In message <e7f58592-1570-494f-a530-97e54b8c0...@rrcic.com>, "John W. Blue" writes: > > Hello Marek, > > Do you have an IPv6 assignment? If not, there is really no need to even > be resolving AAAA records. An overly simplistic description of a > potential solution could be to just drop the incoming AAAA request via > its hex value in much the same way rate limiting is done for the "any" > query: > > -hex-string '|0000FF0001|' > > I don't know off hand what the hex value for AAAA is but it should not be > too hard to find. > > John
Just dropping AAAA queries is a bad idea as most machines actually have a AAAA addresses (loopback and linklocal) so just about every application makes AAAA queries. If you drop AAAA queries you slow up every address lookup in your network. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
