[squid-users] custom DNS resolver scripts? (was: Re: Is it possible to force some dstdomain to ipv4) protocol without define an outgoing ip address ?

Bruce Rosenberg bruce.rosenberg.au at gmail.com
Thu Jun 10 03:42:25 UTC 2021 

You could run unbound on the squid host (or elsewhere) and use this config
to drop all AAAA requests.
It utilises unbound's ability to include custom python scripts.

https://github.com/berstend/unbound-no-aaaa

Configure unbound to forward all other DNS requests to your existing
nameservers and reconfigure squid to use unbound via the dns_nameservers
directive.

On Thu, Jun 10, 2021 at 11:58 AM Amos Jeffries <squid3 at treenet.co.nz> wrote:

> On 10/06/21 11:42 am, Alex Rousskov wrote:
> > On 6/9/21 6:16 PM, Ambrose Li wrote:
> >> On Wed, Jun 09, 2021 at 12:05:40PM -0400, Alex Rousskov wrote:
> >>> Not that I know of. You can implement this logic inside a custom DNS
> >>> resolver script, or you can reconfigure Squid whenever your outgoing
> >>> addresses change, but I understand that you are looking for a better
> >>> solution.
> >
> >> What are the current recommendations for custom DNS resolver scripts?
> >
> > I was talking about a custom script that implements a custom DNS
> > resolver. With modern libraries, it takes a few lines of code to write a
> > basic one. This kind of resolver does not resolve most of the names, but
> > forwards queries to another/real resolver, adapting the queries and/or
> > the answers as needed.
> >
> > For an oversimplified example, such a script can respond to all AAAA
> > queries (with answers containing no records) while forwarding all A
> > queries to a "real" resolver.
> >
>
> Should be no need for any custom scripts or Squid config at all for this.
>
> The Bind9 filter-aaaa* feature does it already without wasting network
> bandwidth delivering ignored response fields. Other recursive resolvers
> should all have equivalent features too.
>
>
> Amos
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20210610/c998b4d9/attachment.htm>

More information about the squid-users mailing list