filter-aaaa-on-v4 does not filter AAAA if there is no existing A Record with the same FQDN - working as designed?

Mark Andrews marka at
Wed Jan 25 23:03:58 UTC 2017

In message <823d435a-eff7-48eb-b99f-b0e36c2323e5 at>, addie write
> So we can assume that this is working as designed?!
> However, it would be very interesting to know why this policy does not filter
>  AAAA Records when there is no A record. From my point of view this policy is
>  useless.
> If we want to prevent clients from receiving any AAAA Records for every case,
>  there should not be any exception. Are there any critical side effects that 
> I disregard?

In reality this shouldn't be needed at all.  This is a workaround
for a broken IPv6 stack (network/OS/application).  Your network
layer should be telling the applications that IPv6 destinations are
unreachable and they should be moving onto the next address.

If there is no A record then there is no fallback possible so there
is no need for the workaround.  What harm is there in returning the
AAAA?  All you get is a reminder to fix your network / application
/ OS if a failure takes a long time to be reported.


> _______________________________________________
> Please visit to unsubscribe
>  from this list
> bind-users mailing list
> bind-users at
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at

More information about the bind-users mailing list