Hi Radosław, Pushing this back to the mailing-list, please send further replies there as well.
On Mon, 12 Feb 2018 18:00:43 +0100 Radosław Ejsmont <[email protected]> wrote: > > On 12 Feb 2018, at 17:43, Pieter Lexis <[email protected]> wrote: > > > > On Mon, 12 Feb 2018 11:32:11 +0100 > > Radoslaw Kamil Ejsmont <[email protected]> wrote: > > > >> My goal is to successfully resolve AAAA only for hosts that are IPv6 only > >> and serve A only to dual-stack hosts. > > > > To be honest, your goal makes no sense from a networking perspective. > > When you dual-stack some hosts, your IPv6 network should be up for it. > > Faking IPv6 unavailability is a bad 'migration' strategy. It will also > > break dual-stack hosts that do DNSSEC validation. > > DNSSEC is blocked by provider anyway. They do not provide it through their > servers and block use on any other DNS servers anyway. I wish I could use > full dual-stack but with terribly slow tunnel that gives any IPv6 > connectivity and a need to connect to IPv6-only hosts (cloud servers) while > retaining good performance (bandwidth-wise) of the network (streaming for > example) I am running out of options here :( and there is literally no > provider that could wire me up to native v6 around :( Ouch, that is painful! I was under the impression that these things did not happen anymore in the wild. If you known the (sub) domains that need this special processing, you could simplify your life by adding them to a DNSSuffixMatchGroup[1] and if the domain name in the AAAA query is not matched in this group, send a NODATA response to let the client retry with A. This solution would be more cleaner than a blanket 'do another lookup to see if I like the answer'. > > If you really want to continue on this path, I recommend getting a Lua > > DNS library and doing an A query and see if you like the answer > > before returning something to the client. In the current Lua > > infrastructure in the Recursor, there is no way to re-inject a query > > into the recursor from Lua. > > Did not know pdns Lua interpreter supports external libraries! How do you > load them? Just like any other Lua module, install the rock and use `require`[2] Best regards, Pieter 1 - https://doc.powerdns.com/recursor/lua-scripting/dnsname.html#dns-suffix-match-groups 2 - http://lua-users.org/wiki/ModulesTutorial -- Pieter Lexis PowerDNS.COM BV -- https://www.powerdns.com _______________________________________________ Pdns-users mailing list [email protected] https://mailman.powerdns.com/mailman/listinfo/pdns-users
