ipv6, was: Re: Question About Recursion ...
ca at nodns4.us
Sat Apr 18 01:43:19 UTC 2020
On 2020-04-17 11:40, Tim Daneliuk wrote:
> On 4/17/20 10:17 AM, julien soula wrote:
>> On Fri, Apr 17, 2020 at 09:56:21AM -0500, Tim Daneliuk wrote:
>>> On 4/17/20 9:50 AM, Bob Harold wrote:
>>>> 'dig' should tell you what address it used, at the bottom of the
>>>> output - what does it say?
>>> ;; Query time: 0 msec
>>> ;; SERVER: ::1#53(::1)
>>> ;; WHEN: Fri Apr 17 09:53:51 CDT 2020
>>> ;; MSG SIZE rcvd: 83
>>> Does the SERVER line indicate it's trying to get to the local
>>> instance via IPV6 or is this just standard notation? (This is
>>> an IPV4 only environment).
>> "::1" is locahost in IPv6. It is not the same as 127.0.0.1 . A least,
>> you should add this IP to trustedhosts to check if it works.
> Aha! That was it. What is curious to me is that bind uses this even
> in the absence of any IPV6 in the environment.
> Problem solved. Thanks all!
What "absence" is this? You showed us that dig connected to ::1#53,
via ipv6. Not having external ipv6 routing is not the same as absence
ipv6. Your system DOES have ipv6 enabled.
As others have pointed out, you either need to put ::1 in your ACL, or
make a resolv.conf with "nameserver 127.0.0.1". Personally, I always
disable the ipv6 module in the OS kernel if there is no connectivity.
And Bob (I think it was) mentioned "named -4".
Since ipv6 is the future, it's generally the default protocol in many
OSs when it is enabled. That's why I suggest disabling it in your
kernel, to avoid this and many other problems; not just with dig &
named, but with other software as well.
More information about the bind-users