Am 01.02.23 um 16:12 schrieb Bjørn Mork:
This sort of "works" for me (although very broken by design, as already
noted):
Thank you for providing a work around and testing it.
I am still not convinced that the filter-a harms less when a real
is provided instead of the synthesized. It
Ondřej Surý writes:
> Nobody is preventing from doing the work yourself, or paying somebody for
> doing
> the work for you. That's where the open-source model shines.
Or simply trigger the curiousity of some innocent victim who will then
do the work for free :-)
I don't necessarily believe
> On 1. 2. 2023, at 13:33, Thomas Schäfer wrote:
>
> I have learned bind/isc is not willing to support such (test) scenarios.
And yet again, let me emphasize that open-source isn't free Swedish buffet.
If you want other people to do the work it must either have a strong case (like
being useful
Thank you for your answers.
Of course dns64 breaks dnssec, like any other manipulation of dns
resource records.
But it doesn't mean that filtering A records breaks dns64, it still only
breaks dnssec.
So filtering A records and dnssec is mutually exclusive.
I know almost all popular dual
> On Jan 31, 2023, at 15:27, Thomas Schäfer wrote:
>
> Am Dienstag, 31. Januar 2023, 20:03:42 CET schrieb Marco:
>
>>
>> Why would it make sense to block them?
>
> Avoiding wrong decisions by "happy eyeballs" - probably the same rare reasons
> why isc introduced the filter yeas ago - in
> On 1 Feb 2023, at 05:52, Thomas Schäfer wrote:
>
> Am Montag, 30. Januar 2023, 23:12:53 CET schrieb Mark Andrews:
>> Do you want a correctly operating DNS64 server or do you want to filter
>> all A records? They are mutually exclusive requirements. Please read
>> RFC 6147 to understand why
Am Dienstag, 31. Januar 2023, 20:03:42 CET schrieb Marco:
>
> Why would it make sense to block them?
Avoiding wrong decisions by "happy eyeballs" - probably the same rare reasons
why isc introduced the filter yeas ago - in theory there is no reason to
block nor A. But blocking A
Am 31.01.2023 um 19:52:11 Uhr schrieb Thomas Schäfer:
> Am Montag, 30. Januar 2023, 23:12:53 CET schrieb Mark Andrews:
> > Do you want a correctly operating DNS64 server or do you want to
> > filter all A records? They are mutually exclusive requirements.
> > Please read RFC 6147 to understand
Am Montag, 30. Januar 2023, 23:12:53 CET schrieb Mark Andrews:
> Do you want a correctly operating DNS64 server or do you want to filter
> all A records? They are mutually exclusive requirements. Please read
> RFC 6147 to understand why they are mutually exclusive.
That's simply not true. RFC
Do you want a correctly operating DNS64 server or do you want to filter
all A records? They are mutually exclusive requirements. Please read
RFC 6147 to understand why they are mutually exclusive.
IPv6-only means that the IP packets being sent and received are only IPv6
packets for the thing
Hi,
I use tumbleweed for testing, since compiling bind is hard(at least for me).
bind version: 9.18.11
options {
dns64 64:ff9b::/96 {
clients { any; };
recursive-only yes;
mapped { !10/8; any; };
};
};
plugin query "filter-a.so" {
11 matches
Mail list logo