DNS issues for non-IPv6 hosts
Shadow Hawkins on Saturday, 09 October 2010 12:47:58
I have a static tunnel configured on my Ubuntu Server host. The tunnel is up and running, ping6 to IPv6-enabled sites (www.heise.de, www.sixxs.net, ipv6.google.com) does work. IPv4 does also work flawlessly.
But when I did "apt-get update" apt could not update some repos (e. g. security.ubuntu.com). The displayed error was:
W: Failed to fetch http://security.ubuntu.com/ubuntu/dists/karmic-security/universe/binary-i386/Packages.gz 404 Not Found [IP: 2001:6f8:1c00:2de::2 80]
According to an nslookup security.ubuntu.com does not have an IPv6 address:
# nslookup
But when I do a "ping6 security.ubuntu.com" it gets resolved to the address of the tunnel's local endpoint. The same is true for all other hosts that do not have an IPv6 address.
I have tried using different nameservers (my own local bind, my provider's ns, and the google nameservers). There also is nothing suspicious in /etc/hosts.
I can't think of anything more to do...
set type=AAAA security.ubuntu.com Server:8.8.8.8
Address:8.8.8.8#53
Non-authoritative answer:
*** Can't find security.ubuntu.com: No answer
Authoritative answers can be found from:
ubuntu.com
origin = ns1.canonical.com
mail addr = hostmaster.canonical.com
serial = 2010100902
refresh = 10800
retry = 3600
expire = 604800
minimum = 3600
[solved] DNS issues for non-IPv6 hosts
Shadow Hawkins on Sunday, 10 October 2010 17:05:40
I did a little more digging and found the error:
I had the following two lines in my /etc/resolv.conf:
domain mydomain.tld
search mydomain.tld
My domain also has a wildcard AAAA entry in its zone, so that all subdomains get resolved to my IPv6 address.
Apparently, after being unable to resolve a domain, Linux tried appending mydomain.tld to the hostname and then got an answer, resolving that name to my endpoint, thus not falling back to IPv4.
I removed those two lines and everything is in order now. The other obvious solution would have been to remove the wildcard.
Maybe this helps someone else having the same problem.
Posting is only allowed when you are logged in. |