disable AAAA response for a given domain


#1

Is it possible to configure Pi-hole to return only A and not AAAA for a given domain?
The use case is pretty simple - IPv6 is provided via tunnel (HE broker) and accessing local (== in-country) resources via IPv6 is not desirable.


#2

I believe this would be as simple as setting up that domain to point to the IP address in your host file. This would stop a lookup and simply use that IP you provided for that specific domain.

Would recommend testing to find out.

Also if you use say dnscrypt you can refuse ipv6 lookups and it also has a pretty neat cloaking feature (same as using /etc/hosts but is said to handle larger scale host files).

EDIT: In my own testing of this I found looking at my pihole logs it would not do a recursive lookup and use whatever was in my host file.


#3

You’re probably talking about a host[name], but I’m talking about domain, to be more specific - country tld, like .fr or .pl for example.


#4

Create a line like

address=/tld/::

in a custom file in /etc/dnsmasq.d (e.g., /etc/dnsmasq.d/99-AAAA.conf).

This will return :: for all AAAA requests to tld and whatever is below this domain. You need to fully restart pihole-FTL for new configuration lines to be loaded/parsed.


#5

That does not work for me.
in the log:

query[A] www.xxxx.xx from 192.168.x.x
config www.xxxx.xx is NODATA-IPv4
query[AAAA] www.xxxx.xx from 192.168.x.x
config www.xxxx.xx is ::