Date: Wed, 09 Jan 2013 07:29:35 +0900 (JST) From: Hiroki Sato <hrs@FreeBSD.org> To: gshapiro@FreeBSD.org Cc: stable@FreeBSD.org Subject: Re: sendmail vs ipv6 broken after upgrade to 9.1 Message-ID: <20130109.072935.595111158363526981.hrs@allbsd.org> In-Reply-To: <20130108180920.GJ36633@rugsucker.smi.sendmail.com> References: <20130108151837.GF35868@acme.spoerlein.net> <20130108180920.GJ36633@rugsucker.smi.sendmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
----Security_Multipart(Wed_Jan__9_07_29_35_2013_488)--
Content-Type: Text/Plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Gregory Shapiro <gshapiro@freebsd.org> wrote
in <20130108180920.GJ36633@rugsucker.smi.sendmail.com>:
gs> > How can I unstupid sendmail here?
gs>
gs> I don't think sendmail is being stupid here as it is doing what it has
gs> been doing under 8.x and 9.1 (the code is the same). I think
gs> something changed with the upgrade to 9.1. As far as tracking it
gs> down, the sendmail code does:
gs>
gs> getipnodebyname("acme.spoerlein.net", AF_INET6, AI_DEFAULT|AI_ALL,
gs> &err);
gs>
gs> This will only return an IPv4 mapped address if:
gs>
gs> 1. There are no IPv6 addresses configured on the interfaces. How are
gs> your IPv6 addresses assigned? If auto-configured (DHCPv6, RTADV), is
gs> it possible sendmail is being started before autoconfiguration has
gs> completed? Restarting the MTA after boot and seeing if it still gets
gs> the mapped address will say whether or not this is the cause.
gs>
gs> 2. The query for an AAAA record for acme.spoerlein.net failed. This
gs> doesn't appear to be the case for dns based on your dig output
gs> (assuming you ran that dig command on the same machine that is
gs> exhibiting the problem). However, your nsswitch.conf lists hosts
gs> before dns and there have been broken name resolution implementations
gs> that, with 'hosts' listed first in nsswitch.conf have given back bad
gs> info if the first hostname match didn't have the IPv6 address. You
gs> could try switching the order in /etc/hosts to see if this helps.
gs> (Note, the broken implementation was not FreeBSD.)
Just curious, but is there any specific reason not to return an error
when Family=inet6 and no AAAA RR?
-- Hiroki
----Security_Multipart(Wed_Jan__9_07_29_35_2013_488)--
Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (FreeBSD)
iEYEABECAAYFAlDsnc8ACgkQTyzT2CeTzy22kgCfWuSZEZQzs88ndlkUd1tKOiVa
qjQAn1yo0BeZ9liBE+7X4DwYCLYjl56B
=Kqni
-----END PGP SIGNATURE-----
----Security_Multipart(Wed_Jan__9_07_29_35_2013_488)----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20130109.072935.595111158363526981.hrs>