Pi hole can block non-fqdn A and AAAA records from being forwarded.
How can I do the same for HTTPS record types?
Seeing NODATA responses from my ISP (of course) since they will not know about my non-FQDN host name; but some device is querying for it via HTTPS record type.
My issue may be I also have a VPN profile on my iOS devices for on-demand VPN if it can't find my home domain and since iOS queries first for HTTPS, then AAAA, then A, sometimes my phone does a VPN connection when it should not. If I could reply with the HTTPS record that may fix this.
I am using Unbound as a recursive DNS resolver with Pi-Hole and don't forward DNS queries to my ISP.
If I do a resolution to e.g. dig cloudflare.com -t TYPE65
I get an answer of TYPE65.
If I take a look at the Wireshark response to this query, I see that IPv4 and IPv6 IPs are returned in one single reply at the same time.
Pi-Hole shows this particular query above as a "BLOB" reply. I would asume, if a forwarding DNS server or ISP doesn't reply to a HTTS query as above, you don't get a "BLOB" reply.
I can also observe "BLOB" replies in Pi-Hole when visiting e.g.: https://www.cloudflare.com/
with Mac OS, iOS and other Apple devices.