The Hoof & Paw
DocsCategoriesTagsView the current conditions from the WolfspyreLabs WeatherstationToggle Dark/Light/Auto modeToggle Dark/Light/Auto modeToggle Dark/Light/Auto modeBack to homepage

Disabling ipv6 responses with templates

The Problem:

Sometimes, you don’t WANT ipv6 addresses delivered within a result

root@coredns-01:/usr/src/coredns# host google.com
google.com has address 142.250.113.100
google.com has address 142.250.113.113
google.com has address 142.250.113.139
google.com has address 142.250.113.138
google.com has address 142.250.113.101
google.com has address 142.250.113.102
google.com has IPv6 address 2607:f8b0:4023:1000::8b
google.com has IPv6 address 2607:f8b0:4023:1000::66
google.com has IPv6 address 2607:f8b0:4023:1000::64
google.com has IPv6 address 2607:f8b0:4023:1000::65
google.com mail is handled by 10 smtp.google.com.

So, as we were setting up our [corefile] configuration, we ran into the somewhat problematic result seen above…

ipv6 results returned when they weren’t asked for.

The Solution

Use the template plugin, and use it to rewrite AAAA requests as A requests.

This issue was discussed in This Github issue and this blog post


Example

As prescribed in the links above, add this within the relevant context(s) in your Corefile:

  template ANY AAAA {
    rcode NOERROR
  }

So a minimal example corefile might look like /etc/coredns/Corefile:

.:53 {
  log
  errors
  log . "{remote} {type} {name} {class} {size} {rcode} {duration}"
  cache
  unbound
  template ANY AAAA {
    rcode NOERROR
  }
}

Demoing desired behavior

And, lo, and behold:

Client-side query

root@coredns-01:/usr/src# host google.com
google.com has address 142.250.113.138
google.com has address 142.250.113.139
google.com has address 142.250.113.100
google.com has address 142.250.113.113
google.com has address 142.250.113.101
google.com has address 142.250.113.102
google.com mail is handled by 10 smtp.google.com.

Server-side log

root@coredns-01:/usr/src# coredns -conf /etc/coredns/Corefile
[WARNING] An external plugin (/root/go/pkg/mod/github.com/coredns/unbound@v0.0.7/setup.go line 63) is using the deprecated function Normalize. This will be removed in a future versions of CoreDNS. The plugin should be updated to use OriginsFromArgsOrServerBlock or NormalizeExact instead.
.:53
CoreDNS-1.9.3
linux/arm64, go1.19, fc7f3835-dirty
[INFO] plugin/mdns: mdnsHosts: &map[AirlyBreathing.mdns.:0x4000519790 SkwirrelBane.mdns.:0x40005196c0]
[INFO] 127.0.0.1:48837 - 37851 "A IN google.com. udp 28 false 512" NOERROR qr,rd,ra 184 0.16915543s
[INFO] 127.0.0.1:54523 - 29224 "AAAA IN google.com. udp 28 false 512" NOERROR qr,aa,rd 28 0.000716673s
[INFO] 127.0.0.1:56724 - 50310 "MX IN google.com. udp 28 false 512" NOERROR qr,rd,ra 396 0.127641198s