[Feature][DNS] Allow 0.0.0.0 as address for DNS records

Borizo · October 20, 2016, 3:32pm

Please allow to enter 0.0.0.0 as address for static DNS records.

Currently attempt to specify this address will be blocked with popup stating:

Wrong Address
Error in Address - ip address expected!

Expected behavior: same as specifying 0.0.0.0 for certain DNS in hosts file - inaccessible host.

PS If anyone knows a better way please hint me. I have tried 255.255.255.255, 127.0.0.1 and host refusing TCP connections, but it seems browsers handle 0.0.0.0 in reply in a best possible way.

Test471 · October 21, 2016, 9:40pm

Point it to some private address and configure firewall to reject.

Squidblacklist · October 22, 2016, 4:41am

Hmm, while that is definitely noteworthy, it is indeed trivial.

Here is something that may be helpful,

We are simply using loopback 127.0.0.1 with an option for our users to customize it with the following script header.

#  TiK-DNS-Ads: Blacklist compiled by SquidBlacklist.org 10-21-2016.                                  
:log info "tik dns ads blacklist script import started"
:local redirectIP "127.0.0.1"
/ip dns static remove [find comment="sbl ads"]
/ip dns static
add regexp="^(.*\\.)\?004\\.frnl\\.de\$" address="$redirectIP" comment="sbl ads"
add regexp="^(.*\\.)\?01s\\.net\$" address="$redirectIP" comment="sbl ads"
add regexp="^(.*\\.)\?01viral\\.com\$" address="$redirectIP" comment="sbl ads

Zorro · October 22, 2016, 9:47am

apparently in latest versions of Windows OS - using 127/8 will cause delays and some issues for, while 0.0.0.0.
thats blackholing-wise. for other purposes there was other specific in each generation of.

Borizo · November 30, 2016, 12:26am

Hmm, while that is definitely noteworthy, it is indeed trivial.

Same looks for me, I just wonder why it has not been requested before. Or it was?

Thaks for hinting other way, but unfortunately anything but 0.0.0.0 is slower.
I suppose that’s becuase browsers interpret it in a different way than any address.

apparently in latest versions of Windows OS - using 127/8 will cause delays

yep.

for other purposes there was other specific in each generation of.

I didn’t get your idea. Could you please provide more details?

msatter · November 30, 2016, 7:43am

I put instead of 127.0.0.1 the IP 240.0.0.1 in the table and put a rule in the Mikrotik firewall to tcp-reset that connection. For IPv6 I put ::FFFF:240.0.0.1 in the DNS table because on Android ::1 gives a big delay and also on Windows 10 using Firefox.

I can try out the 0.0.0.0 later today if that is having the same speed advantages. I am using not the DNS part in the Mikrotik at all and I am using DNSMasq on a separate Linux box.
This will save me a rule in the firewall if that works.

update: I have now replaced all 240.0.0.1 with 0.0.0.0 and all seems to be as fast as before. I have to use it for a while to be sure if all keep working correct.

ruwi000 · December 7, 2016, 9:25pm

Just my 2 cents, if you do not want to use the classic private ranges … There are also documentation ranges defined in rfc5737
192.0.2.0/24 (TEST-NET-1), 198.51.100.0/24 (TEST-NET-2) and 203.0.113.0/24 (TEST-NET-3)
These are not allocated as global routable ranges. and should be black-holed any way.
A browser will not interfere with these addresses.