ipv6, was: Re: Question About Recursion ...

Chuck Aurora ca at nodns4.us
Sat Apr 18 01:43:19 UTC 2020

On 2020-04-17 11:40, Tim Daneliuk wrote:
> On 4/17/20 10:17 AM, julien soula wrote:
>> On Fri, Apr 17, 2020 at 09:56:21AM -0500, Tim Daneliuk wrote:
>>> On 4/17/20 9:50 AM, Bob Harold wrote:

>>>> 'dig' should tell you what address it used, at the bottom of the
>>>> output - what does it say?
>>> ;; Query time: 0 msec
>>> ;; SERVER: ::1#53(::1)
>>> ;; WHEN: Fri Apr 17 09:53:51 CDT 2020
>>> ;; MSG SIZE  rcvd: 83
>>> Does the SERVER line indicate it's trying to get to the local
>>> instance via IPV6 or is this just standard notation?  (This is
>>> an IPV4 only environment).
>> "::1" is locahost in IPv6. It is not the same as . A least,
>> you should add this IP to trustedhosts to check if it works.
> Aha!  That was it.  What is curious to me is that bind uses this even
> in the absence of any IPV6 in the environment.
> Problem solved.  Thanks all!

What "absence" is this?  You showed us that dig connected to ::1#53, 
via ipv6.  Not having external ipv6 routing is not the same as absence 
ipv6.  Your system DOES have ipv6 enabled.

As others have pointed out, you either need to put ::1 in your ACL, or
make a resolv.conf with "nameserver".  Personally, I always
disable the ipv6 module in the OS kernel if there is no connectivity.
And Bob (I think it was) mentioned "named -4".

Since ipv6 is the future, it's generally the default protocol in many
OSs when it is enabled.  That's why I suggest disabling it in your
kernel, to avoid this and many other problems; not just with dig &
named, but with other software as well.

More information about the bind-users mailing list