Date: Sun, 9 Nov 2008 00:13:25 -0800 (PST) From: mdh <mdh_lists@yahoo.com> To: David Horn <dhorn2000@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: host -6 failure Message-ID: <218769.90655.qm@web56802.mail.re3.yahoo.com> In-Reply-To: <25ff90d60811081710u6850be25jdc6d45631ee82af4@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--- On Sat, 11/8/08, David Horn <dhorn2000@gmail.com> wrote:
> From: David Horn <dhorn2000@gmail.com>
> Subject: Re: host -6 failure
> To: mdh_lists@yahoo.com
> Cc: freebsd-questions@freebsd.org
> Date: Saturday, November 8, 2008, 8:10 PM
> On Sat, Nov 8, 2008 at 7:55 PM, mdh
> <mdh_lists@yahoo.com> wrote:
> > --- On Sat, 11/8/08, David Horn
> <dhorn2000@gmail.com> wrote:
> >> From: David Horn <dhorn2000@gmail.com>
> >> Subject: Re: host -6 failure
> >> To: mdh_lists@yahoo.com
> >> Cc: freebsd-questions@freebsd.org
> >> Date: Saturday, November 8, 2008, 7:25 PM
> >> On Fri, Nov 7, 2008 at 2:18 PM, mdh
> >> <mdh_lists@yahoo.com> wrote:
> >> > Howdy folks,
> >> > I'm having a little trouble understanding
> a
> >> problem that the `host` command in RELENG_7_0
> (very recent)
> >> is having.
> >> The '-6' on the command line for host(1)
> forces an
> >> IPv6 only
> >> connection to your nameserver, not necessarily a
> >> "AAAA" query for the
> >> hostname in question. In this case, your
> nameservers
> >> listed in the
> >> warnings are IPv4 nameservers that host(1) is
> attempting to
> >> connect to
> >> using an ipv4 mapped ipv6 address (which by
> default is
> >> disabled in the
> >> kernel) In other words, don't use host -6 for
> this
> >> scenario.
> >
> > Yet as I pointed out, the second nameserver in my
> resolv.conf is ::1 - so shouldn't it work with that?
> It's clearly trying to contact the first and third
> nameservers listed. If the behavior I'm experiencing is
> the proper behavior, then let me pose this question: when
> would anyone conceivably want to use the -6 option, and why
> does it exist? My intent was to force a query to hit the
> nameserver on ::1 rather than 127.0.0.1.
> >> >
> >> > domain mydomain
> >> > search mydomain
> >> > nameserver 127.0.0.1
> >> > nameserver ::1
> >> > nameserver IP.IP.IP.8
> >> >
> >> > The DNS server running on localhost is
> authoritative
> >> for mydomain. I can ping it via localhost using
> both v4 and
> >> v6, and I can also ping the external v4 and v6
> addresses
> >> just fine remotely.
> >> >
> >> > As I said, I'm new to IPv6, but this
> behavior
> >> seems to be counterintuitive. Am I just doing it
> wrong?
> >> >
> >>
> >> For diagnosing your own nameservers, you are
> better off
> >> using the
> >> dig(1) utility.
> >>
> >> Example:
> >>
> >> dig ipv6.google.com AAAA @::1
> >>
> >> This causes a dns query for an IPv6 address (aka
> >> "AAAA" query) for the
> >> hostname of "ipv6.google.com" using the
> >> nameserver on the IPv6
> >> localhost loopback address (::1), and will give a
> very nice
> >> verbose
> >> output. man dig for more details.
> >
> > That is more useful, but still doesn't stifle my
> desire to stomp a potential bug in the base system.
>
> Right after sending, I realized that I did not tell you all
> of the answer....
>
> host(1) will successfully query ::1 when named is setup to
> listen on
> ::1 in named.conf, and ::1 is listed in /etc/resolv.conf (I
> just ran a
> test on my box to be sure that it works this way with the
> -6 switch)
>
> Example line from /etc/namedb/named.conf:
>
> listen-on-v6 { ::1; any; };
>
> And of course you need to restart named after the config
> change(
> /etc/rc.d/named restart)
>
> To make sure that it is listening on the IPv6 loopback
> address:
>
> netstat -anW -f inet6
>
> I do not remember the minimum version of bind (aka named)
> required for
> IPv6 off the top of my head, but I am running 9.4.2-P2 on
> my IPv6
> machine.
All of the conditions for success are true, however it fails. My DNS server software is responsing on ::1 port 53 (tcp and udp), and ::1 is the second nameserver listed in resolv.conf. Still, host -6 fails as previously stated... According to what you've said so far, this leads me to believe that it ought to work as expected, and not error out in the way I'm seeing.
Am I missing something here? Is my lack of general IPv6 knowledge causing me to blindly assume something incorrectly?
Thanks, Matt
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?218769.90655.qm>