Strange IPv6 DNS lookups

Kenneth Holter kenneho.ndu at gmail.com
Fri Mar 20 07:18:06 UTC 2009 

Thanks for the advice.

I've followed the steps you outlined below, but the problem unfortunately
persists. I've learned that most packages on the system are compiled with
IPv6 support, so from what I can tell this is what is usually happening:

   1. The client process (can be more or less whatever process running on
   the linux box) issues a AAAA DNS query for the FQDN *
   server1.example-prod.com*
   2. The DNS server drops the package, so the linux box iterates through
   the "search" entries in /etc/resolv.conf, adding the entries found here to
   the FQDN. This results in the bizarre queries mentioned in my first post.
   3. When AAAA record queries does not return a valid answer, a normal A
   query is made. This query returns the corret result.

Say I have two entries in the "search" section of /etc/resolv.conf, I will
end up with the linux box issuing 3 unsuccessful AAAA queries for every
successful A query. This causes a great amount of overhead on the DNS server
(or the linux box if caching is used).

I'm sure we're not the only ones having to deal with this issue, so any
advice on how to proceed will be greatly appreciated.

Regards,
Kenneth



On 3/11/09, Reber, Simon <simon.reber at roche.com> wrote:

> Hey Kenneth,
>
> Try to fully disable IPv6 while adding:
>
>        alias net-pf-10 off
>        alias ipv6 off
>
> to /etc/modprobe.conf and to /etc/sysconfig/network
>
>        NETWORKING_IPV6=no
>
> This should probably solve the problem (at least IPv6 is turned off)
>
> Cheers,
> Si
>
> >-----Original Message-----
> >From: redhat-list-bounces at redhat.com
> >[mailto:redhat-list-bounces at redhat.com] On Behalf Of Kenneth Holter
> >Sent: Monday, March 09, 2009 4:17 PM
> >To: redhat-list at redhat.com
> >Subject: Strange IPv6 DNS lookups
> >
> >Hello all.
> >
> >
> >Several of our RHEL-servers are issuing strange DNS lookups.
> >Consider this
> >example:
> >
> >
> >*  1   0.000000   1.2.3.4 -> 5.6.7.8   DNS Standard query AAAA **
> >server1.example-prod.com* <http://server1.example-prod.com/>*
> >  9   0.007891   1.2.3.4 -> 5.6.7.8   DNS Standard query AAAA
> >server1.example-prod.com.example-test.local
> > 11   0.092904   1.2.3.4 -> 5.6.7.82   DNS Standard query A
> >server1.example-prod.com
> > 12   0.093356   5.6.7.8 -> 1.2.3.4   DNS Standard query
> >response A 1.2.3.4
> >*
> >
> >>From what I can tell, the client first issues two IPv6 DNS
> >lookups, before
> >falling back to IPv4 lookup. We're not running IPv6 (and our
> >DNS servers do
> >not support IPv6 lookups), so the client is not getting and
> >answer before
> >issuing the IPv4 lookup.
> >
> >I've very puzzled by the second query, in which the FQDN of
> >the lookup query
> >is appended another domain. I've noticed that the appended
> >domain may be
> >both the same domain name (i.e.
> >server1.example-prod-com.example-prod.com)
> >or another domain as in the example above.
> >Does anyone have a clue as to why such bizarre queries are
> >performed by the
> >client?
> >
> >Since we're not running IPv6, I have simply disabled it for this server
> >(grepping "lsmod" does not return any "ipv6" results). Yet the problem
> >remains. Does the DNS lookup library automatically issue IPv6
> >queries before
> >issuing IPv4 queries? Is there a way to disable IPv6 lookups?
> >
> >
> >Regards,
> >Kenneth Holter
> >--
> >redhat-list mailing list
> >unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> >https://www.redhat.com/mailman/listinfo/redhat-list
> >
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>

More information about the redhat-list mailing list