LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 03-01-2010, 01:16 PM   #1
Skaperen
Senior Member
 
Registered: May 2009
Location: center of singularity
Distribution: Xubuntu, Ubuntu, Slackware, Amazon Linux, OpenBSD, LFS (on Sparc_32 and i386)
Posts: 2,589
Blog Entries: 31

Rep: Reputation: 173Reputation: 173
how to make resolver ask for A record before AAAA record


Anyone know how to configure the resolver to ask for an A record before it asks for an AAAA record? I don't want to disable IPv6. I just want to prefer IPv4 over IPv6 (because for now I do not have IPv6 connectivity to the internet and even when I do I may likely not want to use it for everything for a while, like it being a low bandwidth tunnel or something).

The resolver is version 9.6.1.dfsg.P1-3ubuntu0.3. So unless the Ubuntu maintainers broke this, it should be a resolver/BIND9 issue rather than an Ubuntu issue.
 
Old 03-01-2010, 02:13 PM   #2
nimnull22
Senior Member
 
Registered: Jul 2009
Distribution: OpenSuse 11.1, Fedora 14, Ubuntu 12.04/12.10, FreeBSD 9.0
Posts: 1,571

Rep: Reputation: 92
Type on root console:

tcpdump -nn port 53

And check first what really is happening with your DNS requests.
 
Old 03-01-2010, 02:42 PM   #3
Skaperen
Senior Member
 
Registered: May 2009
Location: center of singularity
Distribution: Xubuntu, Ubuntu, Slackware, Amazon Linux, OpenBSD, LFS (on Sparc_32 and i386)
Posts: 2,589

Original Poster
Blog Entries: 31

Rep: Reputation: 173Reputation: 173
Quote:
Originally Posted by nimnull22 View Post
Type on root console:

tcpdump -nn port 53

And check first what really is happening with your DNS requests.
Already did that. Queries are for AAAA records first. The caching server dutifully tries and gets a negative answer and returns that. Then a query is made for an A record. The answer to that is provided. But, so you can see, I captured one:

Code:
14:35:45.065118 IP 172.30.72.1.59404 > 172.30.0.4.53: 43074+ AAAA? www.ham.org. (29)
14:35:45.833519 IP 172.30.0.4.53 > 172.30.72.1.59404: 43074 0/1/0 (88)
14:35:45.833866 IP 172.30.72.1.55554 > 172.30.0.4.53: 875+ AAAA? www.ham.org.example.com. (41)
14:35:46.720186 IP 172.30.0.4.53 > 172.30.72.1.55554: 875 0/0/0 (41)
14:35:46.723638 IP 172.30.72.1.53017 > 172.30.0.4.53: 29772+ A? www.ham.org. (29)
14:35:46.724433 IP 172.30.0.4.53 > 172.30.72.1.53017: 29772 1/3/0 A 72.232.245.28 (99)
The above is an actual query with "example.com" substituted for the search domain, using the actual addresses in private IP space (172.30.72.1 is my laptop and 172.30.0.{4,5,6} being the local caching servers as given on "nameserver" lines in /etc/resolv.conf).

If the queried host does have an AAAA record, then it will get a positive response and attempt to connect to an IPv6 address which cannot be reached. The application would then have to query again and in a way to force looking for only an A record to be able to connect. Until there is a solution to this resolver misbehaviour, I will not want to put AAAA records on my server hostnames once I am connected via IPv6 to the internet, to avoid problems with users connecting to my servers.
 
Old 03-01-2010, 02:59 PM   #4
nimnull22
Senior Member
 
Registered: Jul 2009
Distribution: OpenSuse 11.1, Fedora 14, Ubuntu 12.04/12.10, FreeBSD 9.0
Posts: 1,571

Rep: Reputation: 92
Strange on my Fedora, where I have IPv4 and IPv6 the first query goes to v4=A and then AAAA.

Can you post output for "ifconfig <interface>"

Also can you tell, what was sending these DNS requests?
 
Old 03-01-2010, 03:08 PM   #5
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 12,993

Rep: Reputation: 1932Reputation: 1932Reputation: 1932Reputation: 1932Reputation: 1932Reputation: 1932Reputation: 1932Reputation: 1932Reputation: 1932Reputation: 1932Reputation: 1932
The default is to try an A query before an AAAA (see resolv.conf man page)
Anyway you might use:
Code:
options single-request
in /etc/resolv.conf and see if it fixes your problem.

Regards
 
Old 03-01-2010, 03:43 PM   #6
Skaperen
Senior Member
 
Registered: May 2009
Location: center of singularity
Distribution: Xubuntu, Ubuntu, Slackware, Amazon Linux, OpenBSD, LFS (on Sparc_32 and i386)
Posts: 2,589

Original Poster
Blog Entries: 31

Rep: Reputation: 173Reputation: 173
bathory...

Just tried that, but there is no change. What does that do? It's not documented in "man resolv.conf".

nimnull22...

Yes, that is my understanding of what it SHOULD do (A before AAAA) based on the man page. But maybe it got compiled to change the default to "options inet6" ... which means there needs to be a way to revert that by configuration (e.g. "options inet4" or options "inet"). IMHO, there should be several options: "4only", "4then6", "6only", "6then4" or however they might want to express it.

The query results appear to happen with every program I run, except for specific DNS tools that do their own thing instead of using the resolver. It is definitely doing it for Firefox. I have been doing the testing with "telnet www.ham.org 99" which gets me a "connection refused" once it gets the IPv4 address (there is no AAAA record for that host ... yet).

Here is output from "ifconfig etho":
Code:
altair/root /root 329# ifconfig eth0
eth0      Link encap:Ethernet  HWaddr 00:24:e8:e7:1e:cc  
          inet addr:172.30.72.1  Bcast:172.30.255.255  Mask:255.255.0.0
          inet6 addr: fd6e:fcbe:2304:0:224:e8ff:fee7:1ecc/64 Scope:Global
          inet6 addr: fe80::224:e8ff:fee7:1ecc/64 Scope:Link
          inet6 addr: fd00::48/64 Scope:Global
          inet6 addr: fc00::48/64 Scope:Global
          inet6 addr: fd6e:fcbe:2304::48/64 Scope:Global
          inet6 addr: fd00::4801/64 Scope:Global
          inet6 addr: fd00::148/64 Scope:Global
          inet6 addr: fc00::4801/64 Scope:Global
          inet6 addr: fc00::148/64 Scope:Global
          inet6 addr: fd6e:fcbe:2304::4801/64 Scope:Global
          inet6 addr: fd6e:fcbe:2304::148/64 Scope:Global
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:6106776 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2379641 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100 
          RX bytes:3284626851 (3.2 GB)  TX bytes:1684845168 (1.6 GB)
          Memory:f6fe0000-f7000000 

altair/root /root 330#
Yes, there are Scope:Global IPv6 addresses configured. But that's not sufficient justification for the resolver to change the default. I'm doing lots of tests to determine IPv6 issues like this one I'm dealing with now (saw it a couple weeks ago but it only now reached the top of the issue stack).

Maybe Ubuntu maintainers for the BIND9/resolver package did something goofy? This is on Ubuntu 9.10 Karmic, and is also seen on Ubuntu 9.10 server.
 
Old 03-01-2010, 03:52 PM   #7
nimnull22
Senior Member
 
Registered: Jul 2009
Distribution: OpenSuse 11.1, Fedora 14, Ubuntu 12.04/12.10, FreeBSD 9.0
Posts: 1,571

Rep: Reputation: 92
First of all, you have to understand that DNS QUERY can make any program. In case if you talk about Firefox, there is special option in it, to prevent use IPv6 dns.

I do not think that "nslookup www.com 208.67.222.222" will ask AAAA first. Try.
 
Old 03-01-2010, 04:06 PM   #8
Skaperen
Senior Member
 
Registered: May 2009
Location: center of singularity
Distribution: Xubuntu, Ubuntu, Slackware, Amazon Linux, OpenBSD, LFS (on Sparc_32 and i386)
Posts: 2,589

Original Poster
Blog Entries: 31

Rep: Reputation: 173Reputation: 173
I tried "nslookup www.com 208.67.222.222" and as you and I both expected (for me, because it is a DNS tool) it only queried for an A record.

But "ordinary" programs seem to be using the resolver and that is querying for AAAA records first. And it clearly is the resolver doing it because I changed "/etc/resolv.conf" to literally have "search example.com" and the 2nd of the 2 AAAA queries does have "example.com" appended. So it or something clearly read the "/etc/resolv.conf" file.
Code:
altair/root /root 155# cat /etc/resolv.conf
search example.com
nameserver 172.30.0.4
nameserver 172.30.0.5
nameserver 172.30.0.6
altair/root /root 156#
Nearly next on my list of things to try is IPv6 addresses in "/etc/resolv.conf" (my DNS caching servers do also have unique local addresses configured in fc00::/7 space). But I suspect that won't help this problem.
 
Old 03-01-2010, 04:12 PM   #9
Skaperen
Senior Member
 
Registered: May 2009
Location: center of singularity
Distribution: Xubuntu, Ubuntu, Slackware, Amazon Linux, OpenBSD, LFS (on Sparc_32 and i386)
Posts: 2,589

Original Poster
Blog Entries: 31

Rep: Reputation: 173Reputation: 173
Here is the significant part of the output of strace when running "telnet www.ham.org 99" with it:
Code:
16:07:13.635844 stat("/etc/resolv.conf", {st_mode=S_IFREG|0644, st_size=85, ...}) = 0
16:07:13.635977 open("/etc/resolv.conf", O_RDONLY) = 3
16:07:13.636064 fstat(3, {st_mode=S_IFREG|0644, st_size=85, ...}) = 0
16:07:13.636178 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f243e39b000
16:07:13.636259 read(3, "search example.com\nnameserver 172.30.0.4\nnameserver 172.30.0.5\nnameserver 172.30.0.6\n", 4096) = 85
16:07:13.636377 read(3, "", 4096)       = 0
16:07:13.636449 close(3)                = 0
16:07:13.636519 munmap(0x7f243e39b000, 4096) = 0
16:07:13.636660 socket(PF_INET, 0x802 /* SOCK_??? */, IPPROTO_IP) = 3
16:07:13.636748 connect(3, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("172.30.0.4")}, 28) = 0
16:07:13.636879 poll([{fd=3, events=POLLOUT}], 1, 0) = 1 ([{fd=3, revents=POLLOUT}])
16:07:13.636979 sendto(3, "L\233\1\0\0\1\0\0\0\0\0\0\3www\3ham\3org\0\0\34\0\1", 29, MSG_NOSIGNAL, NULL, 0) = 29
16:07:13.637129 poll([{fd=3, events=POLLIN}], 1, 5000) = 1 ([{fd=3, revents=POLLIN}])
16:07:13.637781 ioctl(3, FIONREAD, [88]) = 0
16:07:13.637874 recvfrom(3, "L\233\201\200\0\1\0\0\0\1\0\0\3www\3ham\3org\0\0\34\0\1\300\20\0\6\0\1\0\0\0\365\0/\3ns0\4ipal\3net\0\nhostmaster\300-\22\331\r\22\0\0*0\0\0\7\10\0\r/\0\0\0T`", 1024, 0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("172.30.0.4")}, [16]) = 88
16:07:13.638067 close(3)                = 0
16:07:13.638183 socket(PF_INET, 0x802 /* SOCK_??? */, IPPROTO_IP) = 3
16:07:13.638265 connect(3, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("172.30.0.4")}, 28) = 0
16:07:13.638358 poll([{fd=3, events=POLLOUT}], 1, 0) = 1 ([{fd=3, revents=POLLOUT}])
16:07:13.638445 sendto(3, "\354e\1\0\0\1\0\0\0\0\0\0\3www\3ham\3org\7example\3com\0\0\34\0\1", 41, MSG_NOSIGNAL, NULL, 0) = 41
16:07:13.638569 poll([{fd=3, events=POLLIN}], 1, 5000) = 1 ([{fd=3, revents=POLLIN}])
16:07:13.639222 ioctl(3, FIONREAD, [102]) = 0
16:07:13.639303 recvfrom(3, "\354e\201\203\0\1\0\0\0\1\0\0\3www\3ham\3org\7example\3com\0\0\34\0\1\300\30\0\6\0\1\0\0\0\365\0001\4dns1\5icann\3org\0\nhostmaster\300:w\300q8\0\0\34 \0\0\16\20\0\22"..., 1024, 0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("172.30.0.4")}, [16]) = 102
16:07:13.639479 close(3)                = 0
16:07:13.639565 stat("/etc/resolv.conf", {st_mode=S_IFREG|0644, st_size=85, ...}) = 0
16:07:13.639697 socket(PF_INET, 0x802 /* SOCK_??? */, IPPROTO_IP) = 3
16:07:13.639776 connect(3, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("172.30.0.4")}, 28) = 0
16:07:13.639868 poll([{fd=3, events=POLLOUT}], 1, 0) = 1 ([{fd=3, revents=POLLOUT}])
16:07:13.639954 sendto(3, "\252\362\1\0\0\1\0\0\0\0\0\0\3www\3ham\3org\0\0\1\0\1", 29, MSG_NOSIGNAL, NULL, 0) = 29
16:07:13.640073 poll([{fd=3, events=POLLIN}], 1, 5000) = 1 ([{fd=3, revents=POLLIN}])
16:07:13.640785 ioctl(3, FIONREAD, [99]) = 0
16:07:13.640866 recvfrom(3, "\252\362\201\200\0\1\0\1\0\3\0\0\3www\3ham\3org\0\0\1\0\1\300\f\0\1\0\1\0\0$\4\0\4H\350\365\34\300\20\0\2\0\1\0\0$\4\0\6\3ns2\300\20\300\20\0\2\0\1\0\0$\4\0\6\3ns0\300\20\300\20\0\2\0\1\0\0$\4\0\6\3ns"..., 1024, 0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("172.30.0.4")}, [16]) = 99
16:07:13.641052 close(3)                = 0
16:07:13.641188 fstat(1, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 6), ...}) = 0
16:07:13.641328 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f243e39b000
16:07:13.641435 write(1, "Trying 72.232.245.28...\n", 24Trying 72.232.245.28...
) = 24
16:07:13.641525 close(4294967295)       = -1 EBADF (Bad file descriptor)
16:07:13.641609 socket(PF_INET, SOCK_STREAM, IPPROTO_IP) = 3
16:07:13.641700 setsockopt(3, SOL_IP, IP_TOS, [16], 4) = 0
16:07:13.641798 connect(3, {sa_family=AF_INET, sin_port=htons(99), sin_addr=inet_addr("72.232.245.28")}, 16) = -1 ECONNREFUSED (Connection refused)
16:07:13.700565 dup(2)                  = 4
16:07:13.700668 fcntl(4, F_GETFL)       = 0x8002 (flags O_RDWR|O_LARGEFILE)
16:07:13.700770 fstat(4, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 6), ...}) = 0
16:07:13.700894 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f243e39a000
16:07:13.700998 lseek(4, 0, SEEK_CUR)   = -1 ESPIPE (Illegal seek)
16:07:13.701128 write(4, "telnet: Unable to connect to remote host: Connection refused\n", 61telnet: Unable to connect to remote host: Connection refused
And here is the tcpdump output for that run:
Code:
16:07:13.637058 IP 172.30.72.1.51041 > 172.30.0.4.53: 19611+ AAAA? www.ham.org. (29)
16:07:13.637687 IP 172.30.0.4.53 > 172.30.72.1.51041: 19611 0/1/0 (88)
16:07:13.638514 IP 172.30.72.1.51591 > 172.30.0.4.53: 60517+ AAAA? www.ham.org.example.com. (41)
16:07:13.639145 IP 172.30.0.4.53 > 172.30.72.1.51591: 60517 NXDomain 0/1/0 (102)
16:07:13.640018 IP 172.30.72.1.34669 > 172.30.0.4.53: 43762+ A? www.ham.org. (29)
16:07:13.640708 IP 172.30.0.4.53 > 172.30.72.1.34669: 43762 1/3/0 A 72.232.245.28 (99)
 
Old 03-01-2010, 04:12 PM   #10
nimnull22
Senior Member
 
Registered: Jul 2009
Distribution: OpenSuse 11.1, Fedora 14, Ubuntu 12.04/12.10, FreeBSD 9.0
Posts: 1,571

Rep: Reputation: 92
Tell please, if you do "telnet www.yandex.com 80", what query will be the first A or AAAA?

Actually, please send output of "route -n"



Thanks.

P.S.

And "ifconfig lo" also.

Thanks

Last edited by nimnull22; 03-01-2010 at 04:22 PM.
 
Old 03-01-2010, 04:21 PM   #11
Skaperen
Senior Member
 
Registered: May 2009
Location: center of singularity
Distribution: Xubuntu, Ubuntu, Slackware, Amazon Linux, OpenBSD, LFS (on Sparc_32 and i386)
Posts: 2,589

Original Poster
Blog Entries: 31

Rep: Reputation: 173Reputation: 173
Code:
16:18:00.710527 IP 172.30.72.1.33523 > 172.30.0.4.53: 5528+ AAAA? www.yandex.com. (32)
16:18:01.235109 IP 172.30.0.4.53 > 172.30.72.1.33523: 5528 1/1/0 CNAME www.yandex.ru. (120)
16:18:01.235399 IP 172.30.72.1.38403 > 172.30.0.4.53: 16646+ A? www.yandex.com. (32)
16:18:01.379887 IP 172.30.0.4.53 > 172.30.72.1.38403: 16646 5/4/0 CNAME www.yandex.ru., A 93.158.134.3, A 213.180.204.3, A 77.88.21.3, A 87.250.251.3 (195)
It queried AAAA first. Different answer so it didn't extend it with the search domain. But it did go to A record next. It did connect.
 
Old 03-01-2010, 04:23 PM   #12
nimnull22
Senior Member
 
Registered: Jul 2009
Distribution: OpenSuse 11.1, Fedora 14, Ubuntu 12.04/12.10, FreeBSD 9.0
Posts: 1,571

Rep: Reputation: 92
Please send output of "route -n"
And "ifconfig lo" also.

Thanks
 
Old 03-01-2010, 04:27 PM   #13
Skaperen
Senior Member
 
Registered: May 2009
Location: center of singularity
Distribution: Xubuntu, Ubuntu, Slackware, Amazon Linux, OpenBSD, LFS (on Sparc_32 and i386)
Posts: 2,589

Original Poster
Blog Entries: 31

Rep: Reputation: 173Reputation: 173
I replaced the first 16 bits of our public IP address with XXX.YY since this is a public forum.
Code:
altair/root /root 340# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
XXX.YY.210.8    0.0.0.0         255.255.255.248 U     0      0        0 eth0
172.16.0.0      0.0.0.0         255.255.255.0   U     0      0        0 eth0
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
192.168.0.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
192.168.72.0    0.0.0.0         255.255.255.0   U     0      0        0 eth0
172.30.0.0      0.0.0.0         255.255.0.0     U     0      0        0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U     1000   0        0 eth0
0.0.0.0         XXX.YY.210.9    0.0.0.0         UG    1      0        0 eth0
altair/root /root 341# ifconfig lo
lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:68717 errors:0 dropped:0 overruns:0 frame:0
          TX packets:68717 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:168571509 (168.5 MB)  TX bytes:168571509 (168.5 MB)

altair/root /root 342#
 
Old 03-01-2010, 04:33 PM   #14
nimnull22
Senior Member
 
Registered: Jul 2009
Distribution: OpenSuse 11.1, Fedora 14, Ubuntu 12.04/12.10, FreeBSD 9.0
Posts: 1,571

Rep: Reputation: 92
And last question. There is file in /etc - host.conf and nsswitch.conf. Can you post their content, please.


Thanks
 
Old 03-01-2010, 04:38 PM   #15
Skaperen
Senior Member
 
Registered: May 2009
Location: center of singularity
Distribution: Xubuntu, Ubuntu, Slackware, Amazon Linux, OpenBSD, LFS (on Sparc_32 and i386)
Posts: 2,589

Original Poster
Blog Entries: 31

Rep: Reputation: 173Reputation: 173
Code:
altair/root /root 347# cat /etc/host.conf
# The "order" line is only used by old versions of the C library.
order hosts,bind
multi on
altair/root /root 348# cat /etc/nsswitch.conf
# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.

passwd:         compat
group:          compat
shadow:         compat

hosts:          files mdns4_minimal [NOTFOUND=return] dns mdns4
networks:       files

protocols:      db files
services:       db files
ethers:         db files
rpc:            db files

netgroup:       nis
altair/root /root 349#
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
NS1 'A' Record in the SOA record swamprat Linux - Networking 4 06-17-2009 09:45 AM
DDNS record and a static PTR record mou5e Linux - Networking 2 01-22-2008 02:16 AM
Creating A record and PTR record daemonkl *BSD 3 10-03-2007 05:50 PM
How can I make my tv/drv card record? Tectron1 Linux - Software 1 09-04-2006 04:48 PM
Unable to record mic-in with SoundBlaster Live! while able to record other sources max76230 Linux - Newbie 2 03-14-2005 05:31 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 03:33 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration