Clients get DNS timeouts because ipv6 means more queries for each lookup

Chuck Swiger cswiger at mac.com
Mon Jul 11 22:35:05 UTC 2011


On Jul 11, 2011, at 1:25 PM, Jonathan Kamens wrote:
> Even if PowerDNS is the only source of this issue, and even if the new version of PowerDNS is released tomorrow, I'm sure there will still be sites running the old version a year from now. So just relying on a PowerDNS release to fix this problem seems unwise.

OK, but this same reasoning applies to making a change to BIND: even if we had such a change available tomorrow, there will be sites running older versions of BIND a year from now, also.  :-)

> Users are experiencing this problem now in the field, and more users will be experiencing it as BIND is upgraded in more and more places. Every single user relying on a Fedora 15 DNS server, for example, is going to see occasional unnecessary DNS timeouts when trying to resolve host names.
> 
> It seems clear to me that a generally available, generally applicable fix to BIND is needed to avoid this issue and perhaps similar issues like it.

What you probably want is a change to your local implementation of getaddrinfo() for your libc / glibc so that it prefers to issue T_A queries before it issues T_AAAA queries, and will only issue T_AAAA queries if IPv6 networking is compiled into the system.

In my experience, not only does this significantly help resolver performance in the face of nameservers which break when facing IPv6 AAAA queries, it is a solution which many people ignore.

  http://www.netbsd.org/cgi-bin/query-pr-single.pl?number=42405

Regards,
-- 
-Chuck




More information about the bind-users mailing list