Hi, Le Tue, 02 Aug 2016 10:39:23 -0400 Junyang Gu <mike...@fastmail.com> a écrit:
> It seems to me that dnsmasq should filter out loopback addresses for > DNS queries universally, or at least provide such an option. > > Consider such a scenario, > > dnsmasq runs on host1, and host1's /etc/hosts contains 127.0.1.1 > host1, which is usually the case. > > A second machine host2 queries dnsmasq for host1, and would get > 127.0.1.1, which is also a valid IP address, except it goes to host2. > > I do not see any any scenario where dnsmasq should return a loopback > address. I've seen this method used by NS providers for blackholing suspicious FQDNs. It makes sure traffic directed at them will not even enter the Net. > Regards Amicalement, -- Albert. _______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss