I have some hosts in my lan, that have their FQDN configured in openwrt (network > hostnames in luci) with their local ip address, so when you resolve said fqdn (for example host1.domain.com) on my lan, openwrt responds with the configured static hostname, which is said device ip on the lan.
Those hosts should also be reachable from the internet, so the FQDN is also resolvable on the internet. Its a CNAME record. That cname is pointing to an A record that follows my router's ip (using ddns-scripts). So if i try to resolve host1.domain.com on the internet, the response is a cname, pointing to ddns.domain.com that is resolved to my router's public ip.
The problem is sometimes a host in my lan does an AAAA query for host1.domain.com and since dnsmask cant resolve that (i have only configured ipv4 address) the dns request is forwarded to the upstream resolver, which responds with the CNAME.
This response is cached so from now on dnsmasq responds with the router's public ip address, instead of the local ip of the host.
So, how can i avoid request for host1.domain.com going upstream?
PS: more info: all incoming http and https request to my router (from WAN) go to a nginx proxy that forwards the request to the appropriate host in my land depending on the hostname. The "problem" is that host1.domain.com is a unifi controller, so from the internet i only need to access its web interface, but unifi devices comunicate with the controller using a propietary protocol, using different ports, so when a local device tries to reach the unifi controller (host1.domain.com) i need said devices to directly communicate with the unifi controller, not the nginx proxy or my router's public ip address, and this mostly works, but when the cname is cached everything breaks.