Prerequisites
The problem
After updating Debian to 13 (trixie), a change occurred that caused the null address "0.0.0.0" or "::" to be interpreted as localhost.
(In fact, pinging these addresses will result in a loopback; bookworm does not.)
As a result, if you have the block mode set to null addresses, the null address returned as a blocked hostname will be used to attempt a loopback, which can cause problems such as extended or inaccessible loading times for the actual content, or even reading localhost content.
In my environment, I use AGH's custom filter function to return internal v4-only addresses, with v6 blocked, so that I can access a server behind my NAT at home using an Internet-resolvable domain name. The same applies to address resolution between servers.
Due to the change in null address interpretation caused by the Debian upgrade, v6 addresses could now be looped back, preventing communication between servers.
(I solved it by using |HOSTNAME^$dnstype=AAAA,dnsrewrite=NOERROR;; which results in a NOERROR response with no records on the client.)
Proposed solution
Add "Blank" to AGH's block mode, and reply with NOERROR;; for hostnames blocked in this mode.
Alternatives considered and additional information
No response
Prerequisites
I have checked the Wiki and Discussions and found no answer
I have searched other issues and found no duplicates
I want to request a feature or enhancement and not ask a question
The problem
After updating Debian to 13 (trixie), a change occurred that caused the null address "0.0.0.0" or "::" to be interpreted as localhost.
(In fact, pinging these addresses will result in a loopback; bookworm does not.)
As a result, if you have the block mode set to null addresses, the null address returned as a blocked hostname will be used to attempt a loopback, which can cause problems such as extended or inaccessible loading times for the actual content, or even reading localhost content.
In my environment, I use AGH's custom filter function to return internal v4-only addresses, with v6 blocked, so that I can access a server behind my NAT at home using an Internet-resolvable domain name. The same applies to address resolution between servers.
Due to the change in null address interpretation caused by the Debian upgrade, v6 addresses could now be looped back, preventing communication between servers.
(I solved it by using
|HOSTNAME^$dnstype=AAAA,dnsrewrite=NOERROR;;which results in a NOERROR response with no records on the client.)Proposed solution
Add "Blank" to AGH's block mode, and reply with
NOERROR;;for hostnames blocked in this mode.Alternatives considered and additional information
No response