SixXS::Sunset 2017-06-06

DNS issues for non-IPv6 hosts
[de] Shadow Hawkins on Saturday, 09 October 2010 12:47:58
I have a static tunnel configured on my Ubuntu Server host. The tunnel is up and running, ping6 to IPv6-enabled sites (www.heise.de, www.sixxs.net, ipv6.google.com) does work. IPv4 does also work flawlessly. But when I did "apt-get update" apt could not update some repos (e. g. security.ubuntu.com). The displayed error was:
W: Failed to fetch http://security.ubuntu.com/ubuntu/dists/karmic-security/universe/binary-i386/Packages.gz 404 Not Found [IP: 2001:6f8:1c00:2de::2 80]
According to an nslookup security.ubuntu.com does not have an IPv6 address:
# nslookup
set type=AAAA
security.ubuntu.com
Server:8.8.8.8 Address:8.8.8.8#53 Non-authoritative answer: *** Can't find security.ubuntu.com: No answer Authoritative answers can be found from: ubuntu.com origin = ns1.canonical.com mail addr = hostmaster.canonical.com serial = 2010100902 refresh = 10800 retry = 3600 expire = 604800 minimum = 3600
But when I do a "ping6 security.ubuntu.com" it gets resolved to the address of the tunnel's local endpoint. The same is true for all other hosts that do not have an IPv6 address. I have tried using different nameservers (my own local bind, my provider's ns, and the google nameservers). There also is nothing suspicious in /etc/hosts. I can't think of anything more to do...
[solved] DNS issues for non-IPv6 hosts
[de] Shadow Hawkins on Sunday, 10 October 2010 17:05:40
I did a little more digging and found the error: I had the following two lines in my /etc/resolv.conf:
domain mydomain.tld search mydomain.tld
My domain also has a wildcard AAAA entry in its zone, so that all subdomains get resolved to my IPv6 address. Apparently, after being unable to resolve a domain, Linux tried appending mydomain.tld to the hostname and then got an answer, resolving that name to my endpoint, thus not falling back to IPv4. I removed those two lines and everything is in order now. The other obvious solution would have been to remove the wildcard. Maybe this helps someone else having the same problem.

Please note Posting is only allowed when you are logged in.

Static Sunset Edition of SixXS
©2001-2017 SixXS - IPv6 Deployment & Tunnel Broker