when i check resolver.log just now , i found some error info about AAAA ( ipv6)

Darcy Kevin (FCA) kevin.darcy at fcagroup.com
Wed Apr 13 15:33:24 UTC 2016


To be clear, "turning off" IPv6 in named (via the -4 flag or other means), doesn't mean named won't try to resolve any AAAA records, especially if one of your (presumably IPv6-enabled) clients requests them. So, even with IPv6 "turned off", if there are nameservers on the Internet that -- for whatever reason -- have trouble resolving AAAA records, you'll see errors in the logs when you try to resolve AAAA records from those nameservers.

Really, there's no excuse, in this day and age, for a DNS-serving device -- even a load-balancer pretending to be a nameserver -- to botch its responses to AAAA queries.

For that matter, if your clients are enabled for IPv6, and you have good IPv6 connectivity to the Internet, especially in the APAC region where IPv6 is, I hear, ubiquitous (and yes, I did verify that all of the IP addresses in your email were assigned to Chinese ISPs/telcos), why are you turning off IPv6 on your nameserver? Embrace it.

													- Kevin

-----Original Message-----
From: bind-users-bounces at lists.isc.org [mailto:bind-users-bounces at lists.isc.org] On Behalf Of Mark Andrews
Sent: Wednesday, April 13, 2016 12:33 AM
To: johnzeng
Cc: bind-users at isc.org
Subject: Re: when i check resolver.log just now , i found some error info about AAAA ( ipv6)


Just another broken nameserver that doesn't handle AAAA queries correctly.  It answers authoritatively for dlb.g5.letvlb.com/A but returns a referral for dlb.g5.letvlb.com/AAAA with unrelated additional records.

Mark

% dig dlb.g5.letvlb.com @106.38.226.245

; <<>> DiG 9.11.0a1 <<>> dlb.g5.letvlb.com @106.38.226.245 ;; global options: +cmd ;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61581 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;dlb.g5.letvlb.com.		IN	A

;; ANSWER SECTION:
dlb.g5.letvlb.com.	600	IN	A	123.59.122.228

;; Query time: 359 msec
;; SERVER: 106.38.226.245#53(106.38.226.245) ;; WHEN: Wed Apr 13 14:16:20 EST 2016 ;; MSG SIZE  rcvd: 68

% dig dlb.g5.letvlb.com @106.38.226.245 aaaa

; <<>> DiG 9.11.0a1 <<>> dlb.g5.letvlb.com @106.38.226.245 aaaa ;; global options: +cmd ;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44441 ;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 3, ADDITIONAL: 3 ;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;dlb.g5.letvlb.com.		IN	AAAA

;; AUTHORITY SECTION:
dlb.g5.letvlb.com.	600	IN	NS	ns1.letvlb.com.
dlb.g5.letvlb.com.	600	IN	NS	ns2.letvlb.com.
dlb.g5.letvlb.com.	600	IN	NS	ns3.letvlb.com.

;; ADDITIONAL SECTION:
au.ns1.letvlb.com.	600	IN	A	111.206.208.224
au.ns2.letvlb.com.	600	IN	A	106.38.226.245
au.ns3.letvlb.com.	600	IN	A	117.121.2.237

;; Query time: 492 msec
;; SERVER: 106.38.226.245#53(106.38.226.245) ;; WHEN: Wed Apr 13 14:16:25 EST 2016 ;; MSG SIZE  rcvd: 269

% 


In message <570DC310.1060202 at yahoo.com>, johnzeng writes:
> 
> Hello Dear Sir :
> 
> when i check resolver.log just now , i found some error info about 
> AAAA ( ipv6)
> 
> although i search some helpful info from ask.com , but i can't find 
> the config file , maybe the reason is i compiled via source file ( 
> ./configure --prefix=/mydic ).
> 
> Whether i need build the config file ?
> 
> 
> 
> This of course won't stop bind from blindly trying to use ipv6 though, 
> so you also need to alter |/etc/default/bind9| like so:
> 
> |# run resolvconf? 
> RESOLVCONF=yes
> # startup options for the server
> OPTIONS="-4 -u bind"
> |
> 
> 
> 
> 
> 13-Apr-2016 11:49:11.858 DNS format error from 106.38.226.245#53 
> resolving dlb.g5.letvlb.com/AAAA for client 127.0.0.1#53325:
> non-improving referral
> 13-Apr-2016 11:49:11.898 DNS format error from 111.206.208.224#53 
> resolving dlb.g5.letvlb.com/AAAA for client 127.0.0.1#53325:
> non-improving referral
> 13-Apr-2016 11:49:11.939 DNS format error from 117.121.2.237#53 
> resolving dlb.g5.letvlb.com/AAAA for client 127.0.0.1#53325:
> non-improving referral
> 
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to 
> unsubscribe from this list
> 
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
bind-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users


More information about the bind-users mailing list