On 06/03/2021 19:22, Geert Stappers via Dnsmasq-discuss wrote: > Share the challenge you are facing with us.
Put simply, I need dnsmasq to return nothing for an A query, as the VPN has no IPv4 routing; I do not wish the query to be forwarded, because then it will be answered by the Internet, and applications may then end up trying to access the service without using the VPN. This will not work due to firewalling. The hostname has IPv4 and IPv6 addresses when queried over the Internet, but the particular service on that host that I wish to access is only available over the VPN, which is IPv6-only. It would be nice if there were an explicit way to indicate in a --host-record option that it should not forward queries for this name if it has not been configured with the respective address, and instead reply with nothing (as though the name exists, but the record does not). 0.0.0.0 and :: seem as valid a choice as any for a "no address" configuration entry. If it ends up being those, I think it should apply to hosts(5) entries too. This is sort of what I'm achieving right now, with the undesirable side effect that dnsmasq returns those addresses literally. Unfortunately, this would result in the application attempting to connect to localhost, as that's what most operating systems treat 0.0.0.0 / :: as, when used as the argument to connect(2). Regards, Aaron Jones
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss