search

AdguardTeam / dnsproxy

Simple DNS proxy with DoH, DoT, DoQ and DNSCrypt support
Apache License 2.0
2.27k stars 240 forks source link

"in-addr.arpa" addresses leaking to upstream resolver #385

Closed iJorgen closed 3 months ago

iJorgen commented 3 months ago

I'm seeing "in-addr.arpa" addresses in the upstream-logs (NextDNS portal) that should not reach outside my local LAN. Happens every time I start Youtube Music so guess it's some kind of mDNS/discovery. Having issues with multicasting from Youtube Music so guess it could be related?!

What is this type of address? Feels like an IPv6 with the beginning ("fe80"), but also an IPv4 address in the same string. Can I keep them locally with a rule in the upstream-section, or is this a bug in DNSProxy leaking these upstream?

fe80.12.99.9.10.in-addr.arpa
fe80.6.0.0.192.in-addr.arpa
fe80.68.141.7.10.in-addr.arpa
fe80.110.67.15.10.in-addr.arpa
fe80.139.149.91.100.in-addr.arpa
ameshkov commented 3 months ago

This is not a bug, dnsproxy just proxies requests that it receives :)

But you indeed can keep them local if you specify a different upstream for these queries: https://github.com/AdguardTeam/dnsproxy?tab=readme-ov-file#specifying-upstreams-for-domains