[Dnsmasq-discuss] nftset not always applied to AAAA

Fri, 28 Jun 2024 06:57:50 -0700 

in my config file I have something like this:

    
nftset=/jetbrains.com/ubuntu.com/4#inet#router#censored4,6#inet#router#censored6

however downloads.jetbrains.com is using cloudfront cname or smth like that and 
nftset is not working for AAAA replies but somehow works for A

> host download.ubuntu.com

    dnsmasq[1676399]: 63 127.0.0.1/57318 query[A] download.ubuntu.com from 
127.0.0.1
    dnsmasq[1676399]: 63 127.0.0.1/57318 forwarded download.ubuntu.com to 
127.0.0.1#5353
    dnsmasq[1676399]: 63 127.0.0.1/57318 nftset add 4 inet router censored4 
185.125.190.29 ubuntu.com
    dnsmasq[1676399]: 63 127.0.0.1/57318 reply download.ubuntu.com is 
185.125.190.29
    dnsmasq[1676399]: 63 127.0.0.1/57318 nftset add 4 inet router censored4 
185.125.190.21 ubuntu.com
    dnsmasq[1676399]: 63 127.0.0.1/57318 reply download.ubuntu.com is 
185.125.190.21
    dnsmasq[1676399]: 63 127.0.0.1/57318 nftset add 4 inet router censored4 
185.125.190.20 ubuntu.com
    dnsmasq[1676399]: 63 127.0.0.1/57318 reply download.ubuntu.com is 
185.125.190.20
    dnsmasq[1676399]: 64 127.0.0.1/51643 query[AAAA] download.ubuntu.com from 
127.0.0.1
    dnsmasq[1676399]: 64 127.0.0.1/51643 forwarded download.ubuntu.com to 
127.0.0.1#5353
    dnsmasq[1676399]: 64 127.0.0.1/51643 nftset add 6 inet router censored6 
2620:2d:4000:1::28 ubuntu.com
    dnsmasq[1676399]: 64 127.0.0.1/51643 reply download.ubuntu.com is 
2620:2d:4000:1::28
    dnsmasq[1676399]: 64 127.0.0.1/51643 nftset add 6 inet router censored6 
2620:2d:4000:1::26 ubuntu.com
    dnsmasq[1676399]: 64 127.0.0.1/51643 reply download.ubuntu.com is 
2620:2d:4000:1::26
    dnsmasq[1676399]: 64 127.0.0.1/51643 nftset add 6 inet router censored6 
2620:2d:4000:1::27 ubuntu.com
    dnsmasq[1676399]: 64 127.0.0.1/51643 reply download.ubuntu.com is 
2620:2d:4000:1::27
    dnsmasq[1676399]: 65 127.0.0.1/49103 query[MX] download.ubuntu.com from 
127.0.0.1
    dnsmasq[1676399]: 65 127.0.0.1/49103 forwarded download.ubuntu.com to 
127.0.0.1#5353
    dnsmasq[1676399]: 65 127.0.0.1/49103 reply download.ubuntu.com is NODATA

> host download.jetbrains.com

    dnsmasq[1676399]: 131 127.0.0.1/42646 query[A] download.jetbrains.com from 
127.0.0.1
    dnsmasq[1676399]: 131 127.0.0.1/42646 forwarded download.jetbrains.com to 
127.0.0.1#5353
    dnsmasq[1676399]: 131 127.0.0.1/42646 reply download.jetbrains.com is 
<CNAME>
    dnsmasq[1676399]: 131 127.0.0.1/42646 nftset add 4 inet router censored4 
18.244.146.14 jetbrains.com
    dnsmasq[1676399]: 131 127.0.0.1/42646 reply d1do0znm134sif.cloudfront.net 
is 18.244.146.14
    dnsmasq[1676399]: 131 127.0.0.1/42646 nftset add 4 inet router censored4 
18.244.146.47 jetbrains.com
    dnsmasq[1676399]: 131 127.0.0.1/42646 reply d1do0znm134sif.cloudfront.net 
is 18.244.146.47
    dnsmasq[1676399]: 131 127.0.0.1/42646 nftset add 4 inet router censored4 
18.244.146.29 jetbrains.com
    dnsmasq[1676399]: 131 127.0.0.1/42646 reply d1do0znm134sif.cloudfront.net 
is 18.244.146.29
    dnsmasq[1676399]: 131 127.0.0.1/42646 nftset add 4 inet router censored4 
18.244.146.64 jetbrains.com
    dnsmasq[1676399]: 131 127.0.0.1/42646 reply d1do0znm134sif.cloudfront.net 
is 18.244.146.64
    dnsmasq[1676399]: 132 127.0.0.1/53794 query[AAAA] 
d1do0znm134sif.cloudfront.net from 127.0.0.1
    dnsmasq[1676399]: 132 127.0.0.1/53794 forwarded 
d1do0znm134sif.cloudfront.net to 127.0.0.1#5353
    dnsmasq[1676399]: 132 127.0.0.1/53794 reply d1do0znm134sif.cloudfront.net 
is 2600:9000:26de:6000:12:7c44:15c0:93a1
    dnsmasq[1676399]: 132 127.0.0.1/53794 reply d1do0znm134sif.cloudfront.net 
is 2600:9000:26de:a600:12:7c44:15c0:93a1
    dnsmasq[1676399]: 132 127.0.0.1/53794 reply d1do0znm134sif.cloudfront.net 
is 2600:9000:26de:4800:12:7c44:15c0:93a1
    dnsmasq[1676399]: 132 127.0.0.1/53794 reply d1do0znm134sif.cloudfront.net 
is 2600:9000:26de:5600:12:7c44:15c0:93a1
    dnsmasq[1676399]: 132 127.0.0.1/53794 reply d1do0znm134sif.cloudfront.net 
is 2600:9000:26de:1200:12:7c44:15c0:93a1
    dnsmasq[1676399]: 132 127.0.0.1/53794 reply d1do0znm134sif.cloudfront.net 
is 2600:9000:26de:1400:12:7c44:15c0:93a1
    dnsmasq[1676399]: 132 127.0.0.1/53794 reply d1do0znm134sif.cloudfront.net 
is 2600:9000:26de:9a00:12:7c44:15c0:93a1
    dnsmasq[1676399]: 132 127.0.0.1/53794 reply d1do0znm134sif.cloudfront.net 
is 2600:9000:26de:5000:12:7c44:15c0:93a1
    dnsmasq[1676399]: 133 127.0.0.1/46118 query[MX] 
d1do0znm134sif.cloudfront.net from 127.0.0.1
    dnsmasq[1676399]: 133 127.0.0.1/46118 forwarded 
d1do0znm134sif.cloudfront.net to 127.0.0.1#5353
    dnsmasq[1676399]: 133 127.0.0.1/46118 reply d1do0znm134sif.cloudfront.net 
is NODATA

As you can see in second case nftset not applied for ipv6. Am I missing 
something in config? Is it a bug?

_______________________________________________
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

Reply via email to