On Tue, 29 May 2012 08:22:54 +0200
Per Jessen
James Knott wrote:
Carlos E. R. wrote:
I have a local dns server (bind 9), and I wonder if there is some setting so that it doesn't do any IPv6 query to outside. Would that be AAAA records? Perhaps is it possible to block such queries in the firewall?
I don't know about bind, but I doubt you could filter it at the firewall, as you'd then have to filter all DNS requests.
Not necessarily - iptables has content inspection, so it might be possible to identify individual AAAA queries. The question is if dropping such queries wouldn't just mean longer processing time?
At the risk of pointing out the obvious and unintentionally insulting someone, in this case I'd recommend the 'BIND 9 Administrator Reference Manual' from Internet Systems Consortium, available at this page on their site under 'Reference and FAQ'. There is also a 'new KnowledgeBase' available linked from this page: http://www.isc.org/software/bind/documentation I'm not sure I exactly understand your requirement, Carlos, but if it can be done, the BIND 9 ARM is the penultimate named.conf 'cook book' :-) hth & regards, Carl -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org