Messages

The new unbound 1.25.1 seems to include some important security fixes. I didn't update it yet, due to this DNS64 bug.

Have any other alternative to Unbound DNS (with DNS64 support)?

Thank you, running `opnsense-revert -r 26.1.7 unbound` worked. :D

The option "Enable DNS64 Support" states:
```
If this option is set, Unbound will synthesize AAAA records from A records if no actual AAAA records are present.
```

However, it's not working anymore. I have a IPv6 only network (OPNSense is the only one with IPv6 for NAT64/DNS64). Before the upgrade, everything was working as expected with "Enable DNS64 Support" and "Enable AAAA-only mode" checked.

Now, querying any DNS will result in no AAAA. For instance:
```
 drill AAAA github.com
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 27285
;; flags: qr rd ra ; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;; github.com.   IN   AAAA
```

Note: Github.com doesn't have AAAA, but Unbound DNS fail to "synthesize AAAA records from A record".