Add option to strip (ignore) AAAA records of chosen domains

Add option to strip AAAA but leave A records, so request to particular site goes only through ipv4 (or vice-versa).

Example in PiHole's UI:
[domain.tld] [checkbox to block A or AAAA] [wildcard flag]

And that's my case: My ISP is ipv4 only, and to use ipv6 I'm using Hurricane Electric 6in4 tunnel. So my ipv6 outbound is in another country. And some sites that have both A and AAAA records are frequently shows wrong country. Sometimes it leads to "content is blocked in your country" or "your traffic is suspicious" things. The way to fix this is to write that site's domain in the hosts file with only ipv4 part. But that solution is not cool.

PS: Excuse me for posting it here, but Feature Requests category is not selectable.

That will be possible when the improved regex engine is merged into pihole master (currently in development branch). It will allow you to block certain query types. I use it to block all AAAA records, but it can be used for certain domains only.

Or in other words: The next official version of Pi-hole will have it

However, I don't think a UI setting should be added. Blocking AAAA queries isn't something you should do routinely. They are always harmless. When they do cause issues, the reason in always in a bad configuration somewhere.

If you block all AAAA then I may rise the question why you have a 6in4 tunnel at all?

New RegEx engine: Wouldn't it be computationally heavy?

That’s not what I wrote. I mean only a few problematic domains, not every AAAA record. And this Option to block/not forward all AAAA queries is clearly not the thing I want.

No, regular expressions are compiled to very efficient byte code and only this compiled form is used. You can typically run hundreds of (not too complex) regular expression against a domain in less than a millisecond. We also cache regex results for domains once evaluated to avoid a regex needing to be evaluated multiple times for the same domain.

In your case, regex is the best solution.

Example:

Regex rule is: ^www.i-do-not-want-aaaa-for-this.com$;querytype=AAAA

First Query for www.i-do-not-want-aaaa-for-this.com results in

1. FTL looking up the domain (not known for AAAA type)
2. FTL looking through its blacklist (not found)
3. FTL looking through the regex filter (match found for type AAAA)
   ---> Replied as blocked and stored in cache as AAAA:www.i-do-not-want-aaaa-for-this.com = blocked

Next queries for www.i-do-not-want-aaaa-for-this.com result:

1. FTL looking up the domain
   ---> Found for type AAAA and known as blocked

That feature looks promising! Thank you for helpful answer!

So I've tried the regex rule: ^www.netgear.com$;querytype=AAAA to stop my router. Doesn't work. The queries still go through.

> |2020-10-02 11:19:46|AAAA|www.netgear.com|orbi-main.ragnarok.local|OK (forwarded)|CNAME (8.5ms)|Blacklist|
> | --- | --- | --- | --- | --- | --- | --- |
> |2020-10-02 11:14:31|AAAA|www.netgear.com|orbi-main.ragnarok.local|OK (forwarded)|CNAME (9.6ms)|Blacklist|

Versions of Pi-hole:
Pi-hole version is v5.1.2 (Latest: v5.1.2)
AdminLTE version is v5.1.1 (Latest: v5.1.1)
FTL version is v5.2 (Latest: v5.2)

And it is the only service running on the RPI 4b.

What am I doing incorrectly to make the AAAA queries be blocked??

That feature isn't yet in release version of pihole. If you want to try it, you should switch to development branch.

Thanks for the info. I wasn't aware that it wasn't in production as of yet.

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.

Implemented with the the improved regex engine in Pi-hole Core/Web v5.2 and FTL v5.3 released!