Date: Sat, 8 Nov 2008 20:10:41 -0500 From: "David Horn" <dhorn2000@gmail.com> To: mdh_lists@yahoo.com Cc: freebsd-questions@freebsd.org Subject: Re: host -6 failure Message-ID: <25ff90d60811081710u6850be25jdc6d45631ee82af4@mail.gmail.com> In-Reply-To: <520617.80727.qm@web56803.mail.re3.yahoo.com> References: <25ff90d60811081625w397e65b0k46a48b0a493a32d2@mail.gmail.com> <520617.80727.qm@web56803.mail.re3.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Nov 8, 2008 at 7:55 PM, mdh <mdh_lists@yahoo.com> wrote: > --- On Sat, 11/8/08, David Horn <dhorn2000@gmail.com> wrote: >> From: David Horn <dhorn2000@gmail.com> >> Subject: Re: host -6 failure >> To: mdh_lists@yahoo.com >> Cc: freebsd-questions@freebsd.org >> Date: Saturday, November 8, 2008, 7:25 PM >> On Fri, Nov 7, 2008 at 2:18 PM, mdh >> <mdh_lists@yahoo.com> wrote: >> > Howdy folks, >> > I'm having a little trouble understanding a >> problem that the `host` command in RELENG_7_0 (very recent) >> is having. This is by and large my first time working with >> IPv6, which I've been meaning to learn for some time. >> First off, I've got my zone file configured to return a >> AAAA record for x1.mydomain and named isn't complaining. >> However, when I run `host -6 x1.mydomain`, host returns the >> following output: >> > >> > (root@rapier) [/etc/namedb]: host -6 x1.mydomain >> > >> /usr/src/lib/bind/isc/../../../contrib/bind9/lib/isc/unix/socket.c:1179: >> internal_send: ::ffff:127.0.0.1#53: Invalid argument >> > >> /usr/src/lib/bind/isc/../../../contrib/bind9/lib/isc/unix/socket.c:1179: >> internal_send: ::ffff:IP.IP.IP.8#53: Invalid argument >> > >> /usr/src/lib/bind/isc/../../../contrib/bind9/lib/isc/unix/socket.c:1179: >> internal_send: ::ffff:127.0.0.1#53: Invalid argument >> > >> /usr/src/lib/bind/isc/../../../contrib/bind9/lib/isc/unix/socket.c:1179: >> internal_send: ::ffff:IP.IP.IP.8#53: Invalid argument >> > ;; connection timed out; no servers could be reached >> >> The '-6' on the command line for host(1) forces an >> IPv6 only >> connection to your nameserver, not necessarily a >> "AAAA" query for the >> hostname in question. In this case, your nameservers >> listed in the >> warnings are IPv4 nameservers that host(1) is attempting to >> connect to >> using an ipv4 mapped ipv6 address (which by default is >> disabled in the >> kernel) In other words, don't use host -6 for this >> scenario. > > Yet as I pointed out, the second nameserver in my resolv.conf is ::1 - so shouldn't it work with that? It's clearly trying to contact the first and third nameservers listed. If the behavior I'm experiencing is the proper behavior, then let me pose this question: when would anyone conceivably want to use the -6 option, and why does it exist? My intent was to force a query to hit the nameserver on ::1 rather than 127.0.0.1. > >> >> Most recent versions of the host(1) command will do both >> "A" (IPv4 >> host record), and "AAAA" (IPv6 host record) >> lookups for you >> automatically. For example: >> >> host www.kame.net >> www.kame.net has address 203.178.141.194 >> www.kame.net has IPv6 address >> 2001:200:0:8002:203:47ff:fea5:3085 >> >> > >> > IP.IP.IP.8 is my ISP's DNS server, and is a third >> option just in case the localhost DNS server crashes or goes >> batty while I'm out drinking or somesuch. Here's my >> resolv.conf, which shows ::1 listed as the second nameserver >> entry - however, it seems host -6 never even tries it. >> > >> > domain mydomain >> > search mydomain >> > nameserver 127.0.0.1 >> > nameserver ::1 >> > nameserver IP.IP.IP.8 >> > >> > The DNS server running on localhost is authoritative >> for mydomain. I can ping it via localhost using both v4 and >> v6, and I can also ping the external v4 and v6 addresses >> just fine remotely. >> > >> > As I said, I'm new to IPv6, but this behavior >> seems to be counterintuitive. Am I just doing it wrong? >> > >> >> For diagnosing your own nameservers, you are better off >> using the >> dig(1) utility. >> >> Example: >> >> dig ipv6.google.com AAAA @::1 >> >> This causes a dns query for an IPv6 address (aka >> "AAAA" query) for the >> hostname of "ipv6.google.com" using the >> nameserver on the IPv6 >> localhost loopback address (::1), and will give a very nice >> verbose >> output. man dig for more details. > > That is more useful, but still doesn't stifle my desire to stomp a potential bug in the base system. Right after sending, I realized that I did not tell you all of the answer.... host(1) will successfully query ::1 when named is setup to listen on ::1 in named.conf, and ::1 is listed in /etc/resolv.conf (I just ran a test on my box to be sure that it works this way with the -6 switch) Example line from /etc/namedb/named.conf: listen-on-v6 { ::1; any; }; And of course you need to restart named after the config change( /etc/rc.d/named restart) To make sure that it is listening on the IPv6 loopback address: netstat -anW -f inet6 I do not remember the minimum version of bind (aka named) required for IPv6 off the top of my head, but I am running 9.4.2-P2 on my IPv6 machine. -_Dave > >> >> Good Luck. >> >> BTW, if you have not already setup an IPv6 tunnel to the >> internet, I >> highly recommend SixXS's (www.sixxs.net) free tunnels >> (and the >> sixxs-aiccu port), or you can look at Hurricane Electric >> (www.he.net), >> and some other tunnel brokers as well. > > Actually this system is located at HE. :) > > Thanks, > - mdh > > > > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?25ff90d60811081710u6850be25jdc6d45631ee82af4>