IPv6 logging noise
Doug Freed
dwfreed at isc.org
Thu Nov 20 23:15:53 UTC 2025
On 11/20/25 13:00, Marco Moock wrote:
> On 20.11.2025 10:07 Philip Prindeville via bind-users
> <bind-users at lists.isc.org> wrote:
>
>> I’m on a US residential ISP, and they don’t support IPv6. As a
>> result, I’ve disabled it locally as well with `options {
>> listen-on-ipv6 { none; }; };`. Well, there are more options than
>> that, but that’s the relevant one.
>
> Disabling IPv6 is not necessary in normal circumstances.
>
> Please let us know why you do it.
This is incorrect. It is frequently necessary to disable IPv6 upstream
queries in named in situations where IPv6 is either entirely unavailable
or is unusable. As an example, a VM in my lab has an IPv6 Unique Local
Address, but no default gateway, and has no IPv6 connectivity outside of
the VLAN it's in. Without disabling IPv6 in named, it still makes
attempts to query IPv6 authoritative nameservers (the below log line
came from that VM). This can be a problem because those queries still
count toward various query limits even though they've failed.
>
>> If I run with `-4` then the noise goes away.
>
> Please show us the noise.
I frequently see log lines like the following:
network unreachable resolving './DNSKEY/IN': 2001:500:2::c#53
I highly suspect that Philip is seeing the same or similar lines.
-Doug
More information about the bind-users
mailing list