|
DNS issues for non-IPv6 hosts
![[de]](/s/countries/de.gif) Shadow Hawkins on Saturday, 09 October 2010 12:47:58
I have a static tunnel configured on my Ubuntu Server host. The tunnel is up and running, ping6 to IPv6-enabled sites (www.heise.de, www.sixxs.net, ipv6.google.com) does work. IPv4 does also work flawlessly.
But when I did "apt-get update" apt could not update some repos (e. g. security.ubuntu.com). The displayed error was:
W: Failed to fetch http://security.ubuntu.com/ubuntu/dists/karmic-security/universe/binary-i386/Packages.gz 404 Not Found [IP: 2001:6f8:1c00:2de::2 80]
According to an nslookup security.ubuntu.com does not have an IPv6 address:
# nslookup
But when I do a "ping6 security.ubuntu.com" it gets resolved to the address of the tunnel's local endpoint. The same is true for all other hosts that do not have an IPv6 address.
I have tried using different nameservers (my own local bind, my provider's ns, and the google nameservers). There also is nothing suspicious in /etc/hosts.
I can't think of anything more to do...
set type=AAAA security.ubuntu.com Server:8.8.8.8
Address:8.8.8.8#53
Non-authoritative answer:
*** Can't find security.ubuntu.com: No answer
Authoritative answers can be found from:
ubuntu.com
origin = ns1.canonical.com
mail addr = hostmaster.canonical.com
serial = 2010100902
refresh = 10800
retry = 3600
expire = 604800
minimum = 3600
[solved] DNS issues for non-IPv6 hosts
Shadow Hawkins on Sunday, 10 October 2010 17:05:40
I did a little more digging and found the error:
I had the following two lines in my /etc/resolv.conf:
domain mydomain.tld
search mydomain.tld
My domain also has a wildcard AAAA entry in its zone, so that all subdomains get resolved to my IPv6 address.
Apparently, after being unable to resolve a domain, Linux tried appending mydomain.tld to the hostname and then got an answer, resolving that name to my endpoint, thus not falling back to IPv4.
I removed those two lines and everything is in order now. The other obvious solution would have been to remove the wildcard.
Maybe this helps someone else having the same problem.
|
Posting is only allowed when you are