Add prefer-ip4 and require-ip4/require-ip6 options

[nomis]

There's a prefer-ip6 option but no corresponding prefer-ip4 option.

Many service providers are unable to consider the reputation of any source address smaller than a /64 but many VPS providers put all customers in the same /64.

This makes it impossible to reliably use IPv6 for outbound connections. For example, sending any email to Google over IPv6 will significantly reduce the likelihood of it being delivered.

When querying DNS blacklists/whitelists that impose a query limit based on source address, the only viable solution at this time is to prefer IPv4 whenever possible.

Ideally I'd like to be able to configure specific zones to be IPv4-only with a require-ip4 option.

[wcawijngaards]

Thanks for the issue report, the prefer-ip4 option is in the code base. It is the mirror identical of prefer-ip6. For the require options, not sure how that would work.

[dinguz]

It seems that the prefer-ip4 and prefer-ip6 options are not recognised in unbound-control. Is this done on purpose?

root@haanjdj:~ # unbound-control -c /var/unbound/unbound.conf get_option prefer-ip4
error unknown option

[wcawijngaards]

You need version 1.11.0 (or later) to have that option prefer-ip4. I guess you are using an older version.

[dinguz]

I have 1.11.0, according to unbound-control -h
I'm running OPNsense 20.7.2 BTW.

[wcawijngaards]

You are right, that is missing from the code. I added the missing functionality in commit 2541ccb and this should appear in the next release.

[dinguz]

Thanks!