DNS Resolver - Prefer A records
-
Hi,
My ISP does not provide me with native IPv6, right now I'm using a Hurricane Electric tunnel for that. Whenever a website has both an IPv4 and IPv6 address, the IPv6 address is used to connect. I'd like to be able to configure unbound to only respond with an AAAA record if there is no A record present. So that everything on my network prefers IPv4 and only uses IPv6 if there is no IPv4 connection possible.
Is such a thing possible and how would I go about configuring that?
Thanks!
-
@td092854 said in DNS Resolver - Prefer A records:
Is such a thing possible and how would I go about configuring that?
Your better off telling your client to prefer IPv4.. Simple reg change in windows or manipulation of the default IPv6 prefix policies with netsh
While you can disable AAAA in unbound completely.. I am not aware of way to only answer with AAAA if there is no A record.
But to be honest - what would that be? What service out there currently is only available via IPv6? I can't think of any, other than stuff you prob shouldn't be going to anyway ;) There for sure is not one major player type site that only has IPv6... If they did they would cut themselves off from vast majority of the planet that does not have IPv6 yet, etc.
An intelligent man is sometimes forced to be drunk to spend time with his fools
If you get confused: Listen to the Music Play
Please don't Chat/PM me for help, unless mod related
SG-4860 25.07 | Lab VMs 2.8, 25.07 -
@td092854
That's determined by the OS, IIRC.
-
@johnpoz said in DNS Resolver - Prefer A records:
What service out there currently is only available via IPv6?
In some parts of the world, the IPv4 address shortage have forced them to move to IPv6. Some countries, such as China, have plans to move entirely to IPv6. Of course, many people need IPv6 to reach into their own networks without using NAT. Ask anyone who's stuck behind CGNAT.
PfSense running on Qotom mini PC
i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
UniFi AC-Lite access pointI haven't lost my mind. It's around here...somewhere...
-
Exactly, when something is IPv6 only, I want to be able to reach it through the tunnel, but for everything else I'd like to use my native IPv4 connection until I get native IPv6, then it doesn't matter.
Some services such as Netflix don't like the HE tunnel, that's why I want it to work this way, preferring IPv4 on the entire network. But at the moment I don't use any IPv6 only services and luckily I don't have CGNAT, was just experimenting and wanted to be prepared. So, I might be better of disabling IPv6 altogether until I have native access.
-
@td092854
Search on "prefer IPv4" and find the solution for the OS you're using on your computers.
However, even back when I was using a 6in4 tunnel, I didn't bother doing that.
I find this head in sand thinking from so many about moving to IPv6 annoying. By staying with IPv4, progress on the web is impeded. IPv4 hasn't been adequate since the day it became necessary to use NAT to get around the IPv4 address shortage.
-
@jknott said in DNS Resolver - Prefer A records:
, have plans to move entirely to IPv6.
Sure they do while the like 3 of their top sites in the world - still don't have IPv6.. But yeah they are moving ;)
https://whynoipv6.com/
You can dream all you want, wish all you want this time there is zero need for IPv6... Name one resource that anyone would want or need to get to that actually requires IPv6...
Exactly, when something is IPv6 only
NAME something? There isn't any!
What your asking for is the resolver to resolve both A and AAAA every time a client asks, but only hand out the AAAA when there is no A for what they resolved.. There is no way to do such a thing that I am aware of.
But you can have your client prefer to use IPv4 even when there is both that they ask for..
An intelligent man is sometimes forced to be drunk to spend time with his fools
If you get confused: Listen to the Music Play
Please don't Chat/PM me for help, unless mod related
SG-4860 25.07 | Lab VMs 2.8, 25.07 -
As said I don't use any IPv6 only service, nor do I know of any. I wanted to future proof my network by investing in and learning about IPv6 even though my ISP doesn't provide me with native access. But, if that means that I have to configure every device to prefer IPv4, because the tunnel doesn't allow me native experience with Netflix blocking it for instance, it's just not worth the trouble. I'll document what I've learned and leave it for later.
Thanks for the insights!
-
@johnpoz said in DNS Resolver - Prefer A records:
NAME something? There isn't any!
I believe Comcast is or has moved to dual stack with CGNAT for IPv4. The only way for a customer to reach their home network is via IPv6. Another example would be someone who gets their Internet connection via the cell network, where NAT is almost(?) always used. For example, my cell carrier (Rogers) uses 464XLAT for IPv4, but provides a public /64 to connected devices on IPv6.
BTW, IPv6 support is mandatory on 4G and later.
