Hi, I'm running a bind9 name server (9.13.4 on debian) which forwards some zone (onion.) to tor's name server. Unfortunately, tor's name server only answers A and AAAA requests, but not e.g. ANY requests.
192.168.1.3 is running the tor dns, 192.168.1.13 is running bind9 forwarding to 192.168.1.3:9053 $ dig +short @192.168.1.3 -p9053 3g2upl4pq6kufc4m.onion ANY ;; Connection to 192.168.1.3#9053(192.168.1.3) for 3g2upl4pq6kufc4m.onion failed: connection refused. $ dig +short @192.168.1.3 -p9053 3g2upl4pq6kufc4m.onion A 10.255.55.223 $ dig +short @192.168.1.3 -p9053 3g2upl4pq6kufc4m.onion AAAA febe:5163:d2b9:98aa:345b:ee04:2c32:d10e $ dig +short @192.168.1.13 3g2upl4pq6kufc4m.onion ANY $ dig +short @192.168.1.13 3g2upl4pq6kufc4m.onion A 10.255.55.223 $ dig +short @192.168.1.13 3g2upl4pq6kufc4m.onion AAAA febe:5163:d2b9:98aa:345b:ee04:2c32:d10e Is there any option: - to make bind fall back to A or AAAA when the ANY request fails (even the connection fails!) or - to only forward requests of certain type(s) or - to answer ANY requests _always_ with A or AAAA records (not trying if the ANY request can be forwarded successfully), possibly for certain zones only? Sry, if that has been asked before, but I seem unable to find anything useful on the internet, since "ANY" is not a good search term ;-) and without "ANY" I only turn up how to set bind to ipv4/ipv6-only. regards, Erich
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
