shouldn't a client be allowed to JUST QUERY the local dns server for all records? Even if I am on IPv4-only I might be interested in all configured addresses for a domain! Simple case: troubleshooting. Someone has problems and I wanna see if a server has AAAA records which might cause problems for that someone...with filter-AAAA enabled I can't!!! It should be left to the OS to decide whether to query for only A, or AAAA, or both. I just proposed the "filter-A" patch because many systems behave differently regarding IPv4-only vs. IPv6-only, i.e. they will query for A records regardless if the system has IPv4 connectivity or not. On the other hand, I haven't seen querying for AAAA on IPv4-only networks. This is why I ultimately also suggest to remove the "filter-AAAA" option. It does more harm than good. Having this option lets one assume it's a normal option that should just be used on IPv4-single stack networks. But NO. IT SHOULD NOT. I only introduced "filter-A" for VERY SPECIFIC CASES. One should really know how DNS works and what this option does. Don't use it just 'because it is there'. Cheers, T On 10/8/2021 3:56, E wrote:
Well well... I never thought you actually cared. This is just what I needed! Thanks a lot!! I couldn't wait for deb packaging so I tried it myself. 1. Install it over default dnsmasq mkdir tmp1 cd tmp1 git clone http://thekelleys.org.uk/git/dnsmasq.git make make install cd ~ rm -r tmp1/ 2. Add 1 line to dnsmasq.conf filter-AAAA 3. service dnsmasq restart " Job for dnsmasq.service failed because the control process exited with error code. See "systemctl status dnsmasq.service" and "journalctl -xe" for details. " " bad option at line 24 of /etc/dnsmasq.conf FAILED to start up dnsmasq.service: Failed with result 'exit-code'. " # dnsmasq --version Dnsmasq version 2.87test4-1-g37a70d3 Copyright (c) 2000-2021 Simon Kelley Compile time options: IPv6 GNU-getopt no-DBus no-UBus no-i18n no-IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset no-nftset auth no-cryptohash no-DNSSEC loop-detect inotify dumpfile _______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
_______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss