[Bug 1092691] [NEW] A way to disable AAAA lookups in the resolver (again)

Humberto Jucá betolj at gmail.com
Thu Dec 20 21:26:42 UTC 2012 

Public bug reported:

I like to known what's the way to disable DNS AAAA queries.
Already have disabled all resources ipv6.

1. Changes in grub:
vim /etc/default/grub
    GRUB_CMDLINE_LINUX_DEFAULT="ipv6.disable=1"
update-grub

2. I'm using 12.04 LTS version (builtin ipv6 support)
grep -i ipv6 /boot/config-3.2.0-24-generic 
    CONFIG_IPV6=y
    CONFIG_IPV6_PRIVACY=y
    ...

Before this i try with sysctl, but tcp6 sockets still alive.
After grub changes this solve the question - i can disable ipv6 address and networks sockets too.

But, internal lookups stay wrong.
Some sites like www.caixa.gov.br are slow.

When i sniff my connection i can see many DNS AAAA records and server fail
Running "lynx www.caixa.gov.br"

15:57:11.332463 IP 127.0.0.1.58734 > 127.0.0.1.53: 63741+ AAAA? www.caixa.gov.br. (34)
15:57:16.337439 IP 127.0.0.1.58734 > 127.0.0.1.53: 63741+ AAAA? www.caixa.gov.br. (34)
15:57:21.342488 IP 127.0.0.1.58067 > 127.0.0.1.53: 1244+ AAAA? www.caixa.gov.br.localdomain. (46)
15:57:21.342579 IP 127.0.0.1.53 > 127.0.0.1.58067: 1244 NXDomain 0/1/0 (121)
15:57:21.342648 IP 127.0.0.1.51657 > 127.0.0.1.53: 3236+ A? www.caixa.gov.br. (34)
15:57:21.342723 IP 127.0.0.1.53 > 127.0.0.1.51657: 3236 1/0/0 A 200.201.161.106 (50)
15:57:21.353289 IP 127.0.0.1.58482 > 127.0.0.1.53: 15390+ AAAA? www.caixa.gov.br. (34)
15:57:26.358326 IP 127.0.0.1.58482 > 127.0.0.1.53: 15390+ AAAA? www.caixa.gov.br. (34)
15:57:31.363381 IP 127.0.0.1.48398 > 127.0.0.1.53: 21648+ AAAA? www.caixa.gov.br.localdomain. (46)
15:57:31.363487 IP 127.0.0.1.53 > 127.0.0.1.48398: 21648 NXDomain 0/1/0 (121)
15:57:31.363560 IP 127.0.0.1.55657 > 127.0.0.1.53: 49860+ A? www.caixa.gov.br. (34)
15:57:31.363643 IP 127.0.0.1.53 > 127.0.0.1.55657: 49860 1/0/0 A 200.201.161.106 (50)
15:57:31.364319 IP 127.0.0.1.55431 > 127.0.0.1.53: 38110+ AAAA? www.caixa.gov.br. (34)
15:57:36.369352 IP 127.0.0.1.55431 > 127.0.0.1.53: 38110+ AAAA? www.caixa.gov.br. (34)

I do bind changes too
vim /etc/default/bind9
    RESOLVCONF=no
    OPTIONS="-4 -u bind"

vim /etc/bind/named.conf.options
        forward only;
        forwarders {
                208.67.222.222;
                8.8.8.8;
        };


This dont solve AAAA requests.
I like to known a way to prefer ipv4 queries (A) or disable ipv6 queries.

When i'm using squid proxy the same problem occur.
To solve this i need compile squid with --disable-ipv6. 
This works to Squid proxy, but i think that the best way is disable all DNS AAAA queries.

This occur with lynx, wget and others.

** Affects: bind9 (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to bind9 in Ubuntu.
https://bugs.launchpad.net/bugs/1092691

Title:
  A way to disable AAAA lookups in the resolver (again)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/bind9/+bug/1092691/+subscriptions

More information about the Ubuntu-server-bugs mailing list