block all AAAA queries for specific domain?
Rick van der Zwet
info at rickvanderzwet.nl
Thu Sep 20 14:00:46 UTC 2018
On 2018-08-27 16:09, Jeremy Baker via Unbound-users wrote:
> On 08/17/2018 04:48 PM, Rick van der Zwet via Unbound-users wrote:
>> For debugging purposes, I am trying to block (only) AAAA queries from
>> a specific domain and it's subdomains.
>> Does somebody has a work-around available to make my debugging effort
> This would certainly make my life easier as well, since netflix is
> constantly adding new host names that I have to disable ipv6 for.
Ales suggested dnsdist  in front of the unbound instance. It works
fine for me, using the following configuration:
# cat /usr/local/etc/dnsdist.conf
-- Disallow Netflix AAAA queries
-- All other traffic to local Unbound instance (interface:
127.0.0.1 at 5353)
-- Local Network configuration
How-ever a patch supporting wildcard domains in local-data would also be
More information about the Unbound-users