[Bug 1092691] [NEW] A way to disable AAAA lookups in the resolver (again)
Humberto Jucá
betolj at gmail.com
Thu Dec 20 21:26:42 UTC 2012
Public bug reported:
I like to known what's the way to disable DNS AAAA queries.
Already have disabled all resources ipv6.
1. Changes in grub:
vim /etc/default/grub
GRUB_CMDLINE_LINUX_DEFAULT="ipv6.disable=1"
update-grub
2. I'm using 12.04 LTS version (builtin ipv6 support)
grep -i ipv6 /boot/config-3.2.0-24-generic
CONFIG_IPV6=y
CONFIG_IPV6_PRIVACY=y
...
Before this i try with sysctl, but tcp6 sockets still alive.
After grub changes this solve the question - i can disable ipv6 address and networks sockets too.
But, internal lookups stay wrong.
Some sites like www.caixa.gov.br are slow.
When i sniff my connection i can see many DNS AAAA records and server fail
Running "lynx www.caixa.gov.br"
15:57:11.332463 IP 127.0.0.1.58734 > 127.0.0.1.53: 63741+ AAAA? www.caixa.gov.br. (34)
15:57:16.337439 IP 127.0.0.1.58734 > 127.0.0.1.53: 63741+ AAAA? www.caixa.gov.br. (34)
15:57:21.342488 IP 127.0.0.1.58067 > 127.0.0.1.53: 1244+ AAAA? www.caixa.gov.br.localdomain. (46)
15:57:21.342579 IP 127.0.0.1.53 > 127.0.0.1.58067: 1244 NXDomain 0/1/0 (121)
15:57:21.342648 IP 127.0.0.1.51657 > 127.0.0.1.53: 3236+ A? www.caixa.gov.br. (34)
15:57:21.342723 IP 127.0.0.1.53 > 127.0.0.1.51657: 3236 1/0/0 A 200.201.161.106 (50)
15:57:21.353289 IP 127.0.0.1.58482 > 127.0.0.1.53: 15390+ AAAA? www.caixa.gov.br. (34)
15:57:26.358326 IP 127.0.0.1.58482 > 127.0.0.1.53: 15390+ AAAA? www.caixa.gov.br. (34)
15:57:31.363381 IP 127.0.0.1.48398 > 127.0.0.1.53: 21648+ AAAA? www.caixa.gov.br.localdomain. (46)
15:57:31.363487 IP 127.0.0.1.53 > 127.0.0.1.48398: 21648 NXDomain 0/1/0 (121)
15:57:31.363560 IP 127.0.0.1.55657 > 127.0.0.1.53: 49860+ A? www.caixa.gov.br. (34)
15:57:31.363643 IP 127.0.0.1.53 > 127.0.0.1.55657: 49860 1/0/0 A 200.201.161.106 (50)
15:57:31.364319 IP 127.0.0.1.55431 > 127.0.0.1.53: 38110+ AAAA? www.caixa.gov.br. (34)
15:57:36.369352 IP 127.0.0.1.55431 > 127.0.0.1.53: 38110+ AAAA? www.caixa.gov.br. (34)
I do bind changes too
vim /etc/default/bind9
RESOLVCONF=no
OPTIONS="-4 -u bind"
vim /etc/bind/named.conf.options
forward only;
forwarders {
208.67.222.222;
8.8.8.8;
};
This dont solve AAAA requests.
I like to known a way to prefer ipv4 queries (A) or disable ipv6 queries.
When i'm using squid proxy the same problem occur.
To solve this i need compile squid with --disable-ipv6.
This works to Squid proxy, but i think that the best way is disable all DNS AAAA queries.
This occur with lynx, wget and others.
** Affects: bind9 (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to bind9 in Ubuntu.
https://bugs.launchpad.net/bugs/1092691
Title:
A way to disable AAAA lookups in the resolver (again)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/bind9/+bug/1092691/+subscriptions
More information about the Ubuntu-server-bugs
mailing list