[Pdns-users] LUA for "filter-aaaa-on-v4"

[Brian Candler]

On 30/10/2023 09:10, Djerk Geurts via Pdns-users wrote:
>
> Your right that once dual stack is enabled on parts of the network and 
> in clients, then we'll need to be mindful of this. But, I would expect 
> most dual stack clients to default to querying DNS using IPv6. In fact 
> as we control the client IP addressing, we can ensure to convert DNS 
> server settings to IPv6 when enabling dual stack.

DHCP(v4) can only give out IPv4 DNS server addresses. Therefore, your 
dual-stack clients will end up learning about both v4 and v6 DNS 
servers, and you cannot control which they use. You can *hope* that they 
will prefer the IPv6 ones, but you can't enforce it.

I can't really see what problem you're trying to solve.  Do you have 
evidence that certain client OSes are making DNS requests for AAAA 
addresses even when they don't have an IPv6 address? If so, have you 
measured the amount of extra network traffic or DNS recursor load these 
are generating, and is this significant in the overall picture?

Furthermore, even for IPv4-only single stack clients, it seems to me you 
are going to create more problems than you solve by trying to mess with 
this: it's a case of an unnecessary "optimisation". If you drop the 
requests you will force the clients to retry, which could add several 
seconds of latency before they give up. But if you respond to them, you 
might as well give the valid response to the query they asked for.