DNS64: reverse lookups fail when using ULA prefix
Maurice Walker
maurice at walker.earth
Wed Feb 19 13:51:25 UTC 2020
Hello,
When using the default DNS64 prefix, reverse lookups for synthesized addresses
work. For example, a reverse lookup for 64:ff9b::185.49.140.10 properly
resolves to PTR dicht.nlnetlabs.nl and PTR open.nlnetlabs.nl.
Same behavior when setting dns64-prefix to a GUA prefix.
But when using a ULA prefix ("dns64-prefix: fd01:db8::/96"), reverse lookups
fail (NXDOMAIN).
- Is this behavior intentional? The cause most likely is filtering of reverse
lookups for private address space. But shouldn't the dns64-prefix be
excluded from such filtering?
- If it is indeed intentional, what would be the best way to work around it?
Setting "unblock-lan-zones: yes" does the trick, but seems a bit too radical.
Cheers,
Maurice
More information about the Unbound-users
mailing list