My Turris Omnia (details further down) implements the default BCP163 behaviour
as expected. I am wondering how to over-ride this so that reverse DNS works
for the RFC1918 and RFC4193 (ULA) addresses which are in use on my network.
From BCP163:
An implementation of this recommendation MUST provide a mechanism to
disable this new behaviour, and SHOULD allow this decision on a zone-
by-zone basis.
A down-side is that it will also unblock non-existing addresses in that range, so the upstream servers then get asked those queries.
You can do the same with IPv6. There it’s a bit more difficult to write the reverse range. I usually call kdig -x full:IPv6::address and then cut it on the appropriate place (also works the same with dig).
We have WIP upstream to make combining all the rules “just work” the way most people expect, so that no config will be needed in this case, but it surely won’t arrive to Turris soon enough for you.
Thanks for your quick response, Vladimír, and for your advice on how to customize the kresd configuration. I’ll need to think about what will work best for me. It’s not a downside to have kresd forward to either of my carefully-configured local resolvers,
already referenced by a “custom forwarder” configuration, which works as expected
for forward DNS.
It may be less work for me simply to over-ride DHCP option 6 so that it refers to my
resolver addresses rather than to the address of the Turris. In this case, it would make
sense to change (whatever generates) /etc/resolv.conf on the Turris to use those addresses rather than the localhost addresses, and perhaps to disable kresd.
I’m not sure what you mean by “automatic mappings”. Do you mean entries
generated from the DHCP hostname asserted by the client?
It should be whatever names the DHCP server (dnsmasq) knows about, including statically configured ones.
/etc/resolv.conf probably isn’t very interesting for you, as it’s only for the router itself. DHCP option 6 can be overridden in LuCI; I expect you’ve found that already.