There are no dual stack clients as the network isn't IPv6 enabled (yet). The idea is to reduce the chatter for single stack clients.
Your right that once dual stack is enabled on parts of the network and in clients, then we'll need to be mindful of this. But, I would expect most dual stack clients to default to querying DNS using IPv6. In fact as we control the client IP addressing, we can ensure to convert DNS server settings to IPv6 when enabling dual stack. I would not want to apply this to "public" recursors which may be used as forward servers and by clients not under our control. Thank you for your input, Djerk Geurts On 30 Oct 2023, 06:26, at 06:26, Otto Moerbeek <o...@drijf.net> wrote: >On Mon, Oct 30, 2023 at 04:35:25AM +0000, Djerk Geurts via Pdns-users >wrote: > >> Hi all, >> >> Not had the opportunity to test this yet, but wanted to check with >those more experienced at LUA scripting if the following has any >unexpected side effects: >> >> function preresolve(dq) >> -- Implementation of 'filter-aaaa-on-v4' >> if dq.qtype == pdns.AAAA and dq.remoteaddr:isIPv4() then >> dq.appliedPolicy.policyKind = pdns.policykinds.Drop >> return false >> else >> return false >> end >> end >> >> I will run a test when I get the opportunity. Does anyone filter AAAA >requests for single stack clients (IPv4 only obviously)? >> >> Thanks, >> Djerk Geurts > >This polciy will also apply to dual stack clients that happen to >contact the rescursor over v4 to request an AAAA. There is nothing >wrong with that, but your policy will cause timeouts for the clients. >So not recommended. > > -Otto
_______________________________________________ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
