[Feature][DNS] Allow 0.0.0.0 as address for DNS records

Borizo · Thu Oct 20, 2016 6:32 pm

Please allow to enter 0.0.0.0 as address for static DNS records.

Currently attempt to specify this address will be blocked with popup stating:

Wrong Address
Error in Address - ip address expected!

Expected behavior: same as specifying 0.0.0.0 for certain DNS in hosts file - inaccessible host.

PS If anyone knows a better way please hint me. I have tried 255.255.255.255, 127.0.0.1 and host refusing TCP connections, but it seems browsers handle 0.0.0.0 in reply in a best possible way.

Test471 · Sat Oct 22, 2016 12:40 am

Point it to some private address and configure firewall to reject.

Squidblacklist · Sat Oct 22, 2016 7:41 am

Hmm, while that is definitely noteworthy, it is indeed trivial.

Here is something that may be helpful,

We are simply using loopback 127.0.0.1 with an option for our users to customize it with the following script header.

#  TiK-DNS-Ads: Blacklist compiled by SquidBlacklist.org 10-21-2016.                                  
:log info "tik dns ads blacklist script import started"
:local redirectIP "127.0.0.1"
/ip dns static remove [find comment="sbl ads"]
/ip dns static
add regexp="^(.*\\.)\?004\\.frnl\\.de\$" address="$redirectIP" comment="sbl ads"
add regexp="^(.*\\.)\?01s\\.net\$" address="$redirectIP" comment="sbl ads"
add regexp="^(.*\\.)\?01viral\\.com\$" address="$redirectIP" comment="sbl ads

Zorro · Sat Oct 22, 2016 12:47 pm

apparently in latest versions of Windows OS - using 127/8 will cause delays and some issues for, while 0.0.0.0.
thats blackholing-wise. for other purposes there was other specific in each generation of.

Borizo · Wed Nov 30, 2016 2:26 am

Hmm, while that is definitely noteworthy, it is indeed trivial.

Same looks for me, I just wonder why it has not been requested before. Or it was?

Thaks for hinting other way, but unfortunately anything but 0.0.0.0 is slower.
I suppose that's becuase browsers interpret it in a different way than any address.

apparently in latest versions of Windows OS - using 127/8 will cause delays

yep.

for other purposes there was other specific in each generation of.

I didn't get your idea. Could you please provide more details?

msatter · Wed Nov 30, 2016 9:43 am

I put instead of 127.0.0.1 the IP 240.0.0.1 in the table and put a rule in the Mikrotik firewall to tcp-reset that connection. For IPv6 I put ::FFFF:240.0.0.1 in the DNS table because on Android ::1 gives a big delay and also on Windows 10 using Firefox.

I can try out the 0.0.0.0 later today if that is having the same speed advantages. I am using not the DNS part in the Mikrotik at all and I am using DNSMasq on a separate Linux box.
This will save me a rule in the firewall if that works.

update: I have now replaced all 240.0.0.1 with 0.0.0.0 and all seems to be as fast as before. I have to use it for a while to be sure if all keep working correct.

ruwi000 · Wed Dec 07, 2016 11:25 pm

Just my 2 cents, if you do not want to use the classic private ranges ... There are also documentation ranges defined in rfc5737
192.0.2.0/24 (TEST-NET-1), 198.51.100.0/24 (TEST-NET-2) and 203.0.113.0/24 (TEST-NET-3)
These are not allocated as global routable ranges. and should be black-holed any way.
A browser will not interfere with these addresses.

[Feature][DNS] Allow 0.0.0.0 as address for DNS records

[Feature][DNS] Allow 0.0.0.0 as address for DNS records

Re: [Feature][DNS] Allow 0.0.0.0 as address for DNS records

Re: [Feature][DNS] Allow 0.0.0.0 as address for DNS records

Re: [Feature][DNS] Allow 0.0.0.0 as address for DNS records

Re: [Feature][DNS] Allow 0.0.0.0 as address for DNS records

Re: [Feature][DNS] Allow 0.0.0.0 as address for DNS records

Re: [Feature][DNS] Allow 0.0.0.0 as address for DNS records

Who is online