[ale] DIG failing due to ipv6?

DJ-Pfulio DJPfulio at jdpfu.com
Wed Apr 13 11:44:26 EDT 2016


He's running Ubuntu folks. Check the dig output.

Think he just needs to blacklist the ipv6 module. I know that works.
https://askubuntu.com/questions/440649/how-to-disable-ipv6-in-ubuntu-14-04
is another method, assuming the current LTS is being used (hopefully).

Obviously, IPv4 needs to be configured correctly.

On 04/13/16 09:16, LnxGnome wrote:
> Setup getaddrinfo(3) to resolve IPv4 before IPv6, by configuring it in
> /etc/gai.conf.
> 
> If you don't have one installed by default, look under
> /usr/share/doc/glibc-common-*/gai.conf (on RHEL) for a template.
> 
> The relevant bits are...
> 
> #For sites which prefer IPv4 connections change the last line to
> precedence ::ffff:0:0/96 100
> ...
> #    For sites which use site-local IPv4 addresses behind NAT there is
> #    the problem that even if IPv4 addresses are preferred they do not
> #    have the same scope and are therefore not sorted first.  To change
> #    this use only these rules:
> #
> scopev4 ::ffff:169.254.0.0/112  2
> scopev4 ::ffff:127.0.0.0/104    2
> scopev4 ::ffff:0.0.0.0/96       14
> 
> 
> On 4/12/16 6:27 PM, Robert L. Harris wrote:
>> Ok, this is un-related to my previous IPv6 question, as this is for
>> work and we do not have IPv6 rolled out. We are trying to look up a
>> signle sign on page hosted in azure and it looks like dns is failing
>> because my bind9 is geting an IPv6 address for the dns server but
>> can't get to it to query the real DNS name.
>>
>>
>>
>> I thought I disabled IPv6 resolution and forced IPv4 only but it
>> doesn't seem to be working. Anyone have any ideas?
>>
>> {0}:/home/rharris>dig signin.company.com <http://signin.company.com>
>>
>> ; <<>> DiG 9.9.5-3ubuntu0.1-Ubuntu <<>> signin.company.com
>> <http://signin.company.com>
>> ;; global options: +cmd
>> ;; Got answer:
>> ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 41491
>> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
>>
>> ;; OPT PSEUDOSECTION:
>> ; EDNS: version: 0, flags:; udp: 4096
>> ;; QUESTION SECTION:
>> ;signin.company.com <http://signin.company.com>. IN A
>>
>> ;; Query time: 194 msec
>> ;; SERVER: 127.0.0.1#53(127.0.0.1)
>> ;; WHEN: Tue Apr 12 16:21:56 MDT 2016
>> ;; MSG SIZE rcvd: 47
>>
>>
>> {0}:/home/rharris>dnstracer signin.company.com <http://signin.company.com>
>> Tracing to signin.company.com <http://signin.company.com>[a] via
>> 127.0.0.1, maximum of 3 retries
>> 127.0.0.1 (127.0.0.1) Got answer [received type is cname]
>> |\___ prd1.azuredns-cloud.net <http://prd1.azuredns-cloud.net>
>> [azurewebsites.net <http://azurewebsites.net>]
>> (2a01:0111:2005:0005:0000:0000:0000:0005) send_data/sendto: Network is
>> unreachable
>> * send_data/sendto: Network is unreachable
>> * send_data/sendto: Network is unreachable
>> *
>> |\___ prd1.azuredns-cloud.net <http://prd1.azuredns-cloud.net>
>> [azurewebsites.net <http://azurewebsites.net>] (204.79.195.43)
>> |\___ prd4.azuredns-cloud.net <http://prd4.azuredns-cloud.net>
>> [azurewebsites.net <http://azurewebsites.net>]
>> (2a01:0111:2032:0001:0000:0000:0000:0005) send_data/sendto: Network is
>> unreachable
>> * send_data/sendto: Network is unreachable
>> * send_data/sendto: Network is unreachable
>> .


More information about the Ale mailing list