Double entries (A and AAA) in query log

I have setup pi-hole and unbound on a Debian VM and configured according to the guide available on the pi-hole website. Everything is running fine but I am curious about the double entries in the log.

I have setup two customer DNS for IPv4 and IPv6 for unbound forward:
Custom DNS 1: 127.0.0.1#5353
Custom DNS 3: ::1#5353

For nearly every query I get an A and an AAA entry in the log, e.g.:
15:22:07 dnsmasq[66215]: query[AAAA] fonts.gstatic.com from 192.168.1.23
15:22:07 dnsmasq[66215]: query[A] fonts.gstatic.com from 192.168.1.23

So from this it looks like for every request is send to the IPv4 and IPv6 DNS servers.
This is probably expected behaviour as you can’t tell from the hostname.

Just wanted to make sure I don’t have misconfigured something. Thanks!

You have not misconfigured anything.

Ok. Great thank you!

Am I right in the assumption that the second DNS entry for ::1#5353 is actually not needed? It seems the local unbound server resolves IPv6 addresses anyway even if the request is send to 127.0.0.1#5353.

Also it looks it looks like the custom DNS are following the same rules as the normal DNS (keep the same server until failure or timeout) anyway so it’s irrelevant if the DNS query to unbound comes through 127.0.0.1#5353 or ::1#5353. Is that right?

dig +short @127.0.0.1 -p 5353 pi-hole.net

dig +short @::1 -p 5353 pi-hole.net

Both commands give me the same output:

$ dig +short @127.0.0.1 -p 5353 pi-hole.net
206.189.252.21

$ dig +short @::1 -p 5353 pi-hole.net
206.189.252.21

Did that answer the question ?

That’s what I am not sure because a:

*$nslookup pi-hole.net*
*Server: 127.0.0.1*
*Address: 127.0.0.1#53*
*Non-authoritative answer:*
*Name: pi-hole.net*
*Address: 206.189.252.21*
*Name: pi-hole.net*
*Address: 2604:a880:400:d0::1071:1*

tells me that pi-hole.net has a IPv4 and a IPv6 address.

Hence if I do a name resolution via ::1 I"d expect the IPv6 address will be returned and not the IPv4. So that’s why I am a bit confused.

dig +short @127.0.0.1 -p 5353 a pi-hole.net

dig +short @127.0.0.1 -p 5353 aaaa pi-hole.net

dig +short @::1 -p 5353 a pi-hole.net

dig +short @::1 -p 5353 aaaa pi-hole.net

Okay got it. Thank you very much for your time to explain this to me.

1 Like

IPv6 DNS queries can be answered by IPv4.

Yep. What misled me is that when use the large DNS resolver like Cloudflare they have a different servers addresses for IPv4 and IPv6. Of course they probably have different dedicated server (clusters) which are configured to only do either IPv4 or IPv6. For my little home setup it’s just one and the same unbound doing both hence it doesn’t matter how you reach it. A little mental hurdle I had to get over to understand.

Thanks you!

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.