DoH response not rewritten


New Member
I’m using DNS rewrites to circumvent several AAAA records, because I am using a Hurricane IPv6 tunnel. Some Dutch sites use geo fencing to prevent foreign visits and some of these sites see my IPv6 tunnel as a US source. Also, some sites just don’t work on IPv6.

Therefore I have several rewrites that keep the A response (IPv4) only. However, DNS over Https DoH now give different kind of replies, eg.:

HTTPS: 300 IN HTTPS 1 . alpn="h3,h3-29,h3-28,h3-27,h2" ipv4hint="," ipv6hint="2606:4700:3030::xxxx:xxxx,2606:4700:3034::xxxx:xxxx" (ttl=300)

These replies contain an ipv4hint and an ipv6 hint, causing my rewrite to not being used.

Can these replies also be rewritten somehow?

Best regards, Alexander
Last edited: