DNS filtering

Started by Jeffrey, December 06, 2019, 01:02:20 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
December 06, 2019, 01:02:20 AM
I like many others have run into a problem with using an IPv6 tunnel broker and Netflix where Netflix rejects the IPv6 connection.

I attempted to configure and DNS server on the firewall and everything was working fine until I attempted to use the command in bind "filter-aaaa-on-v4 yes;" it turns out that in order to use the command bind has to be built with the option "--enable-filter-aaaa".  The supplied version of bind9 for OPNsense doesn't have that option compiled in.

I'm not necessarily against recompiling bind however given the choice I would rather stay with the pre-built programs as it will make my life a lot easier in the future when it comes time to upgrading.

In case I was going about this the wrong way I was simply going to use unbound to query bind on port 10053 for anything in the netflix.com domain and allow bind to filter out the aaaa responses.

Jeff
Print
Go Up Pages1
User actions