Igor Sverkos via Unbound-users <unbound-users@lists.nlnetlabs.nl>: > Is there a way to force IPv4-ony responses (i.e. drop any IPv6 > queries/answers) for certain domains using unbound?
"private-address" statements filters out specified IPv6 (or IPv4) records. By specifying all IPv6 address space (::/0) unbound filters out all AAAA records. i.e: === server: private-address: ::/0 ==== You want to drop AAAA records in certain domain, not all AAAA. You can do it by running two Unbound instances. - Step1. Start an Unbound instance that drops all AAAA RRsets on all domains (listening port 10053). # unbound-aaaa-filter.conf server: private-address: ::/0 # filters out all AAAA ! port: 10053 - Step2. Configure your "main" Unbound instance to forward queries for certain domain to the "AAAA-filtered" Unbound instance. # unbound-main.conf server: do-not-query-localhost: no forward-zone: name: example.com forward-addr: 127.0.0.1@10053 -- Daisuke Higashi
