Maintained by: NLnet Labs

Filter AAAA records within a specific zone

Jeremy Baker
Mon Jan 8 01:39:49 CET 2018


I ran into this problem a while back, and posted my unbound solution here:

https://www.mbcs.ca/?p=30


On 01/06/2018 05:05 PM, Dave Warren via Unbound-users wrote:
> Howdy!
>
> Is there a way to have unbound filter/block AAAA records from being
> returned from a specific zone?
>
> It seems like BIND might allow this using the filter-aaaa-on-v6
> directive, I'm looking for something similar in Unbound.
>
> The underlying issue is that we've recently added HE's IPv6
> tunnelbroker to our network, but certain services
> *cough*Netflix*cough* reject traffic sent through a HE tunnel. I'm
> looking for a way to force problem services through IPv4 and it seems
> like one possible approach would be to limit their domains from
> retrieving AAAA records.
>

-- 
Jeremy Baker <jab at mbcs.ca>
GnuPGP fingerprint =
EE66 AC49 E008 E09A 7A2A  0195 50EF 580B EDBB 95B6