Out of curiousity… Did this come up in the context of NAT64, by any chance?
(I’ve been trying to figure out whether I can get away with making my local VMs (Qubes-ish desktop) be IPv6-only—so am on the alert for any hints about little surprises…)
Not really. We run a public DNS resolver (DoH and DoT only) on Fly and it turns out, some DNS clients / stubs (like Tailscale & AdGuard), send a query for ipv4only.arpa to determine if the endpoint serving the URL is indeed a DNS resolver.
Our code forwards incoming non-internal DNS queries to fdaa::3 due to the guarantee that it should just work (or at least, it shouldn’t really be breaking anything):